Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/jzDGphJ2mRp1PAum3qGxdaY-m4A.roa
File: jzDGphJ2mRp1PAum3qGxdaY-m4A.roa (raw, json)
Hash identifier: P6gn8awStjUtTv4GDP9VQ62q1KSFM3UwM0wNDCUy8ls=
Subject key identifier: 8F:30:C6:A6:12:76:99:1A:75:3C:0B:A6:DE:A1:B1:75:A6:3E:9B:80
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 018C55BD564362665F60BA3DA110263E8B39
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/jzDGphJ2mRp1PAum3qGxdaY-m4A.roa
Signing time: Sun 10 Dec 2023 21:58:40 +0000
ROA not before: Sun 10 Dec 2023 21:58:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8814
IP address blocks: 212.47.132.0/22 maxlen: 22
212.47.128.0/22 maxlen: 22
212.47.136.0/22 maxlen: 22
212.47.144.0/22 maxlen: 22
212.47.140.0/22 maxlen: 22
212.47.148.0/22 maxlen: 22
158.181.44.0/22 maxlen: 22
158.181.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:55:bd:56:43:62:66:5f:60:ba:3d:a1:10:26:3e:8b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Dec 10 21:58:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f30c6a61276991a753c0ba6dea1b175a63e9b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:25:cb:66:78:6c:80:2f:f4:b8:d4:85:14:a1:
39:b0:a4:a1:d6:55:21:b5:ee:b7:c4:8a:25:60:0e:
66:23:8e:8c:8e:f9:44:4d:c6:5d:2c:e9:3a:25:f2:
4b:5b:76:c5:cc:ad:1d:c3:38:db:d3:2d:38:27:f7:
29:65:48:14:1c:73:1c:b2:3e:c4:b9:6c:7d:16:fc:
a7:94:ae:76:fd:c8:78:02:0a:3e:f2:3b:bd:c7:55:
5b:eb:12:81:f4:2e:df:ae:f7:35:dc:e3:df:ee:5e:
db:f2:b4:6c:16:bd:8d:b2:8b:6a:05:e2:c8:1c:34:
91:f4:76:37:30:35:25:e1:7d:da:bb:71:bc:26:8b:
d9:dc:58:1e:67:70:4d:88:f5:82:b3:4c:58:d3:b8:
cb:e5:3e:10:d8:50:73:93:56:70:58:99:63:e0:99:
09:1c:08:88:ba:fb:d5:65:2d:11:36:c8:68:74:ae:
25:66:eb:71:82:d3:a4:78:a2:0c:23:59:99:57:b6:
18:d9:35:91:d7:7c:a0:e9:80:47:4b:57:2b:ea:1f:
e0:4a:84:33:10:50:d7:eb:7c:8f:a9:0e:9c:42:1f:
a8:1e:5a:b0:02:c6:ff:e3:7f:cd:58:28:e4:61:05:
1c:08:dd:04:b9:d1:6f:89:20:9e:eb:0a:46:4f:22:
9e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:30:C6:A6:12:76:99:1A:75:3C:0B:A6:DE:A1:B1:75:A6:3E:9B:80
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/jzDGphJ2mRp1PAum3qGxdaY-m4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.181.40.0/21
212.47.128.0-212.47.151.255
Signature Algorithm: sha256WithRSAEncryption
11:8c:73:0a:48:33:c0:3a:b7:f1:8d:9d:df:a1:d5:f2:16:34:
9c:32:e2:c6:d9:27:3f:42:1c:e7:ff:bb:78:0d:db:64:81:6b:
99:37:fb:01:bf:c7:18:29:48:41:ea:65:ee:2a:71:79:05:37:
67:88:6b:7c:68:79:6a:ca:5b:da:de:53:a7:93:01:5a:a1:3f:
77:8f:59:e9:b6:ee:08:4c:20:63:35:ac:08:cf:c5:66:37:5d:
8b:6d:7c:97:42:8f:a4:26:d5:b9:4f:92:c4:ba:25:87:39:a2:
fc:18:49:d7:26:2b:23:58:f9:f8:d7:0d:76:67:a4:8c:85:65:
a5:51:78:8d:13:ef:9a:86:9b:a8:d3:cc:33:de:eb:bc:2b:30:
1e:aa:8b:c0:0b:f8:27:18:20:e7:88:a7:47:11:f4:54:d3:a6:
fb:04:69:6b:06:10:7f:6b:bf:c8:a1:98:9c:21:ef:e9:cd:e3:
34:6e:ac:25:7d:2b:c3:ff:22:4d:71:77:ab:99:3c:87:8d:e2:
1b:2c:a1:16:6c:cf:27:0d:76:32:c8:a9:76:71:35:f4:52:2c:
96:6c:48:d8:5d:57:12:99:53:9a:f0:38:a8:d9:cd:35:92:60:
4f:5c:c0:64:96:2d:f6:94:24:38:92:35:06:ef:4c:bb:f9:87:
59:96:ef:e9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYxVvVZDYmZfYLo9oRAmPos5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjMxMjEwMjE1ODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMwYzZhNjEyNzY5OTFhNzUzYzBiYTZkZWExYjE3NWE2M2U5YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyXLZnhsgC/0uNSFFKE5sKSh1lUh
te63xIolYA5mI46MjvlETcZdLOk6JfJLW3bFzK0dwzjb0y04J/cpZUgUHHMcsj7E
uWx9FvynlK52/ch4Ago+8ju9x1Vb6xKB9C7frvc13OPf7l7b8rRsFr2NsotqBeLI
HDSR9HY3MDUl4X3au3G8JovZ3FgeZ3BNiPWCs0xY07jL5T4Q2FBzk1ZwWJlj4JkJ
HAiIuvvVZS0RNshodK4lZutxgtOkeKIMI1mZV7YY2TWR13yg6YBHS1cr6h/gSoQz
EFDX63yPqQ6cQh+oHlqwAsb/43/NWCjkYQUcCN0EudFviSCe6wpGTyKeXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI8wxqYSdpkadTwLpt6hsXWmPpuAMB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvanpER3BoSjJtUnAxUEF1bTNxR3hkYVktbTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDnrUoMAwD
BAfUL4ADBAPUL5AwDQYJKoZIhvcNAQELBQADggEBABGMcwpIM8A6t/GNnd+h1fIW
NJwy4sbZJz9CHOf/u3gN22SBa5k3+wG/xxgpSEHqZe4qcXkFN2eIa3xoeWrKW9re
U6eTAVqhP3ePWem27ghMIGM1rAjPxWY3XYttfJdCj6Qm1blPksS6JYc5ovwYSdcm
KyNY+fjXDXZnpIyFZaVReI0T75qGm6jTzDPe67wrMB6qi8AL+CcYIOeIp0cR9FTT
pvsEaWsGEH9rv8ihmJwh7+nN4zRurCV9K8P/Ik1xd6uZPIeN4hssoRZszycNdjLI
qXZxNfRSLJZsSNhdVxKZU5rwOKjZzTWSYE9cwGSWLfaUJDiSNQbvTLv5h1mW7+k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:48 2025 by rpki-client