Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/pBAXsXzcIiiPJF7mToFaT5yWhh8.roa
File: pBAXsXzcIiiPJF7mToFaT5yWhh8.roa (raw, json)
Hash identifier: UtSYwSAdm/xg3zEHa+o9Xb4o/fwYrWCBupxuAcwq0kE=
Subject key identifier: A4:10:17:B1:7C:DC:22:28:8F:24:5E:E6:4E:81:5A:4F:9C:96:86:1F
Certificate issuer: /CN=dd725c4d0953e7ecf46f37e14fca14fd09a12d16
Certificate serial: 024C4D57
Authority key identifier: DD:72:5C:4D:09:53:E7:EC:F4:6F:37:E1:4F:CA:14:FD:09:A1:2D:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/pBAXsXzcIiiPJF7mToFaT5yWhh8.roa
Signing time: Sat 01 Jan 2022 10:02:24 +0000
ROA not before: Sat 01 Jan 2022 10:02:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48642
IP address blocks: 213.109.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38554967 (0x24c4d57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd725c4d0953e7ecf46f37e14fca14fd09a12d16
Validity
Not Before: Jan 1 10:02:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a41017b17cdc22288f245ee64e815a4f9c96861f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:7d:50:ba:30:ad:75:52:81:ed:0c:d2:24:05:
4b:c0:73:50:81:9f:f4:d0:ce:4b:ca:af:0e:46:79:
12:35:60:5a:29:29:b1:de:ad:b1:c8:46:53:78:1a:
6d:c5:59:f2:c2:e2:be:d1:f2:66:ec:ea:60:92:eb:
21:1c:89:b3:29:f7:f7:5a:59:8a:e6:d5:6e:91:39:
aa:70:d5:d4:f0:c9:ca:b4:11:ce:88:3b:07:4e:a3:
6b:7a:78:90:17:d4:b1:7b:ee:02:cb:5e:6e:71:30:
3e:fa:8b:87:f5:97:bd:f9:0c:82:e7:d5:5a:e2:27:
45:0d:c7:e5:b5:58:e2:10:46:da:3e:17:2b:64:47:
14:ab:bf:d0:7f:7f:06:86:c7:cd:73:72:b7:7a:47:
2f:0f:2b:35:80:a9:a7:d1:12:7c:6d:81:0c:15:a5:
1e:49:7d:78:e5:30:96:b0:d7:f3:54:ab:ee:7b:22:
7e:4f:9d:2c:78:36:37:0c:08:36:94:f8:bc:d9:ad:
07:ee:30:f0:86:6b:39:af:9d:3a:22:fe:9f:4c:63:
71:bc:3e:0e:3a:89:2a:cb:a6:21:e6:b8:fb:c2:ba:
15:ea:c9:d9:aa:31:96:05:bb:84:07:e6:58:e3:d6:
ff:ea:d7:95:21:4a:31:7c:c8:80:ac:8d:45:94:5c:
2c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:10:17:B1:7C:DC:22:28:8F:24:5E:E6:4E:81:5A:4F:9C:96:86:1F
X509v3 Authority Key Identifier:
keyid:DD:72:5C:4D:09:53:E7:EC:F4:6F:37:E1:4F:CA:14:FD:09:A1:2D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3XJcTQlT5-z0bzfhT8oU_QmhLRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/pBAXsXzcIiiPJF7mToFaT5yWhh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/aaa6e3-f054-48e7-8246-8f20cb734488/1/3XJcTQlT5-z0bzfhT8oU_QmhLRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.48.0/20
Signature Algorithm: sha256WithRSAEncryption
20:7d:5b:da:59:7b:d3:7e:91:59:81:35:4a:36:60:53:8c:74:
