Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/1lYcgpyrRixulP3Sjo52Czd4pnk.roa
File: 1lYcgpyrRixulP3Sjo52Czd4pnk.roa (raw, json)
Hash identifier: S0GjU0CBFR2Vfk0yjJBj72CTcHAlZdGIG0CSt4/dhBU=
Subject key identifier: D6:56:1C:82:9C:AB:46:2C:6E:94:FD:D2:8E:8E:76:0B:37:78:A6:79
Certificate issuer: /CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Certificate serial: 09019412
Authority key identifier: 20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/1lYcgpyrRixulP3Sjo52Czd4pnk.roa
Signing time: Sat 01 Jan 2022 02:52:32 +0000
ROA not before: Sat 01 Jan 2022 02:52:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35179
IP address blocks: 212.127.78.0/24 maxlen: 24
212.127.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151098386 (0x9019412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=202f4c1a37e9313cdd2eea7750ae028d18cd5aae
Validity
Not Before: Jan 1 02:52:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6561c829cab462c6e94fdd28e8e760b3778a679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:07:e7:40:fe:74:0b:b0:9a:19:81:45:e3:a7:
75:a6:39:b3:dd:aa:be:ee:63:f6:60:40:ec:e9:91:
60:8b:b7:c1:8b:d7:19:c6:c7:6d:3a:c5:2a:08:42:
b9:8c:7d:ac:c2:5e:fb:c0:5d:34:a9:cf:00:d9:c1:
9e:e2:5f:47:6e:4f:34:83:33:98:d5:63:61:32:fe:
de:9a:fc:97:32:1b:3f:ce:de:5d:e3:78:59:22:85:
de:16:b3:07:e3:89:cc:56:17:78:2e:f1:85:d7:31:
be:33:47:c9:b5:d1:e5:8c:ad:fb:43:5d:2c:a4:62:
0b:90:16:8b:fc:51:ee:b6:7d:86:14:a6:a2:b8:74:
d1:6c:ed:b7:86:e1:71:c6:8f:8b:45:4d:03:ec:8b:
cb:8a:7e:5e:33:48:18:bf:98:31:c0:40:5f:38:8d:
89:6f:90:c7:c5:d2:a1:79:3d:de:8a:08:3a:a9:c7:
7e:fa:97:a3:0a:dc:c7:cd:8b:c4:53:be:8b:f9:4c:
c2:6f:64:0c:32:0c:9c:38:f2:7b:fc:92:a0:ae:d7:
4a:34:26:29:f9:23:b5:49:2d:75:1a:8e:e5:b6:5f:
78:7c:84:b4:7c:37:a9:ba:2e:7e:a1:2e:b1:32:e7:
66:58:b5:2f:f5:48:01:72:b7:ac:ad:0f:2f:1d:df:
03:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:56:1C:82:9C:AB:46:2C:6E:94:FD:D2:8E:8E:76:0B:37:78:A6:79
X509v3 Authority Key Identifier:
keyid:20:2F:4C:1A:37:E9:31:3C:DD:2E:EA:77:50:AE:02:8D:18:CD:5A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IC9MGjfpMTzdLup3UK4CjRjNWq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/1lYcgpyrRixulP3Sjo52Czd4pnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/edb8cd-003d-483a-906a-f6b78e2b17a1/1/IC9MGjfpMTzdLup3UK4CjRjNWq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.127.78.0/24
212.127.88.0/21
Signature Algorithm: sha256WithRSAEncryption
69:9a:ca:34:da:b8:db:e0:8c:c2:5b:67:25:f9:9c:ed:1d:92:
