Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/U3oHIC3BLcGvWYjb4vVxpBgyv9Y.roa
File: U3oHIC3BLcGvWYjb4vVxpBgyv9Y.roa (raw, json)
Hash identifier: PeOPcrT++lsZwIlqIybQYofkWGYXa77msXg8vZKRRfs=
Subject key identifier: 53:7A:07:20:2D:C1:2D:C1:AF:59:88:DB:E2:F5:71:A4:18:32:BF:D6
Certificate issuer: /CN=bf8c64350a0dfd68a043b221f1860b480ae352de
Certificate serial: 0184D25119F17124169ABFA38C16D78C76A7
Authority key identifier: BF:8C:64:35:0A:0D:FD:68:A0:43:B2:21:F1:86:0B:48:0A:E3:52:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4xkNQoN_WigQ7Ih8YYLSArjUt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/U3oHIC3BLcGvWYjb4vVxpBgyv9Y.roa
Signing time: Fri 02 Dec 2022 10:10:41 +0000
ROA not before: Fri 02 Dec 2022 10:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 212.23.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:51:19:f1:71:24:16:9a:bf:a3:8c:16:d7:8c:76:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf8c64350a0dfd68a043b221f1860b480ae352de
Validity
Not Before: Dec 2 10:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=537a07202dc12dc1af5988dbe2f571a41832bfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9b:bf:02:21:80:82:2b:06:95:3d:d2:96:08:
c8:3a:12:62:c0:8f:b7:45:e8:49:24:01:96:2d:0c:
84:46:a8:de:0d:70:8c:d8:95:17:ca:46:e6:20:10:
b6:d3:52:56:73:b1:cc:ba:ef:2a:bb:a6:bd:65:f6:
c2:04:d1:0b:2d:63:f5:d8:b2:2b:1c:a9:5f:31:82:
52:bb:ae:7c:0e:8e:5a:e6:e1:fd:77:6c:ae:fc:cc:
b9:90:27:03:f4:91:17:16:18:4f:6d:dc:23:88:bb:
3f:a1:a1:d0:c4:34:90:90:ac:73:28:54:02:71:29:
41:27:66:22:8e:df:10:f0:57:39:c8:6e:f9:4d:4e:
18:c0:4c:a2:9c:dd:2f:2f:56:b6:ce:68:de:92:df:
3f:d7:32:d1:13:19:32:f1:da:54:2a:02:88:65:c5:
66:b9:98:83:40:d3:44:d4:8c:fe:36:fe:fb:4a:6a:
28:5d:48:84:7e:a2:6c:3c:62:d8:f1:f0:2d:82:a9:
63:44:56:18:4c:83:68:d8:fd:34:2a:a8:ec:e2:f6:
cc:1a:99:39:d8:9c:5e:77:63:96:dd:37:a4:24:c9:
7e:36:90:7b:36:2a:3b:c0:f5:ea:21:03:b1:73:a8:
e4:d7:0f:83:92:8f:21:45:58:89:e6:12:ad:b9:7e:
53:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7A:07:20:2D:C1:2D:C1:AF:59:88:DB:E2:F5:71:A4:18:32:BF:D6
X509v3 Authority Key Identifier:
keyid:BF:8C:64:35:0A:0D:FD:68:A0:43:B2:21:F1:86:0B:48:0A:E3:52:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4xkNQoN_WigQ7Ih8YYLSArjUt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/U3oHIC3BLcGvWYjb4vVxpBgyv9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/47f768-f7a0-4500-bca7-dd919589a27f/1/v4xkNQoN_WigQ7Ih8YYLSArjUt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.205.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:52:07:51:29:02:b4:56:6e:4f:7c:d6:31:ad:9a:3b:2e:42:
