Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/DYHeMBiyO5g3rGVyD1DxBPLaCcw.roa
File: DYHeMBiyO5g3rGVyD1DxBPLaCcw.roa (raw, json)
Hash identifier: wSz8QcvAW9Z/PxrKJrNgsrmDKiOqLftmYIbA5bWNx20=
Subject key identifier: 0D:81:DE:30:18:B2:3B:98:37:AC:65:72:0F:50:F1:04:F2:DA:09:CC
Certificate issuer: /CN=881af85f81dd3f3b24ab14ed1f42c7cc466502f0
Certificate serial: 01856F8B970A6E4271542E46CE266E55061D
Authority key identifier: 88:1A:F8:5F:81:DD:3F:3B:24:AB:14:ED:1F:42:C7:CC:46:65:02:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBr4X4HdPzskqxTtH0LHzEZlAvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/DYHeMBiyO5g3rGVyD1DxBPLaCcw.roa
Signing time: Sun 01 Jan 2023 22:54:57 +0000
ROA not before: Sun 01 Jan 2023 22:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12808
IP address blocks: 212.125.32.0/19 maxlen: 24
212.125.56.0/22 maxlen: 24
212.125.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:97:0a:6e:42:71:54:2e:46:ce:26:6e:55:06:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881af85f81dd3f3b24ab14ed1f42c7cc466502f0
Validity
Not Before: Jan 1 22:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d81de3018b23b9837ac65720f50f104f2da09cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:9f:6c:8c:fe:66:16:cc:47:b9:e2:56:a7:
94:b9:d9:d0:44:d7:7f:ff:47:f7:e3:65:f7:6e:09:
3c:dd:90:d3:1e:7d:3b:16:27:ab:1c:1e:6f:bf:23:
b3:99:4f:fc:97:2b:9d:c3:29:94:42:72:d2:20:38:
b6:bc:d0:ef:bb:03:49:88:fb:d9:55:64:66:f7:ee:
64:9a:10:70:fc:de:1f:37:ea:9a:27:56:28:f7:90:
c7:a8:07:2e:c5:0f:ce:40:78:9e:d8:78:5e:16:bb:
00:a9:8a:85:db:e3:39:79:0d:e8:c4:23:55:77:e2:
fa:79:10:aa:e4:28:2b:6e:64:c3:b0:28:a8:3e:2b:
c5:4a:6e:23:8a:11:05:9f:ff:88:46:30:3a:ba:e0:
c8:61:4c:67:2c:d9:9f:c9:ed:de:81:60:df:04:63:
b9:2a:1e:a0:df:42:27:41:0b:82:12:6f:8b:01:a1:
06:4b:8f:ed:6f:7a:ef:4f:ce:ec:f9:b5:b8:15:8e:
64:08:8e:ad:49:b0:de:15:6b:f2:c9:5b:fc:18:e1:
e3:88:15:90:00:09:10:d1:a0:43:e3:b7:9d:d1:90:
7c:df:d5:8c:7f:d6:5f:c4:84:d4:43:1c:ab:27:28:
1a:de:a0:4d:e4:71:fc:e1:78:b5:3e:01:05:d8:8d:
e0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:81:DE:30:18:B2:3B:98:37:AC:65:72:0F:50:F1:04:F2:DA:09:CC
X509v3 Authority Key Identifier:
keyid:88:1A:F8:5F:81:DD:3F:3B:24:AB:14:ED:1F:42:C7:CC:46:65:02:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBr4X4HdPzskqxTtH0LHzEZlAvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/DYHeMBiyO5g3rGVyD1DxBPLaCcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d442a7-74e6-476a-8755-f255658bb881/1/iBr4X4HdPzskqxTtH0LHzEZlAvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.125.32.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:a2:78:08:84:a0:27:0a:e6:5f:9d:7e:10:0c:3a:61:ad:55:
