Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/ljROCuOZtAxBHx9qyAjOUaXicoc.roa
File: ljROCuOZtAxBHx9qyAjOUaXicoc.roa (raw, json)
Hash identifier: SnR0avsTqwTAtCdy7JLzDlSwKwce2nfKQ86ISUt/YCw=
Subject key identifier: 96:34:4E:0A:E3:99:B4:0C:41:1F:1F:6A:C8:08:CE:51:A5:E2:72:87
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 0186979CE2FE10BDA138F89DDC967FE77F4A
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/ljROCuOZtAxBHx9qyAjOUaXicoc.roa
Signing time: Tue 28 Feb 2023 10:41:26 +0000
ROA not before: Tue 28 Feb 2023 10:41:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202712
IP address blocks: 212.7.214.0/24 maxlen: 24
212.7.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:9c:e2:fe:10:bd:a1:38:f8:9d:dc:96:7f:e7:7f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Feb 28 10:41:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96344e0ae399b40c411f1f6ac808ce51a5e27287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:8a:e9:b5:77:3c:c6:b8:4f:3a:be:52:b9:
04:d4:1d:cf:bb:b7:13:44:a9:81:69:62:3c:52:c5:
25:c9:e3:29:69:8e:19:10:e0:b3:73:af:9f:ce:68:
56:11:37:39:33:fe:6f:80:c8:36:9e:59:c0:cb:8b:
ae:ea:69:2b:98:e7:93:42:97:dd:10:84:84:2e:51:
ab:59:76:fc:3d:9a:60:c2:38:6b:89:6f:d7:9c:c6:
23:72:b1:6f:4f:10:15:c0:2a:35:0a:42:c8:67:3a:
ff:48:52:02:fe:24:1c:3f:53:18:b9:9a:d2:58:62:
50:1d:fd:32:7e:76:cf:1b:e8:1a:4b:e5:e8:c1:e9:
bf:c2:18:e6:45:fc:a5:db:b0:d4:2f:aa:f8:c3:d4:
1f:11:2b:8b:ce:b1:be:8d:f6:9e:e0:a4:1c:1d:17:
8a:11:87:cc:fa:73:62:38:ea:d5:aa:36:a5:67:24:
d7:88:d0:bf:ab:b6:6f:1a:cd:49:96:4c:e9:44:22:
c7:a3:2b:26:17:be:a5:52:29:4b:5a:f1:17:b8:50:
75:28:81:d5:ff:9e:49:e9:a0:84:93:11:0a:5a:1f:
22:84:ff:bf:f1:a7:ff:68:c8:86:40:eb:ca:40:b7:
08:b3:0f:36:c8:83:2a:7c:ba:37:aa:12:3f:f4:17:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:34:4E:0A:E3:99:B4:0C:41:1F:1F:6A:C8:08:CE:51:A5:E2:72:87
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/ljROCuOZtAxBHx9qyAjOUaXicoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.7.214.0/23
Signature Algorithm: sha256WithRSAEncryption
62:28:99:2c:c4:d8:71:f0:7c:48:a6:20:c2:b3:67:a0:67:03:
79:25:e7:22:32:2d:fd:ce:ca:24:69:ec:e6:68:ee:1c:d9:8d:
86:3b:88:c7:62:ed:7e:90:86:06:ee:4e:16:12:ad:c1:d7:44:
47:92:f2:8e:5d:75:39:c2:d2:16:10:da:28:8d:6f:99:76:21:
83:ff:99:b8:4e:4b:5a:e8:f4:1b:d9:f9:45:32:53:a0:01:38:
4b:56:5d:cf:95:e2:78:11:8f:00:59:5e:ef:de:f7:7e:f2:81:
84:f5:97:dc:2b:0c:32:f5:ea:85:e9:4e:1f:de:c5:f7:e8:a8:
d8:61:83:7f:2e:0c:e5:c4:44:b4:57:cb:51:dd:05:59:f5:c8:
89:7e:1d:07:b9:30:fe:26:c5:3e:bd:cd:79:6a:a8:42:e3:4b:
31:fc:65:22:3b:ba:3d:16:58:08:ef:85:a9:99:74:a4:b6:ad:
b7:ef:85:82:ff:ef:5e:e5:fe:af:df:85:82:87:5e:93:12:87:
ee:dd:7d:04:e8:88:32:f4:40:a1:5d:eb:ba:64:a8:76:07:53:
ed:04:ca:c1:82:30:85:d8:57:e2:c3:14:65:e5:73:f1:aa:72:
ea:3d:9c:f4:47:ac:09:b3:d9:fb:76:60:6c:50:0d:30:e0:79:
5e:3a:bb:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaXnOL+EL2hOPid3JZ/539KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjMwMjI4MTA0MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjM0NGUwYWUzOTliNDBjNDExZjFmNmFjODA4Y2U1MWE1ZTI3Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+qK6bV3PMa4Tzq+UrkE1B3Pu7cT
RKmBaWI8UsUlyeMpaY4ZEOCzc6+fzmhWETc5M/5vgMg2nlnAy4uu6mkrmOeTQpfd
EISELlGrWXb8PZpgwjhriW/XnMYjcrFvTxAVwCo1CkLIZzr/SFIC/iQcP1MYuZrS
WGJQHf0yfnbPG+gaS+Xowem/whjmRfyl27DUL6r4w9QfESuLzrG+jfae4KQcHReK
EYfM+nNiOOrVqjalZyTXiNC/q7ZvGs1JlkzpRCLHoysmF76lUilLWvEXuFB1KIHV
/55J6aCEkxEKWh8ihP+/8af/aMiGQOvKQLcIsw82yIMqfLo3qhI/9BekdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJY0TgrjmbQMQR8fasgIzlGl4nKHMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvbGpST0N1T1p0QXhCSHg5cXlBak9VYVhpY29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1AfWMA0G
CSqGSIb3DQEBCwUAA4IBAQBiKJksxNhx8HxIpiDCs2egZwN5JeciMi39zsokaezm
aO4c2Y2GO4jHYu1+kIYG7k4WEq3B10RHkvKOXXU5wtIWENoojW+ZdiGD/5m4Tkta
6PQb2flFMlOgAThLVl3PleJ4EY8AWV7v3vd+8oGE9ZfcKwwy9eqF6U4f3sX36KjY
YYN/LgzlxES0V8tR3QVZ9ciJfh0HuTD+JsU+vc15aqhC40sx/GUiO7o9FlgI74Wp
mXSktq2374WC/+9e5f6v34WCh16TEofu3X0E6Igy9EChXeu6ZKh2B1PtBMrBgjCF
2FfiwxRl5XPxqnLqPZz0R6wJs9n7dmBsUA0w4HleOruN
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:29:48 2025 by rpki-client