Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/apZuv37P8s6LzaumwMg0i5sD7PY.roa
File: apZuv37P8s6LzaumwMg0i5sD7PY.roa (raw, json)
Hash identifier: MArvyPGVCelOcMvhJMWK7GxMo99uqT0fH3xCgS94SNI=
Subject key identifier: 6A:96:6E:BF:7E:CF:F2:CE:8B:CD:AB:A6:C0:C8:34:8B:9B:03:EC:F6
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 35476195
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/apZuv37P8s6LzaumwMg0i5sD7PY.roa
Signing time: Sat 01 Jan 2022 06:59:51 +0000
ROA not before: Sat 01 Jan 2022 06:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212460
IP address blocks: 212.126.115.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.114.0/24 maxlen: 24
2a04:2dc0:1d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893870485 (0x35476195)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 06:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a966ebf7ecff2ce8bcdaba6c0c8348b9b03ecf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c0:be:12:3e:91:4a:3c:8e:51:d9:86:9c:a5:
38:77:31:98:f1:48:fb:fd:e9:0c:76:62:24:6b:c0:
03:9c:e2:bb:4a:6f:8e:c2:76:2b:b5:05:f0:4d:ac:
48:e9:dd:7a:60:bd:e8:a9:8e:ce:cf:23:20:a6:02:
b7:a2:74:b6:53:77:0a:3b:88:4e:81:3c:81:09:cd:
f2:81:8c:14:f6:b5:2d:da:ff:39:94:f4:cc:60:ec:
5d:13:8b:ac:cd:c9:6b:09:b2:59:55:e0:7f:bb:df:
a3:27:d1:23:6a:c4:26:f3:a1:44:fc:00:c1:43:7a:
a0:7d:4b:b3:98:7c:9f:40:0c:03:91:64:7a:84:fa:
cf:04:12:53:a6:15:e8:08:2f:7d:3e:88:f8:5c:e0:
d5:43:a0:f4:53:7f:74:9d:4d:cc:07:e0:10:09:d1:
2d:9f:6a:89:3f:8d:c8:fe:17:77:d5:9c:d1:bb:eb:
1e:94:78:78:40:85:1c:55:d3:50:b4:49:23:22:de:
c3:54:43:f7:44:ba:5c:7f:df:4a:1a:7d:08:92:b0:
d8:b0:41:98:dd:a1:2f:14:11:3d:4c:22:84:a5:cb:
e6:81:23:95:96:d9:c0:82:09:76:d4:95:aa:46:27:
d6:13:9f:da:48:15:17:a6:06:db:b9:2a:40:cd:e0:
3d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:96:6E:BF:7E:CF:F2:CE:8B:CD:AB:A6:C0:C8:34:8B:9B:03:EC:F6
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/apZuv37P8s6LzaumwMg0i5sD7PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0-212.126.115.255
IPv6:
2a04:2dc0:1d::/48
Signature Algorithm: sha256WithRSAEncryption
36:82:e6:24:cb:f4:e9:45:54:57:a1:c3:7e:3e:0f:3f:a8:66:
36:b3:cb:85:3d:32:9c:e3:7f:b2:54:16:52:83:0f:6b:08:8f:
43:d6:b4:de:0e:89:f8:ca:f8:d0:df:08:b2:f4:dc:45:cb:14:
4f:93:3c:8a:12:27:ac:0a:3a:0e:7f:46:e0:30:22:f3:a2:b7:
9a:a9:fc:c4:a7:55:c9:8f:6e:2c:19:e5:e0:77:ca:c7:1e:c8:
ed:60:3b:15:ef:7a:d8:3a:95:8e:0f:7a:9c:c8:c4:ab:31:15:
ec:b0:58:dc:9c:e4:dc:e7:38:92:e5:bd:d9:83:b0:48:c5:cd:
c6:17:76:16:7a:ae:95:84:0e:51:00:ac:26:be:e0:a5:c5:77:
b1:1e:59:b3:af:38:f2:06:06:e2:9d:9f:c8:58:94:45:e6:d1:
ea:56:48:61:2d:77:53:a5:7d:72:ef:f2:38:3c:b6:a9:36:49:
72:89:32:23:c6:51:45:17:69:ad:42:3e:8d:1d:74:96:55:03:
6b:1c:30:83:ca:17:37:02:dc:ad:1d:ed:8d:5a:ed:e5:a5:66:
04:10:0a:2f:fb:2d:a5:27:ed:31:30:0f:9d:d0:7d:bc:fd:eb:
d0:42:78:79:48:a8:bc:3d:97:e2:7a:74:2c:3d:12:22:38:4e:
83:ad:f9:3b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENUdhlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWNjYmI3MmFhOTg4NGE1YmY4ZDBlNzU3NDA0YTE3ZTVlMjMzMjJjMB4XDTIyMDEw
MTA2NTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE5NjZlYmY3ZWNm
ZjJjZThiY2RhYmE2YzBjODM0OGI5YjAzZWNmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfAvhI+kUo8jlHZhpylOHcxmPFI+/3pDHZiJGvAA5ziu0pv
jsJ2K7UF8E2sSOndemC96KmOzs8jIKYCt6J0tlN3CjuIToE8gQnN8oGMFPa1Ldr/
OZT0zGDsXROLrM3JawmyWVXgf7vfoyfRI2rEJvOhRPwAwUN6oH1Ls5h8n0AMA5Fk
eoT6zwQSU6YV6AgvfT6I+Fzg1UOg9FN/dJ1NzAfgEAnRLZ9qiT+NyP4Xd9Wc0bvr
HpR4eECFHFXTULRJIyLew1RD90S6XH/fShp9CJKw2LBBmN2hLxQRPUwihKXL5oEj
lZbZwIIJdtSVqkYn1hOf2kgVF6YG27kqQM3gPU8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRqlm6/fs/yzovNq6bAyDSLmwPs9jAfBgNVHSMEGDAWgBT6zLtyqpiEpb+N
DnV0BKF+XiMyLDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzUzL2U4Y2I0NC1hOTU0LTQ2NzItYjlhNC1hNDllNWM2NjMzYmQv
MS9hcFp1djM3UDhzNkx6YXVtd01nMGk1c0Q3UFkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUz
L2U4Y2I0NC1hOTU0LTQ2NzItYjlhNC1hNDllNWM2NjMzYmQvMS8xLXN5N2NxcVlo
S1dfalE1MWRBU2hmbDRqTWl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBADUfnEDBALUfnAwDwQCAAIw
CQMHACoELcAAHTANBgkqhkiG9w0BAQsFAAOCAQEANoLmJMv06UVUV6HDfj4PP6hm
NrPLhT0ynON/slQWUoMPawiPQ9a03g6J+Mr40N8IsvTcRcsUT5M8ihInrAo6Dn9G
4DAi86K3mqn8xKdVyY9uLBnl4HfKxx7I7WA7Fe962DqVjg96nMjEqzEV7LBY3Jzk
3Oc4kuW92YOwSMXNxhd2FnqulYQOUQCsJr7gpcV3sR5Zs6848gYG4p2fyFiURebR
6lZIYS13U6V9cu/yODy2qTZJcokyI8ZRRRdprUI+jR10llUDaxwwg8oXNwLcrR3t
jVrt5aVmBBAKL/stpSftMTAPndB9vP3r0EJ4eUiovD2X4np0LD0SIjhOg635Ow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:12 2023 by rpki-client on console-ams.rpki-client.org