Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/l-5rFg1CEmUO5FFKtLoe2_0pEEE.roa
File: l-5rFg1CEmUO5FFKtLoe2_0pEEE.roa (raw, json)
Hash identifier: UNDIrM4STRCVC9SoSZBGTJi0qLiGgI5iAHpUTaKwOwg=
Subject key identifier: 97:EE:6B:16:0D:42:12:65:0E:E4:51:4A:B4:BA:1E:DB:FD:29:10:41
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 018465C55A0ABF5DEC791C6B8412F170CF62
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/l-5rFg1CEmUO5FFKtLoe2_0pEEE.roa
Signing time: Fri 11 Nov 2022 08:19:03 +0000
ROA not before: Fri 11 Nov 2022 08:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 212.116.245.0/24 maxlen: 24
212.116.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:c5:5a:0a:bf:5d:ec:79:1c:6b:84:12:f1:70:cf:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Nov 11 08:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97ee6b160d4212650ee4514ab4ba1edbfd291041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:63:e2:f3:38:b9:b2:88:e4:72:ea:8c:df:75:
5f:af:47:93:a1:78:8d:7a:84:09:c9:2e:b7:c0:f5:
f1:2f:01:d2:f9:4e:0e:29:b5:53:ab:c7:b2:c9:91:
20:31:23:f0:78:20:01:a0:db:d6:a5:07:73:f1:7d:
19:ba:67:95:13:0a:ce:8b:6e:1c:c3:70:57:cf:09:
fe:ab:2b:c5:56:07:b0:d2:c0:66:ae:43:23:2f:80:
b5:8d:a4:ba:be:0d:69:dc:dc:06:a7:5e:27:c2:7c:
95:61:7b:b9:e3:51:ff:b0:a5:93:c8:fc:88:a3:98:
fd:1f:b1:fc:73:81:49:35:26:9c:78:25:3b:04:66:
95:df:96:69:c6:78:9f:00:e6:a2:30:3c:d4:40:fb:
44:d5:79:1c:a7:25:f8:17:94:81:d4:8c:d9:fc:66:
5f:87:6e:b3:2b:29:d6:c0:39:99:32:b6:e5:cb:8e:
27:fe:aa:fb:51:5a:1f:c4:26:6f:1c:b0:57:0b:4f:
ee:9a:6c:04:bf:a0:b9:8f:be:05:ac:43:c0:ba:e0:
ca:2c:d2:36:f2:86:d0:98:27:24:15:60:0f:ee:48:
eb:d1:24:7b:04:73:53:78:6f:9f:a1:02:33:56:3e:
14:76:ce:06:2f:2a:7b:3b:85:03:d3:0e:bb:30:3a:
60:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EE:6B:16:0D:42:12:65:0E:E4:51:4A:B4:BA:1E:DB:FD:29:10:41
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/l-5rFg1CEmUO5FFKtLoe2_0pEEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.245.0/24
212.116.252.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:c5:82:3f:50:4e:3b:84:ff:b0:fe:b5:88:fa:5f:92:33:f4:
d0:28:f4:a8:94:3d:94:db:8f:c1:11:f0:9a:cc:d2:66:e1:15:
1c:16:1f:5e:90:1d:cc:89:18:f4:e7:18:c8:51:0f:e0:cd:07:
cc:80:15:1a:2a:ae:b0:24:cf:bb:ad:f1:38:31:76:bf:6f:64:
f3:4a:c4:c4:ec:7b:03:f4:c8:6d:ef:6a:44:de:d3:3f:af:95:
25:a7:3a:67:8e:00:4d:7f:8e:92:c1:db:7e:3c:37:5f:ee:d1:
ae:97:11:47:09:76:f3:5b:66:6e:6a:02:4e:a9:28:aa:88:33:
79:16:fd:e9:3c:4f:e4:94:6d:cb:ea:ee:21:f6:33:bd:8f:59:
43:8e:63:c6:e5:43:09:3a:c2:dc:92:ed:5a:67:ab:af:d5:5a:
76:fd:b7:dd:d3:3c:43:29:ce:9a:27:c0:a9:71:bd:66:b2:86:
d7:fd:0a:90:06:b6:b6:78:6f:b7:ab:c5:c8:02:78:cc:65:21:
ed:d5:a8:8b:51:19:c5:36:f5:ac:1c:c5:38:9c:a6:6e:57:8a:
e3:e1:26:e2:6d:0c:2e:3e:6f:df:c4:d9:4b:49:e2:98:6a:dd:
78:7e:6a:a9:aa:04:6e:d2:d3:a7:c5:26:6c:bf:0b:b5:fc:4c:
db:6b:21:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRlxVoKv13seRxrhBLxcM9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjIxMTExMDgxOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VlNmIxNjBkNDIxMjY1MGVlNDUxNGFiNGJhMWVkYmZkMjkxMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2Pi8zi5sojkcuqM33Vfr0eToXiN
eoQJyS63wPXxLwHS+U4OKbVTq8eyyZEgMSPweCABoNvWpQdz8X0ZumeVEwrOi24c
w3BXzwn+qyvFVgew0sBmrkMjL4C1jaS6vg1p3NwGp14nwnyVYXu541H/sKWTyPyI
o5j9H7H8c4FJNSaceCU7BGaV35ZpxnifAOaiMDzUQPtE1XkcpyX4F5SB1IzZ/GZf
h26zKynWwDmZMrbly44n/qr7UVofxCZvHLBXC0/ummwEv6C5j74FrEPAuuDKLNI2
8obQmCckFWAP7kjr0SR7BHNTeG+foQIzVj4Uds4GLyp7O4UD0w67MDpg1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJfuaxYNQhJlDuRRSrS6Htv9KRBBMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvbC01ckZnMUNFbVVPNUZGS3RMb2UyXzBwRUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1HT1AwQC
1HT8MA0GCSqGSIb3DQEBCwUAA4IBAQDAxYI/UE47hP+w/rWI+l+SM/TQKPSolD2U
24/BEfCazNJm4RUcFh9ekB3MiRj05xjIUQ/gzQfMgBUaKq6wJM+7rfE4MXa/b2Tz
SsTE7HsD9Mht72pE3tM/r5UlpzpnjgBNf46Swdt+PDdf7tGulxFHCXbzW2ZuagJO
qSiqiDN5Fv3pPE/klG3L6u4h9jO9j1lDjmPG5UMJOsLcku1aZ6uv1Vp2/bfd0zxD
Kc6aJ8Cpcb1msobX/QqQBra2eG+3q8XIAnjMZSHt1aiLURnFNvWsHMU4nKZuV4rj
4SbibQwuPm/fxNlLSeKYat14fmqpqgRu0tOnxSZsvwu1/EzbayEM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:26 2025 by rpki-client