Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/eJf-cfqWNXDTGmXfxuhFR2qQIFo.roa
File: eJf-cfqWNXDTGmXfxuhFR2qQIFo.roa (raw, json)
Hash identifier: lSyVH9K6/1i3lZ1QA4ymsfBPXrxKia3HuVVwjqlp5zc=
Subject key identifier: 78:97:FE:71:FA:96:35:70:D3:1A:65:DF:C6:E8:45:47:6A:90:20:5A
Certificate issuer: /CN=666d97ceb84e9c616bfe6d93576cc33bbf4b63ef
Certificate serial: 05A4519F
Authority key identifier: 66:6D:97:CE:B8:4E:9C:61:6B:FE:6D:93:57:6C:C3:3B:BF:4B:63:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zm2XzrhOnGFr_m2TV2zDO79LY-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/eJf-cfqWNXDTGmXfxuhFR2qQIFo.roa
Signing time: Sat 01 Jan 2022 14:02:36 +0000
ROA not before: Sat 01 Jan 2022 14:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16141
IP address blocks: 212.70.244.0/22 maxlen: 22
212.70.248.0/22 maxlen: 22
212.70.224.0/19 maxlen: 24
212.70.226.0/24 maxlen: 24
212.70.228.0/22 maxlen: 22
212.70.232.0/21 maxlen: 21
212.70.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94654879 (0x5a4519f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666d97ceb84e9c616bfe6d93576cc33bbf4b63ef
Validity
Not Before: Jan 1 14:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7897fe71fa963570d31a65dfc6e845476a90205a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:53:08:85:3c:95:e1:60:0b:97:0c:32:cf:9a:
6d:fa:f7:a9:2a:0b:66:b0:88:70:45:1a:58:49:ad:
94:f2:bf:6d:02:a5:f4:18:41:44:e6:c8:9c:75:e7:
74:69:55:4e:17:2c:81:39:8f:7a:79:86:48:56:38:
26:f9:f7:7f:64:6c:ee:e1:30:48:25:cc:09:9a:9d:
d9:3e:f1:6d:e3:b7:83:3b:99:cd:15:b9:f9:86:e2:
8d:46:f0:13:d6:37:e1:41:51:06:de:5c:d6:51:d1:
25:aa:ef:b1:e1:4d:b8:62:06:3a:13:e1:3d:f1:be:
71:9b:b7:30:d5:61:5c:95:85:e7:d9:f7:d1:1e:36:
91:df:0a:dd:86:ef:3d:6d:9d:73:cb:9b:39:37:15:
9e:24:14:01:f7:d8:e4:e3:a3:0b:88:62:93:eb:bb:
85:c8:cc:f1:91:d5:e6:d4:ad:cb:d1:e4:84:82:53:
d4:b9:cd:f1:32:2e:a0:bc:52:0e:c8:fc:e8:e2:30:
20:88:60:d2:0a:60:78:f5:b2:f5:66:9e:69:12:32:
20:1b:a3:ec:4e:f6:02:fd:94:bc:56:01:03:bf:40:
8b:70:dc:71:e5:1a:07:28:d5:09:2b:e7:f3:7d:65:
bc:81:3a:38:67:6f:ae:13:49:36:45:f8:87:eb:95:
67:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:97:FE:71:FA:96:35:70:D3:1A:65:DF:C6:E8:45:47:6A:90:20:5A
X509v3 Authority Key Identifier:
keyid:66:6D:97:CE:B8:4E:9C:61:6B:FE:6D:93:57:6C:C3:3B:BF:4B:63:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zm2XzrhOnGFr_m2TV2zDO79LY-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/eJf-cfqWNXDTGmXfxuhFR2qQIFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/81235b-2e04-471f-8689-69baafdd9a6e/1/Zm2XzrhOnGFr_m2TV2zDO79LY-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.70.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4a:b9:d7:76:73:8c:7e:70:07:e3:2a:cc:3d:b6:8b:30:55:49:
