Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NIB7ySPr8Rl2ln-Uwq6M2ZozJQ8.roa
File: NIB7ySPr8Rl2ln-Uwq6M2ZozJQ8.roa (raw, json)
Hash identifier: EYTjgiSxbzJjK5MhuWP5jQtLbgEhLi+Frhk+GfUMfC0=
Subject key identifier: 34:80:7B:C9:23:EB:F1:19:76:96:7F:94:C2:AE:8C:D9:9A:33:25:0F
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 084E7941
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NIB7ySPr8Rl2ln-Uwq6M2ZozJQ8.roa
Signing time: Sat 01 Jan 2022 13:06:42 +0000
ROA not before: Sat 01 Jan 2022 13:06:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204275
IP address blocks: 212.87.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139360577 (0x84e7941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 13:06:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34807bc923ebf11976967f94c2ae8cd99a33250f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:e8:36:e3:b1:d9:6e:52:0b:77:4f:da:08:
6b:bb:f8:04:69:22:f7:80:f5:fe:0b:71:cd:ad:59:
38:0f:0f:a1:f5:11:f4:09:23:cb:fe:73:b8:2d:da:
79:13:da:ed:43:0b:4f:34:5e:b1:cb:d6:5d:ab:4e:
06:65:52:d9:44:bb:5b:42:59:1e:6c:23:f8:92:c9:
dc:58:c8:e2:ed:d6:3c:cb:c7:46:89:7c:4d:e4:bf:
f7:5e:5f:3e:ab:c8:8e:a7:b5:45:cb:ad:28:96:cd:
d0:88:aa:a8:10:96:4c:8f:bb:fd:b9:0f:11:c0:8e:
a5:ba:e4:5e:3a:7a:57:ba:72:93:38:b3:77:8d:c2:
84:cb:05:95:30:64:f7:b8:31:c7:a7:cf:d3:cc:71:
a3:9c:3a:19:87:c5:f8:04:74:0c:94:1a:c5:cf:17:
d4:ec:1f:68:af:15:f0:b5:5e:82:86:2e:66:f4:c1:
82:35:d9:39:5c:51:5d:2e:9c:0c:d3:c3:d5:cb:e3:
96:8b:c8:a4:7e:ff:78:e9:95:35:7b:82:6b:d9:88:
31:db:5c:55:8a:46:50:94:84:66:e8:b4:31:d7:a7:
f6:59:55:99:1f:11:fc:16:a3:7e:21:f7:44:dc:f0:
a5:5e:ad:55:db:b7:59:46:be:39:a2:95:86:20:7a:
65:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:80:7B:C9:23:EB:F1:19:76:96:7F:94:C2:AE:8C:D9:9A:33:25:0F
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NIB7ySPr8Rl2ln-Uwq6M2ZozJQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.250.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:be:4a:5a:9d:44:07:3e:60:2a:1b:9b:9e:17:99:09:b7:03:
ba:33:41:a4:b3:03:5a:d7:3f:6a:06:63:b5:75:79:1b:49:6c:
4a:d5:ab:b9:a5:5c:58:f4:f7:8a:f0:39:34:0f:c4:ed:34:52:
fd:b2:da:a0:31:52:5e:d8:c2:4e:93:35:6c:33:a0:bd:aa:8b:
1c:c0:cf:71:7a:52:17:43:26:82:78:fc:4e:29:22:6b:5f:9a:
16:6a:04:5b:34:2c:69:31:7e:7c:0f:c2:f3:92:07:ff:e6:77:
57:1c:5e:21:fd:26:92:8b:b1:de:6c:80:49:23:39:52:d6:4c:
c4:c4:0d:95:82:12:91:fe:d6:c6:ca:bf:cd:b5:78:e4:d3:a7:
c9:08:cb:8a:ad:c1:c8:90:27:e8:dd:ec:a9:4a:8d:7a:50:30:
0e:c8:57:67:4f:2c:df:65:b0:8b:57:ce:54:7a:76:49:f0:cb:
16:6a:b7:3b:f9:a8:2e:c6:0b:96:77:cd:c6:40:76:a0:f4:98:
cb:9d:60:90:6b:0e:ad:f1:ce:21:30:e0:f9:94:43:d1:6a:12:
46:21:bf:ba:f8:71:73:30:86:e7:ca:21:a4:be:98:d6:5d:7f:
0c:fd:21:c9:61:d9:99:9e:15:d8:94:59:31:6f:cc:81:ef:43:
58:62:00:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECE55QTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDJhYTk2MWI0NzdkNTQyM2Q4NWI3ZDQzZjNlZmEyNjMyNmQ3MDkwMB4XDTIyMDEw
MTEzMDY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ4MDdiYzkyM2Vi
ZjExOTc2OTY3Zjk0YzJhZThjZDk5YTMzMjUwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI846DbjsdluUgt3T9oIa7v4BGki94D1/gtxza1ZOA8PofUR
9Akjy/5zuC3aeRPa7UMLTzRescvWXatOBmVS2US7W0JZHmwj+JLJ3FjI4u3WPMvH
Rol8TeS/915fPqvIjqe1RcutKJbN0IiqqBCWTI+7/bkPEcCOpbrkXjp6V7pykziz
d43ChMsFlTBk97gxx6fP08xxo5w6GYfF+AR0DJQaxc8X1OwfaK8V8LVegoYuZvTB
gjXZOVxRXS6cDNPD1cvjlovIpH7/eOmVNXuCa9mIMdtcVYpGUJSEZui0Mden9llV
mR8R/BajfiH3RNzwpV6tVdu3WUa+OaKVhiB6ZVcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0gHvJI+vxGXaWf5TCrozZmjMlDzAfBgNVHSMEGDAWgBSwKqlhtHfVQj2F
t9Q/PvomMm1wkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NDcXBZYlIzMVVJOWhiZlVQejc2SmpKdGNKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMDE0ODRjLTVmMjgtNDJmNS1iOWVhLTA3ODdhNTAzY2E2OS8x
L05JQjd5U1ByOFJsMmxuLVV3cTZNMlpvekpROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MDE0ODRjLTVmMjgtNDJmNS1iOWVhLTA3ODdhNTAzY2E2OS8xL3NDcXBZYlIzMVVJ
OWhiZlVQejc2SmpKdGNKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdRX+jANBgkqhkiG9w0BAQsFAAOC
AQEADL5KWp1EBz5gKhubnheZCbcDujNBpLMDWtc/agZjtXV5G0lsStWruaVcWPT3
ivA5NA/E7TRS/bLaoDFSXtjCTpM1bDOgvaqLHMDPcXpSF0Mmgnj8Tikia1+aFmoE
WzQsaTF+fA/C85IH/+Z3VxxeIf0mkoux3myASSM5UtZMxMQNlYISkf7Wxsq/zbV4
5NOnyQjLiq3ByJAn6N3sqUqNelAwDshXZ08s32Wwi1fOVHp2SfDLFmq3O/moLsYL
lnfNxkB2oPSYy51gkGsOrfHOITDg+ZRD0WoSRiG/uvhxczCG58ohpL6Y1l1/DP0h
yWHZmZ4V2JRZMW/Mge9DWGIARQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-fra.rpki-client.org