Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/H1wPNYyyKQ73N2pem1ZSkDjqCrc.roa
File: H1wPNYyyKQ73N2pem1ZSkDjqCrc.roa (raw, json)
Hash identifier: K67TnmT+tyw8Ttqtx24/3MMA3qCWHBicRSGFxCZYi/I=
Subject key identifier: 1F:5C:0F:35:8C:B2:29:0E:F7:37:6A:5E:9B:56:52:90:38:EA:0A:B7
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01828216B6B1F63386271E3621B4B8219082
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/H1wPNYyyKQ73N2pem1ZSkDjqCrc.roa
Signing time: Tue 09 Aug 2022 10:11:42 +0000
ROA not before: Tue 09 Aug 2022 10:11:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 212.116.242.0/24 maxlen: 24
212.116.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:16:b6:b1:f6:33:86:27:1e:36:21:b4:b8:21:90:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 9 10:11:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f5c0f358cb2290ef7376a5e9b56529038ea0ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ae:79:6d:6c:77:fd:95:de:c1:f5:26:e3:e8:
e1:20:4c:a7:fb:f2:bf:b8:d2:77:30:81:70:c6:c8:
c7:6c:7f:d1:15:70:be:ce:6f:89:15:bb:39:12:f4:
cc:4d:25:bb:c9:0d:91:70:bd:f2:6b:5f:5b:9c:6c:
2a:a4:d5:7e:af:34:aa:6e:d8:ae:cd:c0:70:1f:13:
c5:6c:3b:cb:24:48:39:f6:3e:6c:31:14:06:b1:35:
f7:ee:f6:1a:40:86:0a:a9:88:ee:f2:53:85:54:8b:
76:70:fd:c4:e4:2b:9a:0d:de:e8:b3:35:f8:86:fa:
34:4f:54:d4:c1:1a:50:22:6e:45:4a:d6:ac:bb:f0:
77:39:8e:3a:fe:e3:2c:1e:3c:5a:df:d2:ec:b9:99:
43:ee:cd:1e:19:36:d9:09:fa:7e:7e:b6:10:7d:88:
19:97:8f:12:71:7f:6f:6c:72:1e:23:4a:7a:91:6d:
15:98:a1:e4:4c:90:7e:ac:ef:a5:d8:0a:c2:6f:ba:
7b:7a:76:4b:90:6d:b6:9a:34:42:32:9c:47:61:f1:
4e:11:10:d0:0b:77:25:e2:3f:2a:02:0f:99:57:5c:
c5:2b:6c:9f:00:06:59:18:31:ce:98:95:3c:12:9c:
c8:2e:d3:01:73:25:0c:89:02:09:f3:91:2c:5f:9a:
2d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5C:0F:35:8C:B2:29:0E:F7:37:6A:5E:9B:56:52:90:38:EA:0A:B7
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/H1wPNYyyKQ73N2pem1ZSkDjqCrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.242.0/23
Signature Algorithm: sha256WithRSAEncryption
91:c9:dd:a2:fd:63:a8:3f:e2:f6:50:2e:1d:25:dc:ce:d9:11:
dd:be:34:26:11:cb:9a:95:2c:09:11:53:94:e9:eb:a1:45:47:
d0:cd:f4:2f:13:2f:d5:a4:9c:83:49:e7:0c:4f:f7:37:92:6e:
d3:df:66:cf:3b:ae:63:36:4c:b3:80:67:cf:eb:92:4c:46:0d:
b8:40:3c:b8:8a:25:f5:4b:35:bb:db:ca:96:18:84:ac:21:63:
2f:5d:96:94:37:08:3e:2d:eb:d7:90:5b:c1:5a:e1:bd:0a:a1:
34:3d:de:68:16:ae:6c:de:26:6c:f0:cf:f5:e9:25:e2:08:fb:
86:84:ef:4b:aa:6d:a3:fd:cc:c1:48:5e:ff:99:3a:e3:92:95:
3a:ff:3f:01:30:68:14:59:79:2e:64:cc:43:c0:03:e1:ba:8f:
74:b9:9c:96:f5:7f:88:c1:95:47:f2:f0:31:bf:14:78:43:31:
57:3c:46:7e:d5:d0:63:23:1a:a0:fb:c9:ec:4c:74:42:2c:26:
84:fd:b0:5d:bf:05:0f:c0:73:be:9b:80:0f:51:ad:c7:b2:e2:
ee:97:1e:7d:4c:aa:a2:29:06:32:2e:5a:db:a8:a4:a5:18:ea:
0f:51:ed:c5:cb:3d:18:f8:5a:e6:45:b7:b8:7b:67:e3:64:f3:
7a:75:ae:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKCFrax9jOGJx42IbS4IZCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjIwODA5MTAxMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjVjMGYzNThjYjIyOTBlZjczNzZhNWU5YjU2NTI5MDM4ZWEwYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi655bWx3/ZXewfUm4+jhIEyn+/K/
uNJ3MIFwxsjHbH/RFXC+zm+JFbs5EvTMTSW7yQ2RcL3ya19bnGwqpNV+rzSqbtiu
zcBwHxPFbDvLJEg59j5sMRQGsTX37vYaQIYKqYju8lOFVIt2cP3E5CuaDd7oszX4
hvo0T1TUwRpQIm5FStasu/B3OY46/uMsHjxa39LsuZlD7s0eGTbZCfp+frYQfYgZ
l48ScX9vbHIeI0p6kW0VmKHkTJB+rO+l2ArCb7p7enZLkG22mjRCMpxHYfFOERDQ
C3cl4j8qAg+ZV1zFK2yfAAZZGDHOmJU8EpzILtMBcyUMiQIJ85EsX5otiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9cDzWMsikO9zdqXptWUpA46gq3MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvSDF3UE5ZeXlLUTczTjJwZW0xWlNrRGpxQ3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1HTyMA0G
CSqGSIb3DQEBCwUAA4IBAQCRyd2i/WOoP+L2UC4dJdzO2RHdvjQmEcualSwJEVOU
6euhRUfQzfQvEy/VpJyDSecMT/c3km7T32bPO65jNkyzgGfP65JMRg24QDy4iiX1
SzW728qWGISsIWMvXZaUNwg+LevXkFvBWuG9CqE0Pd5oFq5s3iZs8M/16SXiCPuG
hO9Lqm2j/czBSF7/mTrjkpU6/z8BMGgUWXkuZMxDwAPhuo90uZyW9X+IwZVH8vAx
vxR4QzFXPEZ+1dBjIxqg+8nsTHRCLCaE/bBdvwUPwHO+m4APUa3HsuLulx59TKqi
KQYyLlrbqKSlGOoPUe3Fyz0Y+FrmRbe4e2fjZPN6da4J
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:21 2025 by rpki-client