Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/i2pgPLfGxvVKsxwvP7jpCZ897u8.roa
File: i2pgPLfGxvVKsxwvP7jpCZ897u8.roa (raw, json)
Hash identifier: PIeeUA/gNZqcJGhtwhe+daFkUU6UY6qE59gXVtV/2q8=
Subject key identifier: 8B:6A:60:3C:B7:C6:C6:F5:4A:B3:1C:2F:3F:B8:E9:09:9F:3D:EE:EF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 143DB7F6
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/i2pgPLfGxvVKsxwvP7jpCZ897u8.roa
Signing time: Mon 21 Mar 2022 02:23:00 +0000
ROA not before: Mon 21 Mar 2022 02:23:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 212.87.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339589110 (0x143db7f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 21 02:23:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b6a603cb7c6c6f54ab31c2f3fb8e9099f3deeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:a4:07:a9:59:b0:db:e1:1a:a6:b0:d9:bb:
b9:96:55:24:c6:6d:31:bc:90:5b:e6:96:01:42:1a:
f5:81:a6:f7:33:85:e1:70:29:27:79:d6:ac:e5:92:
e1:02:0f:34:4c:ab:92:83:79:31:2f:f2:6c:45:76:
dd:4a:2b:2f:7d:f2:36:97:05:c2:8f:2b:e5:b0:76:
89:ac:df:71:2e:7d:ea:38:51:56:f1:0c:a3:bb:12:
04:f8:ce:04:51:0d:90:5a:90:e3:40:ca:04:21:45:
77:b5:ab:42:06:e9:5a:f8:40:ed:84:05:01:1c:28:
7e:dc:7d:58:37:63:fe:65:b8:d7:17:93:48:4f:ee:
6e:9a:bc:5e:aa:96:62:8e:5b:4d:d9:a7:25:76:cd:
ae:94:31:56:29:7d:32:1d:c8:b8:18:45:6d:5b:b4:
85:89:c5:52:c7:d6:8a:67:f7:ad:7b:ce:7d:31:a3:
a8:b2:59:8f:3f:ca:be:8d:2f:de:69:22:88:bd:62:
a0:60:fa:2e:33:6a:21:ae:fb:21:9b:ff:7e:0e:32:
84:50:b5:89:77:87:38:56:89:db:84:14:d8:97:06:
d1:b1:27:99:a8:f7:0a:05:61:ca:a1:c2:dd:b7:d6:
b5:2f:1b:c9:5b:c1:fd:fb:e1:3c:47:f5:7f:22:7a:
e1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6A:60:3C:B7:C6:C6:F5:4A:B3:1C:2F:3F:B8:E9:09:9F:3D:EE:EF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/i2pgPLfGxvVKsxwvP7jpCZ897u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
23:6a:a2:8c:56:8b:35:32:78:2a:1e:d2:a8:ca:56:4c:36:f3:
6c:7a:8c:07:ad:dd:ed:fa:20:3b:e5:8f:6a:e6:98:ae:23:81:
fa:f2:9f:07:fb:d3:a1:c6:9d:23:f3:23:9b:f1:28:83:56:21:
71:0e:d0:6f:41:76:96:78:20:d4:b2:92:fd:82:e1:b2:2f:a7:
4a:36:02:07:d6:c5:6d:00:39:ce:18:98:53:34:63:ea:d4:9a:
b8:96:fc:6f:e4:f1:66:ca:11:88:8d:08:24:91:12:e7:a2:35:
67:79:65:eb:71:9b:31:55:0f:d7:c7:26:8e:1b:df:2c:7a:49:
a6:b4:89:86:71:50:9a:ad:92:d5:75:60:d0:60:f2:c1:74:6a:
c0:eb:dd:75:29:63:6a:bf:d0:55:1a:5a:e6:b5:54:08:87:26:
f1:45:96:93:dc:77:e8:21:a5:7b:b6:0d:68:98:d0:94:01:e2:
60:4b:f0:9b:54:7c:84:7a:18:fc:16:64:32:8f:f7:a3:5c:b1:
6e:ed:7a:1c:52:95:2c:7e:8d:62:ab:bf:99:75:d6:be:84:35:
2b:66:79:4d:f2:b7:0d:e9:42:47:48:d1:12:10:5f:cf:03:03:
6d:0d:e2:76:5b:2f:e2:dc:de:a6:68:ee:78:fe:61:00:f1:1e:
72:1d:f6:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFD239jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMy
MTAyMjMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI2YTYwM2NiN2M2
YzZmNTRhYjMxYzJmM2ZiOGU5MDk5ZjNkZWVlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqqpAepWbDb4RqmsNm7uZZVJMZtMbyQW+aWAUIa9YGm9zOF
4XApJ3nWrOWS4QIPNEyrkoN5MS/ybEV23UorL33yNpcFwo8r5bB2iazfcS596jhR
VvEMo7sSBPjOBFENkFqQ40DKBCFFd7WrQgbpWvhA7YQFARwoftx9WDdj/mW41xeT
SE/ubpq8XqqWYo5bTdmnJXbNrpQxVil9Mh3IuBhFbVu0hYnFUsfWimf3rXvOfTGj
qLJZjz/Kvo0v3mkiiL1ioGD6LjNqIa77IZv/fg4yhFC1iXeHOFaJ24QU2JcG0bEn
maj3CgVhyqHC3bfWtS8byVvB/fvhPEf1fyJ64SECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSLamA8t8bG9UqzHC8/uOkJnz3u7zAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L2kycGdQTGZHeHZWS3N4d3ZQN2pwQ1o4OTd1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtRXwDANBgkqhkiG9w0BAQsFAAOC
AQEAI2qijFaLNTJ4Kh7SqMpWTDbzbHqMB63d7fogO+WPauaYriOB+vKfB/vTocad
I/Mjm/Eog1YhcQ7Qb0F2lngg1LKS/YLhsi+nSjYCB9bFbQA5zhiYUzRj6tSauJb8
b+TxZsoRiI0IJJES56I1Z3ll63GbMVUP18cmjhvfLHpJprSJhnFQmq2S1XVg0GDy
wXRqwOvddSljar/QVRpa5rVUCIcm8UWWk9x36CGle7YNaJjQlAHiYEvwm1R8hHoY
/BZkMo/3o1yxbu16HFKVLH6NYqu/mXXWvoQ1K2Z5TfK3DelCR0jREhBfzwMDbQ3i
dlsv4tzepmjueP5hAPEech32ng==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org