Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/UClpe3OLSuzjT-ThpWNQaEg3F-Y.roa
File: UClpe3OLSuzjT-ThpWNQaEg3F-Y.roa (raw, json)
Hash identifier: 9e1tuGMFAkOadpkfbLIvLgoypHevY+siUVOylWX0Oeo=
Subject key identifier: 50:29:69:7B:73:8B:4A:EC:E3:4F:E4:E1:A5:63:50:68:48:37:17:E6
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 01856D6611AC359A42F1614451A43130A687
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/UClpe3OLSuzjT-ThpWNQaEg3F-Y.roa
Signing time: Sun 01 Jan 2023 12:54:43 +0000
ROA not before: Sun 01 Jan 2023 12:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212805
IP address blocks: 212.125.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:11:ac:35:9a:42:f1:61:44:51:a4:31:30:a6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 12:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5029697b738b4aece34fe4e1a5635068483717e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:40:bc:1f:4e:b1:89:e4:e4:32:20:30:57:ae:
62:50:ab:ff:13:4b:1a:e2:55:ac:b6:b7:28:c1:ff:
4e:3f:7c:e4:b9:28:43:ea:80:fa:f8:a0:3b:5d:53:
3a:52:40:18:cb:37:b5:98:3a:b6:56:fe:6b:be:74:
b4:bc:4e:4c:a0:56:1d:3f:74:1c:e9:d1:51:cb:6a:
82:2d:31:71:27:7c:67:96:e6:d9:dc:28:47:83:f3:
52:1e:44:9d:8c:05:87:87:7d:f0:cc:8e:59:e4:e0:
94:20:8a:1e:68:f7:95:23:3f:e6:2f:a1:89:58:55:
86:60:00:cb:8f:d4:d4:e5:62:fc:31:ee:76:39:e9:
d4:1a:ff:4f:b9:ea:76:54:42:f8:5d:d3:c3:96:1f:
a3:3c:8a:76:57:09:77:f9:e5:99:63:4b:b6:4d:b7:
88:86:a2:20:52:cf:e0:5e:62:7c:e1:14:7b:f4:83:
f3:f2:1a:ea:3f:9a:26:6e:71:32:6d:f4:da:1e:f3:
e5:e3:c6:74:24:4f:37:f2:cc:5c:a4:d8:2f:2c:69:
52:e2:fc:27:58:ea:ec:26:62:46:f5:65:ac:78:e1:
06:c5:a1:7a:fe:65:f6:34:55:c3:b3:b0:56:4a:0d:
ef:c1:83:d1:d2:38:20:9c:de:4a:03:ec:cd:df:0c:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:29:69:7B:73:8B:4A:EC:E3:4F:E4:E1:A5:63:50:68:48:37:17:E6
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/UClpe3OLSuzjT-ThpWNQaEg3F-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.125.11.0/24
Signature Algorithm: sha256WithRSAEncryption
14:d1:8a:62:5d:35:24:d3:13:9b:c2:6d:5f:e8:bf:fb:92:e1:
5a:f9:57:a1:65:f4:55:19:aa:81:e0:ce:50:fd:fd:ef:0f:f2:
02:7d:c9:c5:bf:33:40:31:c1:9e:95:8c:98:e5:9f:7d:6b:66:
63:a5:96:6c:d1:d0:88:6f:40:7b:c0:97:31:67:33:c2:ed:bc:
e5:51:ea:c7:23:f3:7b:71:11:be:57:93:b2:e5:11:52:a3:88:
7a:25:61:bf:05:9c:68:20:ec:f6:99:de:06:81:37:61:c1:bf:
cf:f8:2f:41:91:3a:83:b9:f6:22:02:9f:40:b2:4e:54:e5:57:
ab:6c:e5:db:66:15:37:ad:49:46:51:a5:a4:ee:af:52:60:c9:
34:73:cd:c5:4e:11:9d:a8:b0:ff:1d:10:1e:3f:ee:0d:84:7d:
c2:f5:fb:07:56:32:b0:b6:23:0b:4c:16:bc:2a:90:fe:78:d6:
f8:3a:82:91:80:75:47:65:ea:23:5c:31:dc:a6:39:ac:b0:d4:
16:82:ad:17:9a:28:db:02:5b:f3:67:e1:95:14:04:7e:f2:db:
29:b9:6c:0f:df:2e:4c:6c:cc:96:f3:8a:80:69:e1:dd:4d:66:
47:71:13:a4:b2:d2:8d:86:0c:30:1d:fe:51:f2:14:1c:e3:c9:
90:56:34:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZhGsNZpC8WFEUaQxMKaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjMwMTAxMTI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDI5Njk3YjczOGI0YWVjZTM0ZmU0ZTFhNTYzNTA2ODQ4MzcxN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+UC8H06xieTkMiAwV65iUKv/E0sa
4lWstrcowf9OP3zkuShD6oD6+KA7XVM6UkAYyze1mDq2Vv5rvnS0vE5MoFYdP3Qc
6dFRy2qCLTFxJ3xnlubZ3ChHg/NSHkSdjAWHh33wzI5Z5OCUIIoeaPeVIz/mL6GJ
WFWGYADLj9TU5WL8Me52OenUGv9Puep2VEL4XdPDlh+jPIp2Vwl3+eWZY0u2TbeI
hqIgUs/gXmJ84RR79IPz8hrqP5ombnEybfTaHvPl48Z0JE838sxcpNgvLGlS4vwn
WOrsJmJG9WWseOEGxaF6/mX2NFXDs7BWSg3vwYPR0jggnN5KA+zN3wykNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFApaXtzi0rs40/k4aVjUGhINxfmMB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvVUNscGUzT0xTdXpqVC1UaHBXTlFhRWczRi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1H0LMA0G
CSqGSIb3DQEBCwUAA4IBAQAU0YpiXTUk0xObwm1f6L/7kuFa+VehZfRVGaqB4M5Q
/f3vD/ICfcnFvzNAMcGelYyY5Z99a2ZjpZZs0dCIb0B7wJcxZzPC7bzlUerHI/N7
cRG+V5Oy5RFSo4h6JWG/BZxoIOz2md4GgTdhwb/P+C9BkTqDufYiAp9Ask5U5Ver
bOXbZhU3rUlGUaWk7q9SYMk0c83FThGdqLD/HRAeP+4NhH3C9fsHVjKwtiMLTBa8
KpD+eNb4OoKRgHVHZeojXDHcpjmssNQWgq0XmijbAlvzZ+GVFAR+8tspuWwP3y5M
bMyW84qAaeHdTWZHcROkstKNhgwwHf5R8hQc48mQVjQ6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:39 2025 by rpki-client