Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/98lt729vIcxMoLimNnZOB8F-Mnc.roa
File: 98lt729vIcxMoLimNnZOB8F-Mnc.roa (raw, json)
Hash identifier: YI4u1HDpEnkDRQEfU36TyJ5n3i5eiLhVolDkNfiaoZg=
Subject key identifier: F7:C9:6D:EF:6F:6F:21:CC:4C:A0:B8:A6:36:76:4E:07:C1:7E:32:77
Certificate issuer: /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial: 0CDFB6A1
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/98lt729vIcxMoLimNnZOB8F-Mnc.roa
Signing time: Tue 08 Feb 2022 08:26:43 +0000
ROA not before: Tue 08 Feb 2022 08:26:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 212.124.68.0/22 maxlen: 24
212.124.72.0/22 maxlen: 24
212.124.76.0/22 maxlen: 24
212.124.86.0/24 maxlen: 24
212.124.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 215987873 (0xcdfb6a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Validity
Not Before: Feb 8 08:26:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7c96def6f6f21cc4ca0b8a636764e07c17e3277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:65:da:5d:94:b6:83:96:e6:be:4a:8a:b7:
06:3a:be:62:0d:d8:e6:50:26:3e:92:c7:2e:62:8c:
09:93:51:ad:8f:44:15:84:84:da:76:81:1e:f9:a1:
db:02:a4:ed:e1:2c:c7:99:24:e3:20:fc:40:4b:e1:
81:d5:f0:98:3d:0c:3a:42:07:70:0a:9d:40:aa:c4:
e1:19:20:71:4a:b5:34:bc:fb:bb:25:db:68:ee:d6:
1f:2c:13:9a:16:e4:cd:83:b1:fe:09:74:d2:65:61:
63:7e:9c:38:d5:58:02:9e:cf:bc:c4:ab:78:fb:de:
fe:3f:bf:91:29:1d:52:24:b2:77:33:dc:83:ec:5b:
1e:76:1d:d6:18:c8:76:18:ad:c6:65:70:57:17:d7:
67:ae:c6:27:aa:1d:ca:48:ac:74:2d:80:03:18:32:
82:f4:32:04:3a:a6:20:29:9c:28:12:e4:d6:42:c5:
79:53:cb:a1:50:db:bd:db:cf:bb:59:0d:7a:fb:63:
03:42:96:c2:fd:09:49:18:fa:db:14:4b:e6:3f:b3:
97:8e:de:b8:70:20:fb:8f:0b:e3:fe:6e:f6:30:f3:
8d:da:27:be:e2:3d:5a:b3:58:15:ce:7f:f7:77:1c:
a2:8d:d9:9b:b7:0d:c0:95:f0:ec:b9:67:5e:7f:a9:
82:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C9:6D:EF:6F:6F:21:CC:4C:A0:B8:A6:36:76:4E:07:C1:7E:32:77
X509v3 Authority Key Identifier:
keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/98lt729vIcxMoLimNnZOB8F-Mnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.124.68.0-212.124.79.255
212.124.86.0/24
212.124.92.0/24
Signature Algorithm: sha256WithRSAEncryption
11:f4:4c:ac:4c:1b:83:07:d8:6c:ac:88:3a:e3:2f:0a:04:17:
54:8b:bc:cb:c5:92:db:60:cc:d0:f3:0b:b0:b9:dd:f1:d2:8e:
80:06:53:5f:71:8f:24:64:7d:99:18:98:7d:a0:44:03:82:86:
c5:4d:62:07:92:d3:32:d7:fd:37:c1:29:7f:11:81:47:9a:f4:
4b:b0:1e:d0:5a:7b:55:d2:86:bc:0c:70:e5:47:b4:83:ba:c1:
92:cb:fd:14:08:32:45:7e:1e:d7:65:4a:c7:5e:97:c0:ac:68:
8e:1a:4e:01:bc:ca:42:f0:e0:10:ea:4f:10:d0:d5:66:74:12:
cd:03:f9:d3:6d:de:b7:cd:52:32:19:65:1d:64:05:d0:d5:ea:
5a:e8:b6:ed:f6:7c:a4:a8:8f:db:33:cb:94:ce:58:a6:8c:82:
2f:59:45:94:2a:54:71:21:5e:7b:b8:30:ec:6e:d5:bf:9d:7a:
1d:70:85:cd:ae:3a:59:60:09:60:08:2e:5b:63:42:17:82:39:
25:8c:9f:c9:77:61:60:da:e3:d4:61:26:2a:fb:2d:27:3a:a0:
c9:ff:dd:c1:43:dc:44:ba:bb:dc:00:1f:d6:24:1e:3a:b5:e3:
ac:4a:3e:16:52:99:2b:4a:51:b8:6b:f6:23:5b:8f:fd:c8:4f:
6c:85:64:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEDN+2oTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmVlMmJmNDNmMjFhODFjNDkyYzZlNmE5ZmM2ZjA3NGQyZjBhMjE3MB4XDTIyMDIw
ODA4MjY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdjOTZkZWY2ZjZm
MjFjYzRjYTBiOGE2MzY3NjRlMDdjMTdlMzI3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9uZdpdlLaDlua+Soq3Bjq+Yg3Y5lAmPpLHLmKMCZNRrY9E
FYSE2naBHvmh2wKk7eEsx5kk4yD8QEvhgdXwmD0MOkIHcAqdQKrE4RkgcUq1NLz7
uyXbaO7WHywTmhbkzYOx/gl00mVhY36cONVYAp7PvMSrePve/j+/kSkdUiSydzPc
g+xbHnYd1hjIdhitxmVwVxfXZ67GJ6odykisdC2AAxgygvQyBDqmICmcKBLk1kLF
eVPLoVDbvdvPu1kNevtjA0KWwv0JSRj62xRL5j+zl47euHAg+48L4/5u9jDzjdon
vuI9WrNYFc5/93ccoo3Zm7cNwJXw7LlnXn+pgvsCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBT3yW3vb28hzEyguKY2dk4HwX4ydzAfBgNVHSMEGDAWgBTf7iv0PyGoHEks
bmqfxvB00vCiFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMtNHI5RDhocUJ4SkxHNXFuOGJ3ZE5Md29oYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvM2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8x
Lzk4bHQ3Mjl2SWN4TW9MaW1OblpPQjhGLU1uYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
M2IzYmUwLTU0YTctNDEwZi05ZDEyLTI4ZDc4ZWI5ZjJkYy8xLzMtNHI5RDhocUJ4
SkxHNXFuOGJ3ZE5Md29oYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQC1HxEAwQE1HxAAwQA1HxWAwQA
1HxcMA0GCSqGSIb3DQEBCwUAA4IBAQAR9EysTBuDB9hsrIg64y8KBBdUi7zLxZLb
YMzQ8wuwud3x0o6ABlNfcY8kZH2ZGJh9oEQDgobFTWIHktMy1/03wSl/EYFHmvRL
sB7QWntV0oa8DHDlR7SDusGSy/0UCDJFfh7XZUrHXpfArGiOGk4BvMpC8OAQ6k8Q
0NVmdBLNA/nTbd63zVIyGWUdZAXQ1epa6Lbt9nykqI/bM8uUzlimjIIvWUWUKlRx
IV57uDDsbtW/nXodcIXNrjpZYAlgCC5bY0IXgjkljJ/Jd2Fg2uPUYSYq+y0nOqDJ
/93BQ9xEurvcAB/WJB46teOsSj4WUpkrSlG4a/YjW4/9yE9shWRx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org