e0:59:38:44:0c:3f:cf:cb:07:c1:37:dc:cd:4e:5b:cf:13:a1:
af:21:41:d2:9b:a3:90:fe:0d:50:a3:c6:7e:c5:48:4e:f1:0e:
20:82:f5:cd:b1:68:6e:1d:17:3b:c7:1c:f7:18:62:ee:59:7c:
f1:71:f7:0b:a7:0c:e2:78:f3:89:bb:c7:f8:05:65:77:3a:e6:
68:24:34:b8:46:a4:ec:cb:69:c1:8b:21:79:38:6a:bc:af:f4:
c7:50:93:19:a6:bd:79:11:8d:76:2d:f3:3e:0c:c7:48:36:b6:
91:c9:0f:7d:41:36:fe:7c:be:19:dc:82:77:03:eb:dd:6a:6a:
f3:9b:96:62:62:2b:6d:6b:0d:12:3d:8a:14:22:64:cd:50:0b:
fc:3b:a7:9a:dd:d0:37:d7:85:a6:b5:63:61:01:bf:ee:fe:70:
69:36:f0:f4:d1:20:4c:55:e8:ea:69:d0:b1:5f:a7:df:54:88:
39:f6:08:21:8c:f8:68:96:36:6f:98:74:74:3d:62:82:64:66:
6b:f3:7c:da:04:04:fb:67:93:8a:e6:d1:8e:8b:5e:7c:18:53:
bd:ec:b9:e7:55:99:76:21:9e:17:0d:0a:ff:c7:c4:bb:75:19:
82:8e:71:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTSURnxcSQWmr+jjBbXjHanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmOGM2NDM1MGEwZGZkNjhhMDQzYjIyMWYxODYwYjQ4MGFl
MzUyZGUwHhcNMjIxMjAyMTAxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzdhMDcyMDJkYzEyZGMxYWY1OTg4ZGJlMmY1NzFhNDE4MzJiZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZu/AiGAgisGlT3SlgjIOhJiwI+3
RehJJAGWLQyERqjeDXCM2JUXykbmIBC201JWc7HMuu8qu6a9ZfbCBNELLWP12LIr
HKlfMYJSu658Do5a5uH9d2yu/My5kCcD9JEXFhhPbdwjiLs/oaHQxDSQkKxzKFQC
cSlBJ2Yijt8Q8Fc5yG75TU4YwEyinN0vL1a2zmjekt8/1zLRExky8dpUKgKIZcVm
uZiDQNNE1Iz+Nv77SmooXUiEfqJsPGLY8fAtgqljRFYYTINo2P00Kqjs4vbMGpk5
2Jxed2OW3TekJMl+NpB7Nio7wPXqIQOxc6jk1w+Dko8hRViJ5hKtuX5TeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFN6ByAtwS3Br1mI2+L1caQYMr/WMB8GA1UdIwQY
MBaAFL+MZDUKDf1ooEOyIfGGC0gK41LeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjR4a05Rb05fV2lnUTdJaDhZWUxTQXJqVXQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi80N2Y3NjgtZjdhMC00NTAwLWJjYTct
ZGQ5MTk1ODlhMjdmLzEvVTNvSElDM0JMY0d2V1lqYjR2VnhwQmd5djlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi80N2Y3NjgtZjdhMC00NTAwLWJjYTctZGQ5MTk1ODlhMjdm
LzEvdjR4a05Rb05fV2lnUTdJaDhZWUxTQXJqVXQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfNMA0G
CSqGSIb3DQEBCwUAA4IBAQBPUgdRKQK0Vm5PfNYxrZo7LkLgWThEDD/PywfBN9zN
TlvPE6GvIUHSm6OQ/g1Qo8Z+xUhO8Q4ggvXNsWhuHRc7xxz3GGLuWXzxcfcLpwzi
ePOJu8f4BWV3OuZoJDS4RqTsy2nBiyF5OGq8r/THUJMZpr15EY12LfM+DMdINraR
yQ99QTb+fL4Z3IJ3A+vdamrzm5ZiYittaw0SPYoUImTNUAv8O6ea3dA314WmtWNh
Ab/u/nBpNvD00SBMVejqadCxX6ffVIg59gghjPholjZvmHR0PWKCZGZr83zaBAT7
Z5OK5tGOi158GFO97LnnVZl2IZ4XDQr/x8S7dRmCjnG3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:13 2024 by rpki-client on console-ams.rpki-client.org