5b:4a:18:c6:57:a5:b3:61:08:a4:7a:47:86:ed:ed:6b:41:63:
ec:0c:b6:96:0f:b0:ad:10:fc:02:2a:86:48:f4:77:6c:f0:b0:
19:2b:e6:fa:d3:b1:04:88:d0:09:3e:7f:25:81:f1:39:55:dd:
16:c6:7a:ea:22:b6:2f:5e:3f:5f:a1:04:83:d0:7d:08:d7:85:
69:fc:a1:cc:8a:cd:ee:6a:dc:bf:f6:6c:a4:50:ca:4e:d5:0b:
15:97:1b:3c:65:9d:e2:91:da:f2:42:ae:4e:2d:60:40:ae:ee:
33:b8:ea:da:fa:9f:a2:3b:bd:7b:e2:3c:20:05:d5:1d:a1:fc:
5f:a3:fc:9b:19:10:7c:bc:03:e1:84:da:82:2b:7e:51:81:8c:
80:ad:44:15:5b:44:98:b5:68:af:b1:e0:9d:96:20:c1:1c:0a:
ed:4d:39:88:e7:a7:9e:c4:9e:83:93:f0:0d:e6:21:b4:7f:8f:
0a:c7:61:dc:c6:15:cd:c5:59:42:c1:97:19:6a:a9:76:ee:39:
5a:a4:d6:84:8e:43:2c:9c:fc:e0:98:9c:57:b6:75:79:2b:a6:
71:18:02:3c:e3:02:84:6e:73:7e:cf:b6:2e:06:9b:ea:3a:b0:
28:46:18:20
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkxNVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDcyNWM0ZDA5NTNlN2VjZjQ2ZjM3ZTE0ZmNhMTRmZDA5YTEyZDE2MB4XDTIyMDEw
MTEwMDIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQxMDE3YjE3Y2Rj
MjIyODhmMjQ1ZWU2NGU4MTVhNGY5Yzk2ODYxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOx9ULowrXVSge0M0iQFS8BzUIGf9NDOS8qvDkZ5EjVgWikp
sd6tschGU3gabcVZ8sLivtHyZuzqYJLrIRyJsyn391pZiubVbpE5qnDV1PDJyrQR
zog7B06ja3p4kBfUsXvuAstebnEwPvqLh/WXvfkMgufVWuInRQ3H5bVY4hBG2j4X
K2RHFKu/0H9/BobHzXNyt3pHLw8rNYCpp9ESfG2BDBWlHkl9eOUwlrDX81Sr7nsi
fk+dLHg2NwwINpT4vNmtB+4w8IZrOa+dOiL+n0xjcbw+DjqJKsumIea4+8K6FerJ
2aoxlgW7hAfmWOPW/+rXlSFKMXzIgKyNRZRcLBkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkEBexfNwiKI8kXuZOgVpPnJaGHzAfBgNVHSMEGDAWgBTdclxNCVPn7PRv
N+FPyhT9CaEtFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNYSmNUUWxUNS16MGJ6ZmhUOG9VX1FtaExSWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvYWFhNmUzLWYwNTQtNDhlNy04MjQ2LThmMjBjYjczNDQ4OC8x
L3BCQVhzWHpjSWlpUEpGN21Ub0ZhVDV5V2hoOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
YWFhNmUzLWYwNTQtNDhlNy04MjQ2LThmMjBjYjczNDQ4OC8xLzNYSmNUUWxUNS16
MGJ6ZmhUOG9VX1FtaExSWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNVtMDANBgkqhkiG9w0BAQsFAAOC
AQEAIH1b2ll7036RWYE1SjZgU4x0W0oYxlels2EIpHpHhu3ta0Fj7Ay2lg+wrRD8
AiqGSPR3bPCwGSvm+tOxBIjQCT5/JYHxOVXdFsZ66iK2L14/X6EEg9B9CNeFafyh
zIrN7mrcv/ZspFDKTtULFZcbPGWd4pHa8kKuTi1gQK7uM7jq2vqfoju9e+I8IAXV
HaH8X6P8mxkQfLwD4YTagit+UYGMgK1EFVtEmLVor7HgnZYgwRwK7U05iOennsSe
g5PwDeYhtH+PCsdh3MYVzcVZQsGXGWqpdu45WqTWhI5DLJz84JicV7Z1eSumcRgC
POMChG5zfs+2Lgab6jqwKEYYIA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:54 2023 by rpki-client on console-fra.rpki-client.org