Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/JIL9tu9Bkk87-TIn_uKZS8CqI-0.roa
File: JIL9tu9Bkk87-TIn_uKZS8CqI-0.roa (raw, json)
Hash identifier: l6r5sgrHqc4eoaOBJ7UgFWdIF1dqqUOKnWf+BL0JCWA=
Subject key identifier: 24:82:FD:B6:EF:41:92:4F:3B:F9:32:27:FE:E2:99:4B:C0:AA:23:ED
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 0186A2D89A28AF6EAB8ED67229FDE4C58A76
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/JIL9tu9Bkk87-TIn_uKZS8CqI-0.roa
Signing time: Thu 02 Mar 2023 15:02:29 +0000
ROA not before: Thu 02 Mar 2023 15:02:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 212.113.118.0/24 maxlen: 24
212.113.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:d8:9a:28:af:6e:ab:8e:d6:72:29:fd:e4:c5:8a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Mar 2 15:02:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2482fdb6ef41924f3bf93227fee2994bc0aa23ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8b:9f:66:23:13:d7:17:7d:19:f1:8a:ea:c0:
4c:02:b0:5a:ba:67:20:2e:6e:93:82:c3:b3:d6:eb:
16:c2:3d:f6:fd:1d:9e:83:33:52:40:75:5c:4d:5d:
76:2c:57:4b:d5:0c:4c:62:72:7b:15:25:ce:87:8d:
b0:cc:77:5e:4a:55:9d:d8:be:d2:12:e0:73:c9:15:
6a:06:90:96:10:7c:00:22:f2:93:69:d6:e2:da:a0:
38:c4:03:16:d0:bc:28:7f:62:0c:07:22:9f:4b:eb:
63:26:96:b6:26:56:7b:86:ea:66:73:79:78:64:ab:
54:b8:82:b2:5e:42:da:ff:65:cc:ea:63:ae:00:44:
7e:59:39:f6:e1:1b:f6:23:6d:8d:2c:44:94:3e:42:
e4:08:be:a4:21:2e:58:59:3a:dd:13:46:5e:02:c5:
d4:cf:84:11:29:5d:a7:da:37:ae:d5:6a:e8:c3:d5:
b2:7f:b4:64:97:98:95:6d:c7:16:75:78:96:cc:c7:
a8:c4:a8:db:8c:8c:a8:aa:ff:7c:c6:75:64:b0:7c:
1f:5e:10:7b:50:91:79:a5:3a:34:5e:c8:c3:7b:3a:
08:25:b5:83:01:02:80:e8:fb:4d:90:b9:4d:2d:7e:
83:cf:d1:60:69:e7:df:a6:df:70:f2:e0:ee:ce:66:
4b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:82:FD:B6:EF:41:92:4F:3B:F9:32:27:FE:E2:99:4B:C0:AA:23:ED
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/JIL9tu9Bkk87-TIn_uKZS8CqI-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.116.0/24
212.113.118.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0e:e5:da:48:42:d1:63:50:be:ec:4d:72:3f:e6:d7:76:d8:
9d:80:bb:aa:e3:37:be:56:8e:49:63:21:7f:91:a3:3b:7e:76:
b2:a2:ca:72:38:7b:a6:20:31:ad:77:ff:55:e1:79:84:cd:e8:
af:a3:58:09:d4:02:20:21:04:25:4e:c2:84:e6:cf:ae:7e:a0:
f8:05:7a:10:28:b5:29:26:0e:3e:04:90:a0:16:a5:47:8a:45:
26:c8:8c:db:8c:8b:98:6b:24:04:0d:6b:df:ae:b5:52:c6:61:
e4:50:b4:30:c9:07:a0:49:45:00:16:e8:9e:f2:dd:94:ed:74:
01:bb:f5:8b:9a:20:42:72:74:6b:50:b9:c4:b1:f6:ac:51:f8:
2e:9c:45:37:d1:79:e5:ef:00:d8:7d:c1:47:a2:d7:5d:05:e4:
9f:f2:a8:d9:fd:6f:39:e3:66:96:42:a6:1d:58:52:e0:72:eb:
83:67:40:0a:d0:db:e3:7e:30:d8:3f:60:c7:51:aa:11:31:28:
57:50:ed:7e:c8:db:25:26:a7:ef:1f:07:a1:e2:67:51:5c:61:
9d:83:25:53:82:21:9f:42:1e:b8:d6:60:f8:39:02:56:46:a9:
fa:f2:e9:49:30:25:c2:0f:70:ee:d0:21:a2:ce:ae:53:3e:d4:
85:e8:8a:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYai2Joor26rjtZyKf3kxYp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwMzAyMTUwMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDgyZmRiNmVmNDE5MjRmM2JmOTMyMjdmZWUyOTk0YmMwYWEyM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IufZiMT1xd9GfGK6sBMArBaumcg
Lm6TgsOz1usWwj32/R2egzNSQHVcTV12LFdL1QxMYnJ7FSXOh42wzHdeSlWd2L7S
EuBzyRVqBpCWEHwAIvKTadbi2qA4xAMW0Lwof2IMByKfS+tjJpa2JlZ7hupmc3l4
ZKtUuIKyXkLa/2XM6mOuAER+WTn24Rv2I22NLESUPkLkCL6kIS5YWTrdE0ZeAsXU
z4QRKV2n2jeu1Wrow9Wyf7Rkl5iVbccWdXiWzMeoxKjbjIyoqv98xnVksHwfXhB7
UJF5pTo0XsjDezoIJbWDAQKA6PtNkLlNLX6Dz9Fgaeffpt9w8uDuzmZLVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCSC/bbvQZJPO/kyJ/7imUvAqiPtMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvSklMOXR1OUJrazg3LVRJbl91S1pTOENxSS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HF0AwQA
1HF2MA0GCSqGSIb3DQEBCwUAA4IBAQAcDuXaSELRY1C+7E1yP+bXdtidgLuq4ze+
Vo5JYyF/kaM7fnayospyOHumIDGtd/9V4XmEzeivo1gJ1AIgIQQlTsKE5s+ufqD4
BXoQKLUpJg4+BJCgFqVHikUmyIzbjIuYayQEDWvfrrVSxmHkULQwyQegSUUAFuie
8t2U7XQBu/WLmiBCcnRrULnEsfasUfgunEU30Xnl7wDYfcFHotddBeSf8qjZ/W85
42aWQqYdWFLgcuuDZ0AK0NvjfjDYP2DHUaoRMShXUO1+yNslJqfvHweh4mdRXGGd
gyVTgiGfQh641mD4OQJWRqn68ulJMCXCD3Du0CGizq5TPtSF6Irh
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:17:54 2025 by rpki-client