52:7e:dd:c7:61:17:3c:14:63:9a:6d:dd:b7:e0:b0:42:5f:03:
d5:5d:3c:37:cd:38:f5:1f:41:f4:81:ff:67:5e:5a:19:d1:3b:
4a:db:80:2a:59:ec:39:e0:a3:64:9e:d5:bc:51:5a:00:56:6c:
7e:ff:05:eb:1b:84:c9:4a:3a:30:43:14:c6:67:39:52:c7:b1:
43:ca:cf:72:bf:83:f3:9b:84:16:bd:21:8f:4d:3d:54:a5:ab:
f8:46:ce:27:10:df:bd:27:c2:c9:1e:1c:63:d1:13:b9:55:e4:
07:ce:65:6b:38:e4:24:bf:6f:73:52:fc:5b:12:38:77:b6:a1:
fb:72:e7:3f:88:5c:55:7f:6e:8e:99:4a:73:a7:4d:bd:44:cc:
2c:e0:45:27:e7:96:41:fe:5f:9a:17:9d:da:49:f0:5e:d9:2e:
50:e2:1a:53:4d:ce:95:d0:5a:78:df:87:5b:c9:42:3c:10:90:
aa:d3:0f:5d:3d:80:8b:75:fb:90:35:bb:78:93:bc:a6:df:bc:
24:df:4f:06:2d:69:18:e8:50:4f:01:5e:ff:7f:2f:e3:63:50:
cb:34:cb:1d:86:ec:9b:11:80:b3:7a:3f:84:9f:ca:6d:e7:fc:
45:cd:ca:3d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaRRnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjZkOTdjZWI4NGU5YzYxNmJmZTZkOTM1NzZjYzMzYmJmNGI2M2VmMB4XDTIyMDEw
MTE0MDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzg5N2ZlNzFmYTk2
MzU3MGQzMWE2NWRmYzZlODQ1NDc2YTkwMjA1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxTCIU8leFgC5cMMs+abfr3qSoLZrCIcEUaWEmtlPK/bQKl
9BhBRObInHXndGlVThcsgTmPenmGSFY4Jvn3f2Rs7uEwSCXMCZqd2T7xbeO3gzuZ
zRW5+YbijUbwE9Y34UFRBt5c1lHRJarvseFNuGIGOhPhPfG+cZu3MNVhXJWF59n3
0R42kd8K3YbvPW2dc8ubOTcVniQUAffY5OOjC4hik+u7hcjM8ZHV5tSty9HkhIJT
1LnN8TIuoLxSDsj86OIwIIhg0gpgePWy9WaeaRIyIBuj7E72Av2UvFYBA79Ai3Dc
ceUaByjVCSvn831lvIE6OGdvrhNJNkX4h+uVZ7kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR4l/5x+pY1cNMaZd/G6EVHapAgWjAfBgNVHSMEGDAWgBRmbZfOuE6cYWv+
bZNXbMM7v0tj7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ptMlh6cmhPbkdGcl9tMlRWMnpETzc5TFktOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvODEyMzViLTJlMDQtNDcxZi04Njg5LTY5YmFhZmRkOWE2ZS8x
L2VKZi1jZnFXTlhEVEdtWGZ4dWhGUjJxUUlGby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ODEyMzViLTJlMDQtNDcxZi04Njg5LTY5YmFhZmRkOWE2ZS8xL1ptMlh6cmhPbkdG
cl9tMlRWMnpETzc5TFktOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdRG4DANBgkqhkiG9w0BAQsFAAOC
AQEASrnXdnOMfnAH4yrMPbaLMFVJUn7dx2EXPBRjmm3dt+CwQl8D1V08N8049R9B
9IH/Z15aGdE7StuAKlnsOeCjZJ7VvFFaAFZsfv8F6xuEyUo6MEMUxmc5UsexQ8rP
cr+D85uEFr0hj009VKWr+EbOJxDfvSfCyR4cY9ETuVXkB85lazjkJL9vc1L8WxI4
d7ah+3LnP4hcVX9ujplKc6dNvUTMLOBFJ+eWQf5fmhed2knwXtkuUOIaU03OldBa
eN+HW8lCPBCQqtMPXT2Ai3X7kDW7eJO8pt+8JN9PBi1pGOhQTwFe/38v42NQyzTL
HYbsmxGAs3o/hJ/Kbef8Rc3KPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:54 2024 by rpki-client on console-ams.rpki-client.org