87:c7:9d:e7:99:9e:39:69:36:8d:8f:e6:b1:d5:2a:68:7f:04:
1c:9a:cd:41:e3:05:67:e4:e6:43:cd:89:07:1e:a7:b3:2f:55:
36:e1:eb:2f:90:ca:89:c4:6e:a9:40:73:df:5f:2e:6e:20:a6:
57:49:a5:99:70:9b:27:56:a7:32:1e:bf:75:8d:91:36:eb:64:
35:b0:c4:57:f1:ad:e0:58:3d:e1:ac:35:1c:2f:ca:50:67:eb:
87:84:d2:bd:15:e9:7b:2c:2c:e8:fe:d3:33:a7:90:f8:4f:86:
f8:42:f0:29:2d:83:c1:e3:61:d0:62:db:f8:f2:11:70:9d:b2:
6b:3b:9f:a2:f3:65:f1:d0:e9:35:52:5b:90:86:60:d8:86:2c:
56:13:69:da:be:3f:01:bd:3e:cb:29:35:67:00:8e:f5:d7:04:
57:f7:6f:b4:e3:d6:77:fb:97:90:79:97:33:2b:0f:e4:c6:ac:
0c:a2:5d:ff:b4:b4:9a:be:4f:f8:fd:f5:24:78:f4:25:7d:ce:
72:1c:1f:d3:af:03:61:a0:e6:b9:65:e1:82:25:82:30:3c:04:
e6:fd:67:b0:f9:1d:84:c8:43:41:cc:1c:05:b9:85:3f:60:c4:
07:80:0e:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi5cKbkJxVC5GziZuVQYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWFmODVmODFkZDNmM2IyNGFiMTRlZDFmNDJjN2NjNDY2
NTAyZjAwHhcNMjMwMTAxMjI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDgxZGUzMDE4YjIzYjk4MzdhYzY1NzIwZjUwZjEwNGYyZGEwOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMOfbIz+ZhbMR7niVqeUudnQRNd/
/0f342X3bgk83ZDTHn07FierHB5vvyOzmU/8lyudwymUQnLSIDi2vNDvuwNJiPvZ
VWRm9+5kmhBw/N4fN+qaJ1Yo95DHqAcuxQ/OQHie2HheFrsAqYqF2+M5eQ3oxCNV
d+L6eRCq5CgrbmTDsCioPivFSm4jihEFn/+IRjA6uuDIYUxnLNmfye3egWDfBGO5
Kh6g30InQQuCEm+LAaEGS4/tb3rvT87s+bW4FY5kCI6tSbDeFWvyyVv8GOHjiBWQ
AAkQ0aBD47ed0ZB839WMf9ZfxITUQxyrJyga3qBN5HH84Xi1PgEF2I3gzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA2B3jAYsjuYN6xlcg9Q8QTy2gnMMB8GA1UdIwQY
MBaAFIga+F+B3T87JKsU7R9Cx8xGZQLwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJyNFg0SGRQenNrcXhUdEgwTEh6RVpsQXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kNDQyYTctNzRlNi00NzZhLTg3NTUt
ZjI1NTY1OGJiODgxLzEvRFlIZU1CaXlPNWczckdWeUQxRHhCUExhQ2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9kNDQyYTctNzRlNi00NzZhLTg3NTUtZjI1NTY1OGJiODgx
LzEvaUJyNFg0SGRQenNrcXhUdEgwTEh6RVpsQXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H0gMA0G
CSqGSIb3DQEBCwUAA4IBAQCbongIhKAnCuZfnX4QDDphrVWHx53nmZ45aTaNj+ax
1SpofwQcms1B4wVn5OZDzYkHHqezL1U24esvkMqJxG6pQHPfXy5uIKZXSaWZcJsn
VqcyHr91jZE262Q1sMRX8a3gWD3hrDUcL8pQZ+uHhNK9Fel7LCzo/tMzp5D4T4b4
QvApLYPB42HQYtv48hFwnbJrO5+i82Xx0Ok1UluQhmDYhixWE2navj8BvT7LKTVn
AI711wRX92+049Z3+5eQeZczKw/kxqwMol3/tLSavk/4/fUkePQlfc5yHB/TrwNh
oOa5ZeGCJYIwPATm/Wew+R2EyENBzBwFuYU/YMQHgA6h
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:55 2025 by rpki-client