Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/jPZQlVzb-Y3oTz5NNhZykYXPDGI.roa
File: jPZQlVzb-Y3oTz5NNhZykYXPDGI.roa (raw, json)
Hash identifier: Frwv0lmuy0XI7cm1+YLLbOQMDhXq/pRsOQ1Pz8H10GE=
Subject key identifier: 8C:F6:50:95:5C:DB:F9:8D:E8:4F:3E:4D:36:16:72:91:85:CF:0C:62
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 3546CDFE
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/jPZQlVzb-Y3oTz5NNhZykYXPDGI.roa
Signing time: Sat 01 Jan 2022 06:59:50 +0000
ROA not before: Sat 01 Jan 2022 06:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209565
IP address blocks: 46.21.251.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
212.126.115.0/24 maxlen: 24
212.126.114.0/24 maxlen: 24
212.126.113.0/24 maxlen: 24
212.126.122.0/23 maxlen: 23
212.126.123.0/24 maxlen: 24
212.126.122.0/24 maxlen: 24
212.126.121.0/24 maxlen: 24
212.126.120.0/24 maxlen: 24
212.126.126.0/24 maxlen: 24
2a04:2dc0:a::/48 maxlen: 48
2a04:2dc0:8::/48 maxlen: 48
2a04:2dc0:18::/48 maxlen: 48
2a04:2dc0:e::/48 maxlen: 48
2a04:2dc0:19::/48 maxlen: 48
2a04:2dc0:22::/48 maxlen: 48
2a04:2dc0:1d::/48 maxlen: 48
2a04:2dc0:1b::/48 maxlen: 48
2a04:2dc0:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893832702 (0x3546cdfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Jan 1 06:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cf650955cdbf98de84f3e4d3616729185cf0c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3f:30:ec:30:20:33:d7:91:74:6e:7e:cb:9d:
1d:94:28:c0:03:3c:db:8d:5b:96:95:2a:2e:80:f3:
c0:83:49:7e:e0:30:e5:8c:de:17:c7:4f:d0:6f:87:
f7:17:dd:06:57:bb:92:21:32:31:fd:dd:e2:5c:fe:
76:9e:03:50:26:3b:be:df:3c:65:e3:62:58:a0:a3:
55:6f:66:f2:7d:ce:ad:46:e9:bf:00:1c:2f:38:54:
77:a1:01:cb:b7:da:c2:18:c6:ba:fa:55:9c:ed:29:
50:21:ce:f2:c5:43:b2:3f:c6:01:97:8c:11:17:27:
0b:de:bd:a4:3b:06:06:39:67:ce:ed:f1:e6:d3:36:
13:03:8f:df:17:d2:4d:98:2a:fe:0a:d6:f6:0c:6a:
9c:d8:eb:cc:31:cc:4a:e3:c0:ac:a7:bd:ba:b9:91:
dd:f4:a1:08:a8:0c:49:25:5d:3d:db:a5:b2:a7:0a:
7d:dd:eb:cb:37:5b:8c:b9:62:56:89:18:17:2d:52:
7b:ff:6a:ed:46:0f:62:2c:5e:f8:7d:17:7a:e4:ba:
b5:f7:22:45:37:37:df:0f:05:39:50:2b:69:06:66:
f5:cb:47:99:7b:15:03:fb:cc:52:b7:f7:3b:4e:02:
72:6a:ea:72:90:53:ca:10:06:f1:6a:79:b8:00:e8:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F6:50:95:5C:DB:F9:8D:E8:4F:3E:4D:36:16:72:91:85:CF:0C:62
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/jPZQlVzb-Y3oTz5NNhZykYXPDGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.251.0/24
212.126.113.0-212.126.116.255
212.126.120.0/22
212.126.126.0/24
IPv6:
2a04:2dc0:8::/48
2a04:2dc0:a::/48
2a04:2dc0:e::/48
2a04:2dc0:18::/47
2a04:2dc0:1b::/48
2a04:2dc0:1d::/48
