Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/juPDu7XOKqzgGbKQRoGEQR0Qxlo.roa
File: juPDu7XOKqzgGbKQRoGEQR0Qxlo.roa (raw, json)
Hash identifier: beKs4IoqplvPIs692D24ClmADnCWJtHPb/DkzPgUS8w=
Subject key identifier: 8E:E3:C3:BB:B5:CE:2A:AC:E0:19:B2:90:46:81:84:41:1D:10:C6:5A
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 01882F53153308D369661D3DC39C5FDAE520
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/juPDu7XOKqzgGbKQRoGEQR0Qxlo.roa
Signing time: Thu 18 May 2023 14:45:54 +0000
ROA not before: Thu 18 May 2023 14:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 212.113.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2f:53:15:33:08:d3:69:66:1d:3d:c3:9c:5f:da:e5:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: May 18 14:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee3c3bbb5ce2aace019b290468184411d10c65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:30:6f:e1:00:4c:f0:d7:5c:62:2c:15:86:bf:
11:34:bf:2b:a6:63:5d:48:b6:4f:46:fe:07:93:4b:
80:13:6d:90:59:dd:7c:7d:9f:ce:9d:d2:5c:96:fd:
b9:dc:57:b3:e3:bb:c6:58:4e:97:d4:03:ea:25:14:
81:32:19:be:05:68:51:0b:e6:25:ad:88:99:c7:e8:
27:85:40:e1:53:c4:db:d0:91:1b:7f:a7:0f:a6:70:
ec:9f:18:7d:70:c4:38:ca:d2:b5:d4:f5:33:b9:64:
29:98:50:06:b4:e7:36:e9:59:0a:60:40:b8:cc:2f:
60:bd:18:e1:33:1a:74:ba:56:be:ed:d2:1f:85:fe:
1f:b6:d8:b1:6b:6f:86:1c:4c:f5:ba:af:fb:41:95:
16:53:0b:91:fe:96:8f:c0:d7:9f:ad:6b:4c:ec:27:
5b:c3:5b:3d:d7:f1:4b:f5:8f:71:e3:1e:52:ff:44:
88:c6:09:07:57:e1:d6:f7:f2:6f:ce:ea:46:36:46:
36:37:92:77:e2:ab:fa:47:13:89:e4:aa:3e:53:1d:
df:a5:fb:ce:46:f6:8b:8d:b7:06:1f:4c:8c:d4:b0:
9a:84:43:fa:9f:c3:67:97:fc:1e:94:b8:bf:b0:32:
c6:c8:aa:7f:c2:03:7d:4d:8a:9c:f8:c4:2d:29:a0:
0b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E3:C3:BB:B5:CE:2A:AC:E0:19:B2:90:46:81:84:41:1D:10:C6:5A
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/juPDu7XOKqzgGbKQRoGEQR0Qxlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.113.120.0/22
Signature Algorithm: sha256WithRSAEncryption
43:d0:9c:59:d0:02:d2:e5:c0:5d:0b:21:3e:c6:7a:2c:eb:53:
87:f7:48:bb:c4:f4:f6:b0:53:2f:67:14:0e:79:a9:4d:ef:53:
64:d8:5d:ed:7f:ef:47:f2:6e:43:29:f5:81:1d:bb:4f:99:25:
3d:67:7c:58:65:c6:4d:68:8f:d5:af:8e:60:64:79:b1:6b:e4:
10:db:54:af:ff:9d:47:de:15:75:f5:cc:4a:fc:7b:33:88:b2:
bf:3b:ce:87:3c:d5:1a:c9:da:c2:ff:2a:cf:72:dd:91:bc:af:
d6:6c:e4:6c:a3:ce:40:eb:11:58:d1:83:47:23:2f:3e:1c:b1:
d0:74:2b:69:cc:46:d8:0a:9b:73:87:a6:b7:46:cd:f0:4b:36:
1a:f2:ad:2d:61:75:26:5e:ab:d9:5e:3c:04:21:20:d1:0f:7b:
a6:3a:5a:af:45:42:c7:3b:16:89:78:ad:13:14:28:59:65:49:
11:56:71:3f:34:ae:6b:cf:0b:57:f1:f8:40:dc:0d:71:0a:09:
c4:82:d7:5f:6d:bc:b2:b5:7c:e2:ee:e2:5c:aa:90:d5:d9:1c:
2c:81:84:dd:23:c9:77:59:ac:d4:6a:0f:a1:f6:a9:d5:64:c7:
8b:34:c8:a6:6f:1b:97:15:ff:9f:c2:0f:52:c4:5b:77:5c:f6:
67:da:7d:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgvUxUzCNNpZh09w5xf2uUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjMwNTE4MTQ0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWUzYzNiYmI1Y2UyYWFjZTAxOWIyOTA0NjgxODQ0MTFkMTBjNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDBv4QBM8NdcYiwVhr8RNL8rpmNd
SLZPRv4Hk0uAE22QWd18fZ/OndJclv253Fez47vGWE6X1APqJRSBMhm+BWhRC+Yl
rYiZx+gnhUDhU8Tb0JEbf6cPpnDsnxh9cMQ4ytK11PUzuWQpmFAGtOc26VkKYEC4
zC9gvRjhMxp0ula+7dIfhf4fttixa2+GHEz1uq/7QZUWUwuR/paPwNefrWtM7Cdb
w1s91/FL9Y9x4x5S/0SIxgkHV+HW9/JvzupGNkY2N5J34qv6RxOJ5Ko+Ux3fpfvO
RvaLjbcGH0yM1LCahEP6n8Nnl/welLi/sDLGyKp/wgN9TYqc+MQtKaALIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7jw7u1ziqs4BmykEaBhEEdEMZaMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvanVQRHU3WE9LcXpnR2JLUVJvR0VRUjBReGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1HF4MA0G
CSqGSIb3DQEBCwUAA4IBAQBD0JxZ0ALS5cBdCyE+xnos61OH90i7xPT2sFMvZxQO
ealN71Nk2F3tf+9H8m5DKfWBHbtPmSU9Z3xYZcZNaI/Vr45gZHmxa+QQ21Sv/51H
3hV19cxK/HsziLK/O86HPNUaydrC/yrPct2RvK/WbORso85A6xFY0YNHIy8+HLHQ
dCtpzEbYCptzh6a3Rs3wSzYa8q0tYXUmXqvZXjwEISDRD3umOlqvRULHOxaJeK0T
FChZZUkRVnE/NK5rzwtX8fhA3A1xCgnEgtdfbbyytXzi7uJcqpDV2RwsgYTdI8l3
WazUag+h9qnVZMeLNMimbxuXFf+fwg9SxFt3XPZn2n04
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:33 2025 by rpki-client