Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/oP9OtsdeUbiPiFIW03fAwdcZneU.roa
File: oP9OtsdeUbiPiFIW03fAwdcZneU.roa (raw, json)
Hash identifier: TC1Tkj2tYP7uOM293cpZ8DBLy81T1vM72hY1KzUOFUs=
Subject key identifier: A0:FF:4E:B6:C7:5E:51:B8:8F:88:52:16:D3:77:C0:C1:D7:19:9D:E5
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AAC59CB
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/oP9OtsdeUbiPiFIW03fAwdcZneU.roa
Signing time: Sat 01 Jan 2022 16:03:02 +0000
ROA not before: Sat 01 Jan 2022 16:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31541
IP address blocks: 212.252.204.0/24 maxlen: 24
212.252.205.0/24 maxlen: 24
212.252.206.0/24 maxlen: 24
212.252.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447502795 (0x1aac59cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0ff4eb6c75e51b88f885216d377c0c1d7199de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:9e:d2:df:bd:8a:58:85:e9:40:e4:7f:3a:
3c:98:03:95:72:b7:85:89:9e:96:7b:87:ab:d9:9f:
9d:2d:a5:39:2d:76:df:73:5b:a5:0b:2c:bb:2f:a4:
ea:93:4b:e7:78:63:fe:19:d8:84:29:bf:bb:a9:c9:
b4:de:8f:7e:57:f2:fb:37:64:e3:94:b0:cf:52:4f:
2e:a3:a4:23:6e:2d:6a:93:52:d6:b2:ae:6c:03:ff:
ef:6f:2a:5a:75:1d:cd:21:4c:ff:08:12:b4:1d:18:
9b:8a:a8:f1:0c:75:6a:4b:77:05:f8:d7:c1:a9:1f:
03:e3:71:69:0f:64:99:d1:42:11:d9:48:fe:88:af:
54:09:5a:dc:fe:1f:54:df:31:51:42:54:00:56:9f:
7d:25:4a:8b:ae:f2:f2:39:63:ca:a9:cb:bb:a2:bc:
6c:f2:4d:99:bc:48:99:1d:81:24:aa:e8:b2:d6:5e:
61:29:b7:cc:3c:f9:41:4c:88:a4:8f:ae:3c:eb:d8:
58:35:3e:f8:79:f2:2a:33:c7:bb:9c:b1:37:51:f6:
8f:72:5a:6e:f7:8e:83:3d:02:2a:23:31:15:ad:f0:
19:95:f7:db:d1:e7:0a:be:4b:89:c3:d8:d7:31:85:
17:6f:0e:99:4d:8b:98:9f:6c:aa:8c:40:05:38:0e:
41:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FF:4E:B6:C7:5E:51:B8:8F:88:52:16:D3:77:C0:C1:D7:19:9D:E5
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/oP9OtsdeUbiPiFIW03fAwdcZneU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.252.204.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:0b:2d:13:09:05:2c:d3:5d:df:13:74:d1:f4:7a:28:ed:5b:
17:f9:d0:9c:20:1a:ae:c5:e7:73:28:53:2e:42:42:98:03:2b:
b3:a0:30:02:2e:5f:9d:0b:86:ab:52:ae:ce:ff:92:3a:c5:e8:
83:1f:fe:f5:43:49:9c:a3:17:06:4c:9d:fb:d5:60:b7:c9:f4:
6b:9b:88:e3:a6:ce:82:32:2c:3e:66:5c:3f:db:4b:50:61:c3:
95:57:63:88:70:39:d9:43:00:38:b9:69:1a:b0:1e:51:f7:13:
81:0e:ca:63:24:82:80:46:36:53:86:92:b0:92:a9:0f:76:6b:
0e:82:c6:9a:f8:0b:fb:7c:2f:d5:37:b2:f2:78:71:8d:9c:a6:
52:b1:b4:40:85:81:9a:b1:cb:22:0d:76:65:5b:15:9d:30:fc:
aa:de:02:02:8b:21:d7:83:3a:c9:d6:f0:81:4b:a6:b5:5a:bb:
e0:9f:41:29:fb:81:de:fd:51:31:a2:5e:e2:15:23:0b:36:4d:
fa:64:ab:8d:75:bb:35:2e:60:60:be:f2:95:26:b5:37:52:91:
fb:ab:d5:55:b3:3a:81:e8:da:af:80:d8:41:09:0d:19:36:03:
24:2f:7c:e0:bc:d0:1c:84:28:c7:3f:7a:76:b9:09:50:88:b7:
91:90:58:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGqxZyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBmZjRlYjZjNzVl
NTFiODhmODg1MjE2ZDM3N2MwYzFkNzE5OWRlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSLntLfvYpYhelA5H86PJgDlXK3hYmelnuHq9mfnS2lOS12
33NbpQssuy+k6pNL53hj/hnYhCm/u6nJtN6Pflfy+zdk45Swz1JPLqOkI24tapNS
1rKubAP/728qWnUdzSFM/wgStB0Ym4qo8Qx1akt3BfjXwakfA+NxaQ9kmdFCEdlI
/oivVAla3P4fVN8xUUJUAFaffSVKi67y8jljyqnLu6K8bPJNmbxImR2BJKrostZe
YSm3zDz5QUyIpI+uPOvYWDU++HnyKjPHu5yxN1H2j3JabveOgz0CKiMxFa3wGZX3
29HnCr5LicPY1zGFF28OmU2LmJ9sqoxABTgOQYMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSg/062x15RuI+IUhbTd8DB1xmd5TAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L29QOU90c2RlVWJpUGlGSVcwM2ZBd2RjWm5lVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtT8zDANBgkqhkiG9w0BAQsFAAOC
AQEADwstEwkFLNNd3xN00fR6KO1bF/nQnCAarsXncyhTLkJCmAMrs6AwAi5fnQuG
q1Kuzv+SOsXogx/+9UNJnKMXBkyd+9Vgt8n0a5uI46bOgjIsPmZcP9tLUGHDlVdj
iHA52UMAOLlpGrAeUfcTgQ7KYySCgEY2U4aSsJKpD3ZrDoLGmvgL+3wv1Tey8nhx
jZymUrG0QIWBmrHLIg12ZVsVnTD8qt4CAosh14M6ydbwgUumtVq74J9BKfuB3v1R
MaJe4hUjCzZN+mSrjXW7NS5gYL7ylSa1N1KR+6vVVbM6gejar4DYQQkNGTYDJC98
4LzQHIQoxz96drkJUIi3kZBY4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org