2a04:2dc0:21::-2a04:2dc0:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9b:1a:ea:41:36:d3:f4:e2:22:ec:3b:87:b8:76:df:c5:88:bf:
0c:a0:4a:98:44:11:2e:5a:d4:e4:ce:f5:62:76:b4:f3:51:fe:
a1:95:b8:54:35:5d:a4:3a:43:76:cd:70:00:cf:cf:5e:c3:5d:
42:a7:2b:9c:ec:63:7a:8c:f4:64:99:71:2a:56:4b:d0:9b:af:
0d:ba:c1:06:c5:df:0e:99:e5:32:47:22:bd:7c:6e:49:a0:1f:
d3:ab:27:5e:a4:0a:ff:07:9c:ba:07:6f:29:2b:07:70:a1:7c:
a3:a9:09:b5:9d:28:68:d2:05:f6:b4:94:25:1f:ba:1d:fc:a4:
92:70:56:6b:21:9f:41:d5:18:54:f2:5c:8a:71:f7:8d:e9:48:
f0:b0:ea:d1:04:1e:6d:37:fc:12:99:e9:80:22:3b:e9:fc:a2:
29:f2:2b:70:e6:1b:1a:8c:57:f6:87:2a:8b:6f:61:3c:62:9d:
f0:cf:d3:29:e8:48:35:b1:41:f4:3c:cb:a7:6b:72:f0:05:70:
c5:11:a6:66:ce:4c:90:a7:b7:f0:c9:55:8d:6b:bf:34:b9:59:
3a:8d:1b:cc:6b:3c:da:92:10:94:fc:dc:e7:55:95:70:8b:c1:
eb:06:b2:7a:67:2f:af:f0:4a:f3:9c:86:3d:d6:b6:1b:34:2a:
46:f5:ef:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIENUbN/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWNjYmI3MmFhOTg4NGE1YmY4ZDBlNzU3NDA0YTE3ZTVlMjMzMjJjMB4XDTIyMDEw
MTA2NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNmNjUwOTU1Y2Ri
Zjk4ZGU4NGYzZTRkMzYxNjcyOTE4NWNmMGM2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8/MOwwIDPXkXRufsudHZQowAM8241blpUqLoDzwINJfuAw
5YzeF8dP0G+H9xfdBle7kiEyMf3d4lz+dp4DUCY7vt88ZeNiWKCjVW9m8n3OrUbp
vwAcLzhUd6EBy7fawhjGuvpVnO0pUCHO8sVDsj/GAZeMERcnC969pDsGBjlnzu3x
5tM2EwOP3xfSTZgq/grW9gxqnNjrzDHMSuPArKe9urmR3fShCKgMSSVdPdulsqcK
fd3ryzdbjLliVokYFy1Se/9q7UYPYixe+H0XeuS6tfciRTc33w8FOVAraQZm9ctH
mXsVA/vMUrf3O04CcmrqcpBTyhAG8Wp5uADoOFECAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBSM9lCVXNv5jehPPk02FnKRhc8MYjAfBgNVHSMEGDAWgBT6zLtyqpiEpb+N
DnV0BKF+XiMyLDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzUzL2U4Y2I0NC1hOTU0LTQ2NzItYjlhNC1hNDllNWM2NjMzYmQv
MS9qUFpRbFZ6Yi1ZM29UejVOTmhaeWtZWFBER0kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUz
L2U4Y2I0NC1hOTU0LTQ2NzItYjlhNC1hNDllNWM2NjMzYmQvMS8xLXN5N2NxcVlo
S1dfalE1MWRBU2hmbDRqTWl3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIGLBggrBgEFBQcBBwEB/wR8MHowJgQCAAEwIAMEAC4V+zAMAwQA1H5xAwQA1H50
AwQC1H54AwQA1H5+MFAEAgACMEoDBwAqBC3AAAgDBwAqBC3AAAoDBwAqBC3AAA4D
BwEqBC3AABgDBwAqBC3AABsDBwAqBC3AAB0wEgMHACoELcAAIQMHACoELcAAIjAN
BgkqhkiG9w0BAQsFAAOCAQEAmxrqQTbT9OIi7DuHuHbfxYi/DKBKmEQRLlrU5M71
Yna081H+oZW4VDVdpDpDds1wAM/PXsNdQqcrnOxjeoz0ZJlxKlZL0JuvDbrBBsXf
DpnlMkcivXxuSaAf06snXqQK/wecugdvKSsHcKF8o6kJtZ0oaNIF9rSUJR+6Hfyk
knBWayGfQdUYVPJcinH3jelI8LDq0QQebTf8EpnpgCI76fyiKfIrcOYbGoxX9ocq
i29hPGKd8M/TKehINbFB9DzLp2ty8AVwxRGmZs5MkKe38MlVjWu/NLlZOo0bzGs8
2pIQlPzc51WVcIvB6wayemcvr/BK85yGPda2GzQqRvXvGw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:28 2023 by rpki-client on console-fra.rpki-client.org