Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/YgnX-BAC5RKp1hx0B2Tm55PdlwQ.roa
File: YgnX-BAC5RKp1hx0B2Tm55PdlwQ.roa (raw, json)
Hash identifier: 52ItWFjd8AV7yN+CN5eJq/f+6/ABCpnNyuxk7Y/chFo=
Subject key identifier: 62:09:D7:F8:10:02:E5:12:A9:D6:1C:74:07:64:E6:E7:93:DD:97:04
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1C37FFB4
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/YgnX-BAC5RKp1hx0B2Tm55PdlwQ.roa
Signing time: Sat 01 Jan 2022 07:55:35 +0000
ROA not before: Sat 01 Jan 2022 07:55:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12687
IP address blocks: 212.111.206.0/24 maxlen: 24
212.111.205.0/24 maxlen: 24
212.111.201.0/24 maxlen: 24
212.111.200.0/23 maxlen: 24
212.111.213.0/24 maxlen: 24
212.111.212.0/23 maxlen: 23
212.111.208.0/22 maxlen: 22
212.111.192.0/19 maxlen: 24
212.111.192.0/20 maxlen: 24
212.111.199.0/24 maxlen: 24
212.111.198.0/24 maxlen: 24
2a01:5c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473431988 (0x1c37ffb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 1 07:55:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6209d7f81002e512a9d61c740764e6e793dd9704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9c:21:39:8d:9b:40:41:ad:56:2b:23:60:ae:
10:56:f6:80:18:d4:8c:8a:17:c7:da:2b:12:b2:20:
4b:7f:02:d8:36:46:22:02:ae:b3:3b:09:71:23:3a:
38:a3:a8:e6:a5:fb:6d:9e:1c:7e:91:b2:ae:7b:be:
28:43:27:4b:63:be:2b:ea:a2:c8:62:3b:31:d8:23:
bc:5a:7a:3c:9a:e9:a6:5b:b4:48:81:39:90:23:41:
28:96:76:7e:06:5d:b4:d3:59:21:4b:a7:8d:73:fa:
b8:e5:67:18:03:f6:c6:14:41:0d:ce:ab:68:8e:bd:
1a:05:c7:ac:ce:b8:3a:ae:cf:1a:31:4b:da:1e:f1:
dd:c6:e5:2e:46:4b:5f:70:46:33:e1:93:70:1d:c8:
5f:25:bd:cc:81:3e:39:c6:ba:b9:90:c9:2e:70:6c:
f1:9e:3d:db:dd:56:78:9f:e5:14:77:cc:7c:62:fa:
39:dd:50:e0:8d:e9:21:a2:f0:5b:35:25:63:51:4d:
81:8a:fe:e7:ef:72:5b:ea:3c:4c:12:45:3f:95:1a:
78:7a:bb:71:6e:fd:5f:b9:59:3d:88:ec:c5:54:89:
5d:4e:d1:85:f6:54:e1:58:6a:d2:7e:58:f3:07:57:
57:b5:0b:b2:02:46:32:a0:03:e5:5b:08:c9:0f:0e:
9f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:09:D7:F8:10:02:E5:12:A9:D6:1C:74:07:64:E6:E7:93:DD:97:04
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/YgnX-BAC5RKp1hx0B2Tm55PdlwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.192.0/19
IPv6:
2a01:5c40::/32
Signature Algorithm: sha256WithRSAEncryption
b4:37:fc:83:88:a2:cc:14:e7:ac:a4:69:1c:5e:09:d6:4d:94:
f9:f1:80:e0:0f:b5:80:c0:3a:04:7b:e6:13:a8:33:36:1e:2b:
65:b2:e1:99:b9:00:fd:68:79:10:65:42:c3:4d:83:97:c3:dd:
14:33:42:52:35:ae:82:03:1a:d8:6a:83:aa:96:87:af:bc:db:
76:fe:a2:45:61:f2:76:4c:0f:11:79:b2:b3:71:3d:0e:2c:4f:
61:5a:69:7a:85:50:6e:5c:85:32:4e:91:26:12:12:79:82:b0:
a2:a8:23:07:26:9a:30:fa:56:b2:64:a8:63:55:85:dc:e7:4e:
98:84:b9:af:72:1f:0b:c4:bb:40:96:e1:4e:00:a6:fd:e0:08:
15:6a:48:06:4e:a7:7a:b8:f1:f0:ae:3d:51:04:e4:40:c0:6e:
25:85:70:bc:fb:7f:14:bb:66:83:75:96:14:ba:40:3f:ae:ce:
7f:1a:1e:96:1e:ff:95:16:8b:8a:45:c1:73:86:6e:0f:7e:56:
b3:48:5c:06:1c:bb:4a:f5:7e:6c:85:12:89:d4:58:ac:b8:17:
c6:d4:8f:40:0f:8f:f2:eb:0b:ce:8b:aa:ac:53:32:de:75:7d:
26:66:78:64:f0:cb:62:89:37:73:b6:8f:54:8f:a5:3d:58:70:
77:f2:02:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHDf/tDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDEw
MTA3NTUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIwOWQ3ZjgxMDAy
ZTUxMmE5ZDYxYzc0MDc2NGU2ZTc5M2RkOTcwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKecITmNm0BBrVYrI2CuEFb2gBjUjIoXx9orErIgS38C2DZG
IgKuszsJcSM6OKOo5qX7bZ4cfpGyrnu+KEMnS2O+K+qiyGI7MdgjvFp6PJrpplu0
SIE5kCNBKJZ2fgZdtNNZIUunjXP6uOVnGAP2xhRBDc6raI69GgXHrM64Oq7PGjFL
2h7x3cblLkZLX3BGM+GTcB3IXyW9zIE+Oca6uZDJLnBs8Z49291WeJ/lFHfMfGL6
Od1Q4I3pIaLwWzUlY1FNgYr+5+9yW+o8TBJFP5UaeHq7cW79X7lZPYjsxVSJXU7R
hfZU4Vhq0n5Y8wdXV7ULsgJGMqAD5VsIyQ8On3MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRiCdf4EALlEqnWHHQHZObnk92XBDAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L1lnblgtQkFDNVJLcDFoeDBCMlRtNTVQZGx3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBdRvwDANBAIAAjAHAwUAKgFcQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtDf8g4iizBTnrKRpHF4J1k2U+fGA4A+1gMA6BHvm
E6gzNh4rZbLhmbkA/Wh5EGVCw02Dl8PdFDNCUjWuggMa2GqDqpaHr7zbdv6iRWHy
dkwPEXmys3E9DixPYVppeoVQblyFMk6RJhISeYKwoqgjByaaMPpWsmSoY1WF3OdO
mIS5r3IfC8S7QJbhTgCm/eAIFWpIBk6nerjx8K49UQTkQMBuJYVwvPt/FLtmg3WW
FLpAP67Ofxoelh7/lRaLikXBc4ZuD35Ws0hcBhy7SvV+bIUSidRYrLgXxtSPQA+P
8usLzouqrFMy3nV9JmZ4ZPDLYok3c7aPVI+lPVhwd/ICxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org