Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/Bd7YZC1Wuo6d3746ZDBo2SI0E44.roa
File: Bd7YZC1Wuo6d3746ZDBo2SI0E44.roa (raw, json)
Hash identifier: Dm5Z5rj6hIUPTbyLaJSngnKhl+yqEeP+pC656q5fjJs=
Subject key identifier: 05:DE:D8:64:2D:56:BA:8E:9D:DF:BE:3A:64:30:68:D9:22:34:13:8E
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 390E8B4E
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/Bd7YZC1Wuo6d3746ZDBo2SI0E44.roa
Signing time: Thu 02 Jun 2022 08:54:20 +0000
ROA not before: Thu 02 Jun 2022 08:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31129
IP address blocks: 212.106.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 957254478 (0x390e8b4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jun 2 08:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05ded8642d56ba8e9ddfbe3a643068d92234138e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d7:60:29:6c:5d:73:c9:e5:4e:04:32:aa:a9:
4c:1f:e6:ab:0e:60:01:b7:73:d5:ba:58:67:70:b1:
a7:42:ee:50:e0:04:01:c0:a2:e1:6a:f0:e7:50:26:
25:db:93:5f:b6:7a:7a:bc:a7:ec:56:f2:98:1a:04:
da:dd:30:74:9e:ac:cc:06:0c:23:87:4d:0a:18:45:
e2:cf:94:b5:04:42:4a:40:31:b2:98:ae:84:f5:69:
73:9b:6b:38:9e:1d:e9:dd:fc:27:2d:ea:11:31:8e:
4f:bd:44:78:8c:e0:42:3c:38:53:71:d4:36:ba:71:
b4:3b:72:c6:a6:77:e8:16:58:a5:7e:93:ab:a3:7d:
d4:cb:de:e5:23:e6:12:89:38:81:72:35:f3:94:80:
24:5e:f3:23:e0:c7:05:52:b9:df:5e:08:65:6b:d9:
c8:b0:5f:43:d8:af:d4:77:d5:f3:8c:8e:4d:bf:e6:
83:d2:0b:87:8d:c1:2e:99:54:d7:98:90:6c:69:79:
03:9b:d9:d4:17:d6:84:b2:31:59:79:49:af:4e:89:
79:2c:02:c5:80:34:a1:81:55:b2:49:a2:8f:84:ce:
ac:bd:ac:18:ef:5b:ed:55:b1:66:9f:37:85:50:cc:
d9:5f:c3:2c:8f:04:da:67:60:8f:b5:99:df:27:a2:
90:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DE:D8:64:2D:56:BA:8E:9D:DF:BE:3A:64:30:68:D9:22:34:13:8E
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/Bd7YZC1Wuo6d3746ZDBo2SI0E44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.106.143.0/24
Signature Algorithm: sha256WithRSAEncryption
34:9c:59:95:b0:e4:87:63:f9:77:0f:4a:51:ab:2f:fd:59:21:
ee:e3:51:18:74:a8:dd:9b:21:40:f2:d8:a2:a9:8e:5e:40:0c:
72:68:83:f5:9c:22:6e:66:9f:7f:40:d7:68:22:db:3b:8c:d0:
eb:87:23:6b:c4:74:b0:0e:ed:ad:eb:06:8b:a9:77:d2:52:ae:
3c:b5:31:5e:12:60:29:0f:04:82:8c:45:95:c6:a1:a4:f6:42:
f3:92:69:9b:90:ca:eb:e9:d9:11:35:0c:07:46:5e:94:7d:56:
d3:04:b8:71:b1:11:a0:c6:55:1b:40:9f:2b:40:cf:8d:7e:3c:
2c:2c:18:d4:06:24:94:58:85:3d:3c:46:d8:24:91:8e:2e:cc:
34:3a:fb:93:bb:5d:7e:0a:6c:18:57:b3:3c:07:6f:a9:55:7d:
6d:7b:d4:dc:90:ce:b2:1f:35:12:e9:25:19:f0:b8:27:36:07:
fc:49:b5:48:bc:0e:31:01:ce:f3:ef:73:70:01:6c:49:83:c3:
a9:43:00:73:86:f6:88:00:b5:c0:b4:2b:05:10:f6:f9:3f:8d:
bb:7b:0b:24:f2:58:66:a1:6c:9e:a8:2b:e5:f7:33:88:c3:1c:
ca:e2:b9:d1:ee:dc:3d:e0:ae:9b:69:a8:17:ee:4b:46:eb:a7:
2c:db:31:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOQ6LTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjQwNWNhYWIzNGJiZmRlNmI4ZWU2NmM2MDA4NjBjNmNlOTZmMzJiMB4XDTIyMDYw
MjA4NTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVkZWQ4NjQyZDU2
YmE4ZTlkZGZiZTNhNjQzMDY4ZDkyMjM0MTM4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHXYClsXXPJ5U4EMqqpTB/mqw5gAbdz1bpYZ3Cxp0LuUOAE
AcCi4Wrw51AmJduTX7Z6eryn7FbymBoE2t0wdJ6szAYMI4dNChhF4s+UtQRCSkAx
spiuhPVpc5trOJ4d6d38Jy3qETGOT71EeIzgQjw4U3HUNrpxtDtyxqZ36BZYpX6T
q6N91Mve5SPmEok4gXI185SAJF7zI+DHBVK5314IZWvZyLBfQ9iv1HfV84yOTb/m
g9ILh43BLplU15iQbGl5A5vZ1BfWhLIxWXlJr06JeSwCxYA0oYFVskmij4TOrL2s
GO9b7VWxZp83hVDM2V/DLI8E2mdgj7WZ3yeikDcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQF3thkLVa6jp3fvjpkMGjZIjQTjjAfBgNVHSMEGDAWgBRLQFyqs0u/3muO
5mxgCGDGzpbzKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MwQmNxck5Mdjk1cmp1WnNZQWhneHM2Vzh5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvOTE0ZDM5LTMwMjAtNGI3OS1hZDI2LWQ4N2FmZmI4YmM2MS8x
L0JkN1laQzFXdW82ZDM3NDZaREJvMlNJMEU0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
OTE0ZDM5LTMwMjAtNGI3OS1hZDI2LWQ4N2FmZmI4YmM2MS8xL1MwQmNxck5Mdjk1
cmp1WnNZQWhneHM2Vzh5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRqjzANBgkqhkiG9w0BAQsFAAOC
AQEANJxZlbDkh2P5dw9KUasv/Vkh7uNRGHSo3ZshQPLYoqmOXkAMcmiD9Zwibmaf
f0DXaCLbO4zQ64cja8R0sA7tresGi6l30lKuPLUxXhJgKQ8EgoxFlcahpPZC85Jp
m5DK6+nZETUMB0ZelH1W0wS4cbERoMZVG0CfK0DPjX48LCwY1AYklFiFPTxG2CSR
ji7MNDr7k7tdfgpsGFezPAdvqVV9bXvU3JDOsh81EuklGfC4JzYH/Em1SLwOMQHO
8+9zcAFsSYPDqUMAc4b2iAC1wLQrBRD2+T+Nu3sLJPJYZqFsnqgr5fcziMMcyuK5
0e7cPeCum2moF+5LRuunLNsx+g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:44 2025 by rpki-client