Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/28Hta1e5cV9FaGt_i6bhLvd3SRY.roa
File: 28Hta1e5cV9FaGt_i6bhLvd3SRY.roa (raw, json)
Hash identifier: e52ritt/buoRvUgLMHx7RsHmIdIr+3sLJCaDCeSFk00=
Subject key identifier: DB:C1:ED:6B:57:B9:71:5F:45:68:6B:7F:8B:A6:E1:2E:F7:77:49:16
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 018C5834215A8B1835E818AFC8103AC612E4
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/28Hta1e5cV9FaGt_i6bhLvd3SRY.roa
Signing time: Mon 11 Dec 2023 09:27:40 +0000
ROA not before: Mon 11 Dec 2023 09:27:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8814
IP address blocks: 212.47.132.0/22 maxlen: 22
212.47.128.0/22 maxlen: 22
212.47.136.0/22 maxlen: 22
212.47.144.0/22 maxlen: 22
212.47.140.0/22 maxlen: 22
212.47.148.0/22 maxlen: 22
158.181.44.0/22 maxlen: 22
158.181.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:34:21:5a:8b:18:35:e8:18:af:c8:10:3a:c6:12:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Dec 11 09:27:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbc1ed6b57b9715f45686b7f8ba6e12ef7774916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:0c:bc:f4:30:91:62:c8:dd:25:85:39:49:
7f:99:92:34:7f:fb:1e:c0:ac:83:4b:b0:a1:78:66:
c7:02:ab:ff:60:6c:c6:0a:1d:79:df:ab:53:41:0c:
a1:83:f2:28:c0:41:96:20:8b:65:66:64:30:c5:3b:
84:df:cb:f9:71:62:0b:78:5c:6b:f5:60:8c:c8:3d:
30:46:ce:16:cb:3b:19:30:8f:40:1b:d2:a6:b2:ef:
00:23:9c:2a:4d:47:a8:ee:ce:f7:2d:a9:21:34:ff:
61:fb:a9:ec:d9:c7:6c:83:24:39:a0:b8:74:5b:e4:
8a:87:6e:de:95:93:fd:bc:0c:ad:c8:e3:7a:f6:a1:
48:68:95:93:d8:c1:0e:49:3f:b5:a5:fb:a6:a4:99:
d9:e7:79:5b:24:a5:db:f5:b5:94:2c:67:5a:f1:11:
76:90:61:1d:21:9b:86:12:0b:d0:37:22:1d:0f:77:
89:71:2e:e1:9d:8f:72:cf:be:64:d4:b1:4a:3b:95:
27:9b:fa:72:90:e9:fe:db:b7:5f:be:f4:12:f7:ef:
23:42:ea:18:0f:1d:9a:63:03:2d:6d:f0:6f:e8:f5:
fe:e2:4b:7d:42:33:0b:d4:fc:96:58:a7:ba:73:c6:
29:08:00:63:70:e0:6d:9b:aa:ea:aa:de:be:9f:f8:
76:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C1:ED:6B:57:B9:71:5F:45:68:6B:7F:8B:A6:E1:2E:F7:77:49:16
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/28Hta1e5cV9FaGt_i6bhLvd3SRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.181.40.0/21
212.47.128.0-212.47.151.255
Signature Algorithm: sha256WithRSAEncryption
83:db:47:23:24:0f:f4:8c:29:97:72:82:dc:f3:0b:78:86:c6:
67:36:06:33:80:bb:63:2a:9c:55:e0:bc:b4:b0:e5:4e:c6:7a:
1a:b1:b7:48:4e:fa:06:12:86:3d:c2:11:2c:39:07:3b:bd:09:
d1:fd:ee:c3:a2:fe:05:fd:a2:96:82:d9:86:c8:12:f4:c0:40:
c9:89:4a:74:34:e2:b5:df:36:d6:da:1f:2d:bf:63:a9:f1:40:
5f:3b:b6:ac:70:f6:fb:14:20:a1:25:db:0b:db:e1:d3:74:c9:
aa:b6:af:93:53:0d:cb:1c:cb:3c:f6:b2:85:e6:74:b4:33:d6:
12:af:93:06:23:e4:00:c6:c1:47:15:c1:41:90:15:91:58:44:
0e:21:a8:e6:42:93:27:0d:b6:59:2f:88:dd:49:ea:ee:49:a9:
06:47:fa:2d:70:e6:55:b2:70:ef:54:e9:44:35:dc:fa:97:8d:
93:e1:40:a4:2a:42:71:c2:75:4c:0c:d7:b7:6c:36:f4:f4:39:
b1:a9:5e:cc:db:3b:00:f4:d7:7a:77:52:d0:1d:d6:04:b5:8d:
1b:f1:df:e3:7c:d7:5e:29:1c:ec:3e:3e:2c:bc:60:bd:a2:41:
d2:8e:50:c6:ba:dd:1f:b9:ac:16:e4:d3:93:93:67:28:f4:e9:
3c:75:6b:a6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYxYNCFaixg16BivyBA6xhLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjMxMjExMDkyNzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMxZWQ2YjU3Yjk3MTVmNDU2ODZiN2Y4YmE2ZTEyZWY3Nzc0OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtYMvPQwkWLI3SWFOUl/mZI0f/se
wKyDS7CheGbHAqv/YGzGCh1536tTQQyhg/IowEGWIItlZmQwxTuE38v5cWILeFxr
9WCMyD0wRs4WyzsZMI9AG9Kmsu8AI5wqTUeo7s73LakhNP9h+6ns2cdsgyQ5oLh0
W+SKh27elZP9vAytyON69qFIaJWT2MEOST+1pfumpJnZ53lbJKXb9bWULGda8RF2
kGEdIZuGEgvQNyIdD3eJcS7hnY9yz75k1LFKO5Unm/pykOn+27dfvvQS9+8jQuoY
Dx2aYwMtbfBv6PX+4kt9QjML1PyWWKe6c8YpCABjcOBtm6rqqt6+n/h27QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNvB7WtXuXFfRWhrf4um4S73d0kWMB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvMjhIdGExZTVjVjlGYUd0X2k2YmhMdmQzU1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDnrUoMAwD
BAfUL4ADBAPUL5AwDQYJKoZIhvcNAQELBQADggEBAIPbRyMkD/SMKZdygtzzC3iG
xmc2BjOAu2MqnFXgvLSw5U7Gehqxt0hO+gYShj3CESw5Bzu9CdH97sOi/gX9opaC
2YbIEvTAQMmJSnQ04rXfNtbaHy2/Y6nxQF87tqxw9vsUIKEl2wvb4dN0yaq2r5NT
Dcscyzz2soXmdLQz1hKvkwYj5ADGwUcVwUGQFZFYRA4hqOZCkycNtlkviN1J6u5J
qQZH+i1w5lWycO9U6UQ13PqXjZPhQKQqQnHCdUwM17dsNvT0ObGpXszbOwD013p3
UtAd1gS1jRvx3+N8114pHOw+Piy8YL2iQdKOUMa63R+5rBbk05OTZyj06Tx1a6Y=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:44 2025 by rpki-client