Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/SrN0zqG-IezqK0yjtCybLwRoPeo.roa
File: SrN0zqG-IezqK0yjtCybLwRoPeo.roa (raw, json)
Hash identifier: uKxOtn/kMPjeLCAG/gj2I2y8DgdiUTMhDtI4ZeLm5tk=
Subject key identifier: 4A:B3:74:CE:A1:BE:21:EC:EA:2B:4C:A3:B4:2C:9B:2F:04:68:3D:EA
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018451D16ED18A8EF2C5D6FEF29B755764A1
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/SrN0zqG-IezqK0yjtCybLwRoPeo.roa
Signing time: Mon 07 Nov 2022 11:19:50 +0000
ROA not before: Mon 07 Nov 2022 11:19:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 212.87.212.0/22 maxlen: 22
2.58.196.0/22 maxlen: 22
2.56.246.0/23 maxlen: 23
147.78.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:d1:6e:d1:8a:8e:f2:c5:d6:fe:f2:9b:75:57:64:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Nov 7 11:19:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ab374cea1be21ecea2b4ca3b42c9b2f04683dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f0:93:df:63:c1:89:05:18:d5:b5:4b:8d:92:
48:f9:a7:d2:1c:4c:cb:c3:d0:0e:6d:3b:bf:5d:ca:
5d:3a:39:58:55:ee:06:3c:35:46:c2:53:61:30:f4:
d4:b6:eb:1d:c2:bc:05:7d:73:38:11:cd:89:27:a8:
5a:1d:ca:67:f2:5f:f8:02:e5:e5:f4:27:68:ce:de:
02:d9:0c:b2:d8:55:fb:60:58:96:5f:49:8c:43:6d:
da:4c:cd:e9:95:2f:e1:74:06:a6:fb:b2:06:cf:b4:
04:99:91:f3:c0:e1:8d:42:dd:75:3a:b6:07:5a:5e:
24:4c:b3:76:34:81:0c:9f:c5:cb:e5:39:4a:db:20:
ee:2f:1c:1c:20:69:a8:8b:fa:75:7d:4d:4b:9f:45:
34:98:74:54:6f:a4:b6:f4:f1:07:b2:12:5d:e0:c3:
22:1e:89:4d:18:88:ea:f4:c0:d4:8f:86:5b:d2:4c:
6c:bb:25:ce:51:65:ba:17:cf:46:2b:a1:d5:fa:40:
0f:4b:1f:8d:02:68:06:a2:95:8e:f4:85:aa:28:de:
22:b1:50:f7:8c:19:96:64:ee:84:6a:6b:80:ce:c4:
63:18:27:0d:82:b8:df:1a:a0:ff:7e:ed:79:6e:59:
7d:7e:d3:1a:1e:f4:d7:b6:1f:a4:4c:98:6c:cd:87:
c1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B3:74:CE:A1:BE:21:EC:EA:2B:4C:A3:B4:2C:9B:2F:04:68:3D:EA
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/SrN0zqG-IezqK0yjtCybLwRoPeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/23
2.58.196.0/22
147.78.124.0/22
212.87.212.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:d0:b7:f0:ef:f9:71:3f:c1:54:97:2f:04:89:dd:af:ed:16:
5d:02:71:ea:3d:d7:dc:95:59:ce:6b:ab:6b:0a:54:5a:13:6b:
44:b5:96:5f:75:1f:0c:54:6b:c6:6c:ee:05:1c:34:62:b5:bf:
82:28:52:65:16:b9:39:18:86:01:b3:94:b8:af:1e:00:92:ca:
d9:f6:ee:dd:99:6e:94:b5:2d:e4:7e:99:6b:44:54:66:36:c5:
52:7d:4e:d0:4a:a8:19:6a:a4:d7:25:8f:2a:06:de:02:54:3d:
ba:d1:ab:f5:95:88:f7:7c:1c:7d:1f:d0:ea:fe:df:7a:c9:c5:
a2:dc:c3:3c:e6:ef:a2:b2:20:82:3c:3f:c0:34:4a:7f:5a:5c:
49:d1:8d:47:f2:e5:66:38:dd:0c:a2:8b:04:d2:6a:bb:34:b7:
1b:15:ae:7f:9e:54:80:3a:b5:de:89:b3:5e:eb:92:d9:ee:69:
68:f7:0b:06:54:98:77:e4:bb:e8:14:5a:d1:82:80:11:7f:e5:
b1:1b:f1:92:04:4a:7b:41:d2:6f:4c:f4:0f:5d:45:c8:8b:a8:
46:9b:c2:19:6e:f0:2b:84:16:ba:0a:b6:e6:67:1a:df:25:8c:
3b:19:65:22:2c:f6:46:2c:50:cd:74:aa:72:64:9f:54:eb:12:
44:5b:fe:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRR0W7Rio7yxdb+8pt1V2ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMTA3MTExOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWIzNzRjZWExYmUyMWVjZWEyYjRjYTNiNDJjOWIyZjA0NjgzZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/CT32PBiQUY1bVLjZJI+afSHEzL
w9AObTu/XcpdOjlYVe4GPDVGwlNhMPTUtusdwrwFfXM4Ec2JJ6haHcpn8l/4AuXl
9Cdozt4C2Qyy2FX7YFiWX0mMQ23aTM3plS/hdAam+7IGz7QEmZHzwOGNQt11OrYH
Wl4kTLN2NIEMn8XL5TlK2yDuLxwcIGmoi/p1fU1Ln0U0mHRUb6S29PEHshJd4MMi
HolNGIjq9MDUj4Zb0kxsuyXOUWW6F89GK6HV+kAPSx+NAmgGopWO9IWqKN4isVD3
jBmWZO6EamuAzsRjGCcNgrjfGqD/fu15bll9ftMaHvTXth+kTJhszYfBmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEqzdM6hviHs6itMo7Qsmy8EaD3qMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvU3JOMHpxRy1JZXpxSzB5anRDeWJMd1JvUGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjj2AwQC
AjrEAwQCk058AwQC1FfUMA0GCSqGSIb3DQEBCwUAA4IBAQAO0Lfw7/lxP8FUly8E
id2v7RZdAnHqPdfclVnOa6trClRaE2tEtZZfdR8MVGvGbO4FHDRitb+CKFJlFrk5
GIYBs5S4rx4AksrZ9u7dmW6UtS3kfplrRFRmNsVSfU7QSqgZaqTXJY8qBt4CVD26
0av1lYj3fBx9H9Dq/t96ycWi3MM85u+isiCCPD/ANEp/WlxJ0Y1H8uVmON0MoosE
0mq7NLcbFa5/nlSAOrXeibNe65LZ7mlo9wsGVJh35LvoFFrRgoARf+WxG/GSBEp7
QdJvTPQPXUXIi6hGm8IZbvArhBa6CrbmZxrfJYw7GWUiLPZGLFDNdKpyZJ9U6xJE
W/5C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org