Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/za1N8XmZZDx0c4sVRAhivc5nD1E.roa
File: za1N8XmZZDx0c4sVRAhivc5nD1E.roa (raw, json)
Hash identifier: u7VGErjw1NEnv5WzVmby4joOBVQnWeuv/wVdQVxQaDg=
Subject key identifier: CD:AD:4D:F1:79:99:64:3C:74:73:8B:15:44:08:62:BD:CE:67:0F:51
Certificate issuer: /CN=ec9c685cf6671cc656f92e764557a38378f2827c
Certificate serial: 018A6F710C45F28B902443EEB823CB3BDAC7
Authority key identifier: EC:9C:68:5C:F6:67:1C:C6:56:F9:2E:76:45:57:A3:83:78:F2:82:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JxoXPZnHMZW-S52RVejg3jygnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/za1N8XmZZDx0c4sVRAhivc5nD1E.roa
Signing time: Thu 07 Sep 2023 11:39:54 +0000
ROA not before: Thu 07 Sep 2023 11:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 212.114.32.0/21 maxlen: 21
2a00:9300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:71:0c:45:f2:8b:90:24:43:ee:b8:23:cb:3b:da:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9c685cf6671cc656f92e764557a38378f2827c
Validity
Not Before: Sep 7 11:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdad4df17999643c74738b15440862bdce670f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e5:fd:be:3a:cf:97:dc:70:66:12:4d:9e:fe:
17:60:bb:c0:14:35:96:97:cc:08:2d:40:72:90:de:
72:de:86:77:09:23:de:f4:dd:c3:38:bb:0e:73:35:
ec:11:d6:61:bc:3f:9f:68:99:37:a7:d9:44:5a:27:
1d:da:6b:a7:83:60:ca:6b:23:07:97:5e:75:a3:7d:
1c:bd:3d:26:96:2a:2f:b5:35:e9:25:f6:9b:2d:a8:
b1:cc:16:b3:60:c5:65:19:7c:ae:4b:b9:94:75:a9:
02:35:7e:e0:01:79:c9:95:49:ec:08:89:02:00:9d:
09:29:b0:01:b9:a8:d6:fa:cc:48:da:24:e8:e9:9a:
41:a7:6d:41:d9:56:18:c3:ef:51:9d:5c:c1:ba:6a:
a6:0c:72:79:06:f6:aa:86:60:ec:cf:b3:a8:9a:c8:
41:04:95:08:09:d3:7b:2a:65:05:b7:c6:28:6e:3b:
d5:fe:1c:bb:29:2d:b7:b7:c7:c7:c7:85:61:e7:cc:
7a:da:20:e9:59:1d:b4:50:8b:43:07:a4:50:bf:6f:
67:13:54:5d:d9:1c:a1:b9:d7:1e:81:df:b9:8b:b0:
69:e8:2c:c3:90:89:0b:51:5a:6f:78:89:91:46:39:
48:4e:45:05:0c:93:67:33:3d:9d:04:f0:f7:7f:61:
a3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AD:4D:F1:79:99:64:3C:74:73:8B:15:44:08:62:BD:CE:67:0F:51
X509v3 Authority Key Identifier:
keyid:EC:9C:68:5C:F6:67:1C:C6:56:F9:2E:76:45:57:A3:83:78:F2:82:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JxoXPZnHMZW-S52RVejg3jygnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/za1N8XmZZDx0c4sVRAhivc5nD1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e9b56e-3b5b-43b1-8bb5-bab48dab4cd6/1/7JxoXPZnHMZW-S52RVejg3jygnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.114.32.0/21
IPv6:
2a00:9300::/32