16:1f:2b:05:01:16:81:bb:22:95:44:36:d3:80:8c:ac:5a:60:
8f:69:9a:0a:e5:64:42:ea:45:18:5d:f8:ce:87:98:5b:69:4b:
63:a7:63:97:2c:ba:0b:8d:83:b9:38:ec:30:d5:62:af:c7:b2:
71:57:79:c4:37:f8:41:c8:68:5d:5c:56:6f:e0:84:89:4e:2a:
a2:ac:2b:dd:0e:a7:7a:63:76:57:ed:73:a8:f4:87:eb:73:76:
44:c3:ad:54:36:bb:1d:a0:50:84:7a:bb:77:85:f8:9b:77:f8:
7e:c5:57:01:03:79:c1:24:aa:36:5c:62:cd:e9:bc:6f:ee:16:
1b:b7:9d:b5:ec:31:89:db:b0:d4:7c:0c:ef:12:f2:19:f4:43:
f5:a7:1b:9c:d3:cf:91:63:16:67:9a:29:19:e1:4b:4b:e8:1f:
2d:a4:f4:82:1e:dd:2b:c0:09:e8:ba:4e:27:5e:63:73:59:e4:
fb:a2:95:b2:a6:82:c0:62:24:29:9c:9b:70:6a:95:15:32:4c:
38:9f:5e:ce:8f:95:fd:fc:eb:df:74:30:48:72:37:37:0f:2c:
5d:1e:03:d6:c9:ed:18:fd:89:88:12:45:b3:b1:dd:3c:93:f6:
1b:14:ea:7a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECQGUEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDJmNGMxYTM3ZTkzMTNjZGQyZWVhNzc1MGFlMDI4ZDE4Y2Q1YWFlMB4XDTIyMDEw
MTAyNTIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY1NjFjODI5Y2Fi
NDYyYzZlOTRmZGQyOGU4ZTc2MGIzNzc4YTY3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQH50D+dAuwmhmBReOndaY5s92qvu5j9mBA7OmRYIu3wYvX
GcbHbTrFKghCuYx9rMJe+8BdNKnPANnBnuJfR25PNIMzmNVjYTL+3pr8lzIbP87e
XeN4WSKF3hazB+OJzFYXeC7xhdcxvjNHybXR5Yyt+0NdLKRiC5AWi/xR7rZ9hhSm
orh00Wztt4bhccaPi0VNA+yLy4p+XjNIGL+YMcBAXziNiW+Qx8XSoXk93ooIOqnH
fvqXowrcx82LxFO+i/lMwm9kDDIMnDjye/ySoK7XSjQmKfkjtUktdRqO5bZfeHyE
tHw3qboufqEusTLnZli1L/VIAXK3rK0PLx3fA+sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTWVhyCnKtGLG6U/dKOjnYLN3imeTAfBgNVHSMEGDAWgBQgL0waN+kxPN0u
6ndQrgKNGM1arjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lDOU1HamZwTVR6ZEx1cDNVSzRDalJqTldxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvZWRiOGNkLTAwM2QtNDgzYS05MDZhLWY2Yjc4ZTJiMTdhMS8x
LzFsWWNncHlyUml4dWxQM1NqbzUyQ3pkNHBuay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
ZWRiOGNkLTAwM2QtNDgzYS05MDZhLWY2Yjc4ZTJiMTdhMS8xL0lDOU1HamZwTVR6
ZEx1cDNVSzRDalJqTldxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANR/TgMEA9R/WDANBgkqhkiG9w0B
AQsFAAOCAQEAaZrKNNq42+CMwltnJfmc7R2SFh8rBQEWgbsilUQ204CMrFpgj2ma
CuVkQupFGF34zoeYW2lLY6djlyy6C42DuTjsMNVir8eycVd5xDf4QchoXVxWb+CE
iU4qoqwr3Q6nemN2V+1zqPSH63N2RMOtVDa7HaBQhHq7d4X4m3f4fsVXAQN5wSSq
Nlxizem8b+4WG7edtewxiduw1HwM7xLyGfRD9acbnNPPkWMWZ5opGeFLS+gfLaT0
gh7dK8AJ6LpOJ15jc1nk+6KVsqaCwGIkKZybcGqVFTJMOJ9ezo+V/fzr33QwSHI3
Nw8sXR4D1sntGP2JiBJFs7HdPJP2GxTqeg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:46 2023 by rpki-client on console-ams.rpki-client.org