Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/ft3uo0E5tbLwL33B4YExk9UWy08.roa
File: ft3uo0E5tbLwL33B4YExk9UWy08.roa (raw, json)
Hash identifier: 1PcGdtksDDiX8weV88kYdXnBpvuQM0YzSsX+AGXDBN4=
Subject key identifier: 7E:DD:EE:A3:41:39:B5:B2:F0:2F:7D:C1:E1:81:31:93:D5:16:CB:4F
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1E22EB08
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/ft3uo0E5tbLwL33B4YExk9UWy08.roa
Signing time: Tue 31 May 2022 14:10:13 +0000
ROA not before: Tue 31 May 2022 14:10:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12687
IP address blocks: 212.111.206.0/24 maxlen: 24
212.111.205.0/24 maxlen: 24
212.111.202.0/23 maxlen: 24
212.111.201.0/24 maxlen: 24
212.111.213.0/24 maxlen: 24
212.111.212.0/23 maxlen: 23
212.111.208.0/22 maxlen: 22
212.111.192.0/19 maxlen: 24
212.111.192.0/20 maxlen: 24
212.111.192.0/21 maxlen: 24
212.111.199.0/24 maxlen: 24
212.111.198.0/24 maxlen: 24
2a01:5c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 505604872 (0x1e22eb08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: May 31 14:10:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7eddeea34139b5b2f02f7dc1e1813193d516cb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:42:95:2e:95:f1:d7:d1:70:be:65:c0:6d:5f:
ce:56:0e:b8:32:87:4e:1c:85:cd:26:f2:26:18:0f:
ec:65:2c:f7:ec:79:9f:d2:75:0a:c6:77:56:d7:b8:
bb:53:f2:44:c8:d5:d9:93:2f:a5:68:f0:8a:7f:62:
c3:a7:e1:29:4e:a1:91:8f:ef:84:ec:92:92:0c:a6:
78:d7:b6:9c:97:3a:6a:9b:ba:d4:7c:ed:cb:b6:38:
86:d6:99:ac:ba:1e:14:71:e3:55:26:7d:e8:c5:19:
5c:de:59:c9:e5:82:18:99:00:fb:f2:66:30:eb:ab:
21:e0:de:73:3d:08:5a:3d:94:13:92:7c:88:7a:3f:
f6:44:54:11:e3:99:dd:ec:08:b3:76:05:22:fc:31:
3e:fd:7a:6e:79:bc:ca:3f:5b:0e:3c:66:59:99:21:
07:bf:d5:bc:f2:ef:c1:f8:cf:d0:cd:43:bf:89:ae:
f8:c9:44:90:42:8e:2a:a8:2d:7b:00:5a:0a:92:41:
35:14:4f:57:b7:10:84:f2:ce:c8:20:a8:c6:fe:09:
81:b2:5c:c1:70:de:3e:da:30:45:80:76:a3:d2:bf:
32:fd:0c:68:76:6c:bd:0f:dd:84:ff:74:3c:b8:be:
e5:42:cd:8c:97:64:24:9a:91:92:1c:9d:ec:70:7f:
7b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DD:EE:A3:41:39:B5:B2:F0:2F:7D:C1:E1:81:31:93:D5:16:CB:4F
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/ft3uo0E5tbLwL33B4YExk9UWy08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.111.192.0/19
IPv6:
2a01:5c40::/32
Signature Algorithm: sha256WithRSAEncryption
3b:51:e6:49:1e:41:ce:30:32:a2:2d:20:f9:00:3f:21:e8:f0:
6e:ae:42:f5:3d:f7:85:be:49:84:16:94:b6:9f:39:e1:14:a4:
47:53:66:e8:3d:e4:6d:b2:27:a4:e9:5f:9a:51:9f:f2:53:e1:
c8:ab:f5:5d:6f:df:06:a4:76:24:5b:fd:e7:5d:7c:10:fc:6b:
26:28:25:c8:14:51:b1:94:e8:6f:42:d6:59:9e:39:15:12:3b:
22:c1:5e:e2:16:d9:47:0e:29:f8:2d:3d:a0:3d:2a:05:51:8f:
99:01:38:d2:ea:ac:31:f9:46:87:cf:cc:23:19:31:d4:19:ca:
38:6e:ce:d9:7c:4b:5d:ae:04:2b:fb:28:a7:52:da:78:c4:d0:
9d:ed:04:87:cf:37:b9:04:0f:bc:89:6b:3c:af:cb:f7:eb:3b:
dc:a2:4d:3f:88:e7:2d:97:5c:b8:d7:30:5f:1f:b2:2a:b4:96:
0c:43:0c:9a:d8:dd:4e:f1:a5:bc:45:80:23:a0:6d:ed:af:4b:
08:f7:44:77:fb:43:6f:36:c3:c7:f6:99:fe:72:b2:3e:69:75:
ca:b9:50:93:66:d4:84:0d:43:72:d2:78:9e:b9:b7:da:2d:64:
dc:71:d9:0e:0d:1e:c6:f2:46:91:fd:66:5d:9b:b4:a2:fc:b1:
03:79:e1:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHiLrCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDUz
MTE0MTAxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VkZGVlYTM0MTM5
YjViMmYwMmY3ZGMxZTE4MTMxOTNkNTE2Y2I0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxClS6V8dfRcL5lwG1fzlYOuDKHThyFzSbyJhgP7GUs9+x5
n9J1CsZ3Vte4u1PyRMjV2ZMvpWjwin9iw6fhKU6hkY/vhOySkgymeNe2nJc6apu6
1Hzty7Y4htaZrLoeFHHjVSZ96MUZXN5ZyeWCGJkA+/JmMOurIeDecz0IWj2UE5J8
iHo/9kRUEeOZ3ewIs3YFIvwxPv16bnm8yj9bDjxmWZkhB7/VvPLvwfjP0M1Dv4mu
+MlEkEKOKqgtewBaCpJBNRRPV7cQhPLOyCCoxv4JgbJcwXDePtowRYB2o9K/Mv0M
aHZsvQ/dhP90PLi+5ULNjJdkJJqRkhyd7HB/ew8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR+3e6jQTm1svAvfcHhgTGT1RbLTzAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L2Z0M3VvMEU1dGJMd0wzM0I0WUV4azlVV3kwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBdRvwDANBAIAAjAHAwUAKgFcQDAN
BgkqhkiG9w0BAQsFAAOCAQEAO1HmSR5BzjAyoi0g+QA/Iejwbq5C9T33hb5JhBaU
tp854RSkR1Nm6D3kbbInpOlfmlGf8lPhyKv1XW/fBqR2JFv95118EPxrJiglyBRR
sZTob0LWWZ45FRI7IsFe4hbZRw4p+C09oD0qBVGPmQE40uqsMflGh8/MIxkx1BnK
OG7O2XxLXa4EK/sop1LaeMTQne0Eh883uQQPvIlrPK/L9+s73KJNP4jnLZdcuNcw
Xx+yKrSWDEMMmtjdTvGlvEWAI6Bt7a9LCPdEd/tDbzbDx/aZ/nKyPml1yrlQk2bU
hA1DctJ4nrm32i1k3HHZDg0exvJGkf1mXZu0ovyxA3nh5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org