Signature Algorithm: sha256WithRSAEncryption
af:27:43:4b:e6:77:f5:79:d9:73:2e:8b:54:a8:95:43:45:b8:
75:82:74:b1:88:d6:b5:8d:06:66:62:4e:24:6a:7c:6b:39:a7:
a9:0f:47:fd:d6:e1:11:1c:df:6c:90:de:bd:b3:19:95:b2:67:
9c:52:9a:ec:76:1a:4f:b5:a0:a1:e2:02:e4:37:9a:82:5c:68:
25:af:7a:2e:b6:bb:5f:fe:5d:77:7a:43:65:9d:03:f4:62:88:
ce:c9:bb:3a:87:37:d3:04:12:22:88:db:04:8a:4b:32:e2:ed:
2a:02:4f:9b:87:aa:3c:3c:bb:98:f6:52:0c:84:b0:dd:4d:bb:
a2:30:08:f6:e1:61:10:e2:2f:73:09:bb:df:18:bb:4e:e9:0d:
d8:51:ee:e4:ba:1c:b6:a4:e3:09:7a:9b:95:3f:25:de:df:de:
12:eb:9a:93:90:84:df:0d:d1:16:e9:37:2e:5e:3c:19:47:fa:
4a:b2:69:60:6e:e0:cd:39:88:67:94:ef:6c:87:56:e1:ed:f3:
94:f3:48:f7:69:89:da:68:2f:0c:7c:02:e4:56:ac:eb:51:12:
e2:5a:67:12:f0:e5:c3:f6:79:79:2d:6f:cd:d3:ff:da:75:d7:
ee:9d:17:b1:b7:f7:8f:23:ef:9a:c3:cb:ed:d8:3b:c9:d3:33:
4d:81:87:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpvcQxF8ouQJEPuuCPLO9rHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWM2ODVjZjY2NzFjYzY1NmY5MmU3NjQ1NTdhMzgzNzhm
MjgyN2MwHhcNMjMwOTA3MTEzOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFkNGRmMTc5OTk2NDNjNzQ3MzhiMTU0NDA4NjJiZGNlNjcwZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uX9vjrPl9xwZhJNnv4XYLvAFDWW
l8wILUBykN5y3oZ3CSPe9N3DOLsOczXsEdZhvD+faJk3p9lEWicd2mung2DKayMH
l151o30cvT0mliovtTXpJfabLaixzBazYMVlGXyuS7mUdakCNX7gAXnJlUnsCIkC
AJ0JKbABuajW+sxI2iTo6ZpBp21B2VYYw+9RnVzBumqmDHJ5BvaqhmDsz7OomshB
BJUICdN7KmUFt8YobjvV/hy7KS23t8fHx4Vh58x62iDpWR20UItDB6RQv29nE1Rd
2Ryhudcegd+5i7Bp6CzDkIkLUVpveImRRjlITkUFDJNnMz2dBPD3f2GjMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM2tTfF5mWQ8dHOLFUQIYr3OZw9RMB8GA1UdIwQY
MBaAFOycaFz2ZxzGVvkudkVXo4N48oJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0p4b1hQWm5ITVpXLVM1MlJWZWpnM2p5Z253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lOWI1NmUtM2I1Yi00M2IxLThiYjUt
YmFiNDhkYWI0Y2Q2LzEvemExTjhYbVpaRHgwYzRzVlJBaGl2YzVuRDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lOWI1NmUtM2I1Yi00M2IxLThiYjUtYmFiNDhkYWI0Y2Q2
LzEvN0p4b1hQWm5ITVpXLVM1MlJWZWpnM2p5Z253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQD1HIgMA0E
AgACMAcDBQAqAJMAMA0GCSqGSIb3DQEBCwUAA4IBAQCvJ0NL5nf1edlzLotUqJVD
Rbh1gnSxiNa1jQZmYk4kanxrOaepD0f91uERHN9skN69sxmVsmecUprsdhpPtaCh
4gLkN5qCXGglr3outrtf/l13ekNlnQP0YojOybs6hzfTBBIiiNsEiksy4u0qAk+b
h6o8PLuY9lIMhLDdTbuiMAj24WEQ4i9zCbvfGLtO6Q3YUe7kuhy2pOMJepuVPyXe
394S65qTkITfDdEW6TcuXjwZR/pKsmlgbuDNOYhnlO9sh1bh7fOU80j3aYnaaC8M
fALkVqzrURLiWmcS8OXD9nl5LW/N0//addfunRext/ePI++aw8vt2DvJ0zNNgYde
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:26:51 2025 by rpki-client