Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/o4X1Z1PRlH6DFueqd9AxHtSsFII.roa
File: o4X1Z1PRlH6DFueqd9AxHtSsFII.roa (raw, json)
Hash identifier: 8wgR1sVWVhRODMCVizIsAtp4PFkFXFijG/hYacwT6VQ=
Subject key identifier: A3:85:F5:67:53:D1:94:7E:83:16:E7:AA:77:D0:31:1E:D4:AC:14:82
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 084FC90C
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/o4X1Z1PRlH6DFueqd9AxHtSsFII.roa
Signing time: Sat 01 Jan 2022 13:06:42 +0000
ROA not before: Sat 01 Jan 2022 13:06:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206241
IP address blocks: 212.87.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139446540 (0x84fc90c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 13:06:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a385f56753d1947e8316e7aa77d0311ed4ac1482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1d:e5:c4:26:66:b1:5a:ee:09:60:85:e1:05:
97:ff:11:36:48:22:a7:79:f7:b2:b7:0d:80:b5:be:
9e:8b:45:d4:4e:14:b8:16:76:be:47:0a:ce:09:7e:
15:6c:76:9b:bc:5b:5f:f5:42:b6:11:b6:89:cc:ca:
81:54:b5:c3:db:96:ca:25:43:b9:0b:1b:99:10:e5:
cb:f5:5d:69:68:58:e1:b3:2e:ed:02:c9:3a:b6:d4:
8c:ee:42:c4:ac:7e:a7:14:70:1a:b2:8a:db:c1:9c:
2a:32:57:d7:db:f0:0e:9e:e8:59:7c:08:e1:17:23:
02:12:4d:94:6e:af:ad:cb:f8:e3:53:a1:1c:57:e3:
fc:74:4b:6c:a7:7e:41:b9:9b:82:b8:56:65:de:09:
13:bd:fc:dd:16:a9:a7:4f:34:00:9c:6d:a5:a6:6f:
e3:02:29:ef:96:c7:ed:46:43:6a:81:81:7f:dd:3a:
27:d7:8d:71:a1:3b:79:18:dd:b3:ac:1a:00:08:2a:
d0:37:54:81:86:3b:46:50:fd:f3:00:5b:54:ec:dd:
0b:4b:74:5b:85:97:81:86:43:ea:3e:c8:0e:2f:4a:
9a:d2:80:e2:a9:79:57:a7:95:38:49:25:37:e6:42:
5a:9e:39:8f:29:1c:96:e2:a4:9c:50:07:35:43:db:
ec:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:85:F5:67:53:D1:94:7E:83:16:E7:AA:77:D0:31:1E:D4:AC:14:82
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/o4X1Z1PRlH6DFueqd9AxHtSsFII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.254.0/23
Signature Algorithm: sha256WithRSAEncryption
16:a0:19:43:8e:4e:0a:ea:15:b3:3a:55:b1:a8:98:64:a9:3e:
cf:48:b5:5e:38:8d:c2:8a:60:2c:39:b4:7a:3b:90:e0:3a:a7:
02:b5:2a:4c:7c:75:d9:ed:af:e5:43:ed:32:b6:8e:f1:f7:0f:
36:9f:46:ff:35:51:fb:1f:8b:e0:e6:a9:8f:b4:4c:84:fc:03:
3d:64:99:9d:37:c2:dc:fd:8d:c3:07:e5:88:cb:01:9b:84:b1:
b8:14:d3:2c:03:a1:72:0e:d8:61:01:23:72:99:e2:6e:70:4e:
c4:b3:5a:70:c8:bf:62:aa:34:c9:b8:66:30:69:dc:d1:cd:2b:
b8:bd:23:9f:a2:98:3c:bc:2a:61:f8:08:85:16:ca:53:b3:33:
da:0a:89:9f:8e:db:06:15:c2:6d:f1:8e:33:8b:7b:2d:a7:f4:
6a:66:6b:5e:29:9b:29:43:30:fe:4d:3e:1e:6b:6d:7f:27:e3:
0c:0a:24:11:ad:df:11:4e:40:14:14:51:a2:b2:7d:07:be:dd:
b7:5b:65:64:59:77:5c:9e:8e:52:d5:5d:0c:be:67:1e:df:42:
4d:50:ba:09:4b:d3:4c:44:f3:8d:ff:9a:d1:55:87:5d:11:98:
8c:6f:c0:07:19:d1:db:cd:76:de:2b:c1:dc:a8:14:a4:69:5b:
22:4c:25:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECE/JDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDJhYTk2MWI0NzdkNTQyM2Q4NWI3ZDQzZjNlZmEyNjMyNmQ3MDkwMB4XDTIyMDEw
MTEzMDY0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM4NWY1Njc1M2Qx
OTQ3ZTgzMTZlN2FhNzdkMDMxMWVkNGFjMTQ4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYd5cQmZrFa7glgheEFl/8RNkgip3n3srcNgLW+notF1E4U
uBZ2vkcKzgl+FWx2m7xbX/VCthG2iczKgVS1w9uWyiVDuQsbmRDly/VdaWhY4bMu
7QLJOrbUjO5CxKx+pxRwGrKK28GcKjJX19vwDp7oWXwI4RcjAhJNlG6vrcv441Oh
HFfj/HRLbKd+QbmbgrhWZd4JE7383Rapp080AJxtpaZv4wIp75bH7UZDaoGBf906
J9eNcaE7eRjds6waAAgq0DdUgYY7RlD98wBbVOzdC0t0W4WXgYZD6j7IDi9KmtKA
4ql5V6eVOEklN+ZCWp45jykcluKknFAHNUPb7OkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjhfVnU9GUfoMW56p30DEe1KwUgjAfBgNVHSMEGDAWgBSwKqlhtHfVQj2F
t9Q/PvomMm1wkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NDcXBZYlIzMVVJOWhiZlVQejc2SmpKdGNKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMDE0ODRjLTVmMjgtNDJmNS1iOWVhLTA3ODdhNTAzY2E2OS8x
L280WDFaMVBSbEg2REZ1ZXFkOUF4SHRTc0ZJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MDE0ODRjLTVmMjgtNDJmNS1iOWVhLTA3ODdhNTAzY2E2OS8xL3NDcXBZYlIzMVVJ
OWhiZlVQejc2SmpKdGNKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdRX/jANBgkqhkiG9w0BAQsFAAOC
AQEAFqAZQ45OCuoVszpVsaiYZKk+z0i1XjiNwopgLDm0ejuQ4DqnArUqTHx12e2v
5UPtMraO8fcPNp9G/zVR+x+L4Oapj7RMhPwDPWSZnTfC3P2NwwfliMsBm4SxuBTT
LAOhcg7YYQEjcpnibnBOxLNacMi/Yqo0ybhmMGnc0c0ruL0jn6KYPLwqYfgIhRbK
U7Mz2gqJn47bBhXCbfGOM4t7Laf0amZrXimbKUMw/k0+HmttfyfjDAokEa3fEU5A
FBRRorJ9B77dt1tlZFl3XJ6OUtVdDL5nHt9CTVC6CUvTTETzjf+a0VWHXRGYjG/A
BxnR28123ivB3KgUpGlbIkwlgw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:09 2025 by rpki-client