Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/z2YMhZY3R_TTiGg2w04chNUuw_I.roa
File: z2YMhZY3R_TTiGg2w04chNUuw_I.roa (raw, json)
Hash identifier: hnTbkSZsSWNf1bMSQKN7RxTg/zMV+QgCGObQ6fI09xU=
Subject key identifier: CF:66:0C:85:96:37:47:F4:D3:88:68:36:C3:4E:1C:84:D5:2E:C3:F2
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01856C78506EBA50DB6C3B9B1DE4B8A6B799
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/z2YMhZY3R_TTiGg2w04chNUuw_I.roa
Signing time: Sun 01 Jan 2023 08:35:02 +0000
ROA not before: Sun 01 Jan 2023 08:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 212.60.0.0/22 maxlen: 24
139.28.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:50:6e:ba:50:db:6c:3b:9b:1d:e4:b8:a6:b7:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 08:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf660c85963747f4d3886836c34e1c84d52ec3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4c:2c:5d:66:cb:f6:6a:f7:49:db:ca:62:ab:
6f:f3:48:10:07:10:7a:1d:6b:26:de:e7:31:3b:d5:
67:13:f2:5e:47:1f:6e:ce:24:d2:e9:dc:91:39:f0:
c6:bf:d5:d2:3d:e0:14:ba:1a:37:eb:57:d2:50:e8:
b4:b1:dc:ab:11:f9:b9:42:e8:8d:b7:8f:7c:0c:08:
ec:42:08:90:20:e1:a9:6b:f7:e7:5f:8c:77:16:85:
25:7e:d0:15:97:4b:ae:f8:4e:ba:4b:2d:33:8b:7a:
8c:e5:0a:8e:89:bb:5f:8e:3c:fa:e0:1d:70:56:aa:
15:0a:79:8a:76:bf:33:73:53:89:02:9e:c7:92:17:
a2:be:5f:1c:63:3e:81:fc:55:11:13:ef:fe:3a:bf:
06:8d:87:4c:30:59:ab:13:a6:31:1d:fa:a4:ea:44:
a6:66:58:60:8a:11:49:28:91:52:34:57:0a:a4:25:
55:25:38:e2:12:ee:d1:02:6d:cd:e3:80:49:76:6f:
d3:37:ab:f4:c1:7f:20:1d:71:d5:e7:39:83:cd:16:
ad:cf:47:0a:fc:32:25:66:0f:fa:3f:be:15:46:34:
18:e7:84:fd:f7:60:89:5e:f8:42:63:0e:73:66:85:
17:9f:9f:84:91:7b:db:64:ca:3d:ef:f6:50:02:cf:
7f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:66:0C:85:96:37:47:F4:D3:88:68:36:C3:4E:1C:84:D5:2E:C3:F2
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/z2YMhZY3R_TTiGg2w04chNUuw_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.172.0/22
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
09:93:40:36:8d:11:a4:93:44:82:a9:0b:b7:6e:48:0d:a4:d2:
fa:a1:16:4e:09:0e:84:fb:49:48:ce:e4:bc:2a:e5:4b:52:72:
91:ae:c1:42:d2:67:59:0e:d9:35:7a:2e:bc:52:2c:91:93:77:
cc:b9:16:e9:e8:b6:14:86:dc:b0:c6:a1:a0:1f:71:bb:cd:18:
a7:54:a6:88:20:d0:a9:ef:1c:ac:16:eb:fc:ae:cb:4b:60:48:
35:62:93:fa:e5:60:2b:14:ee:6c:43:12:2b:96:f6:a3:be:27:
5b:32:01:fd:cf:43:34:ee:11:3c:bf:55:b6:df:ff:db:24:39:
e9:1a:8e:59:09:d7:b1:b7:53:29:9e:91:1a:99:8e:b0:10:dd:
9c:ef:43:23:67:05:15:0c:e2:a2:53:11:26:71:eb:00:d9:fd:
a4:b9:fe:a0:95:40:54:2a:7f:29:75:24:2e:8b:52:c5:3f:5a:
9f:19:a0:52:25:88:04:c1:9f:70:b6:70:53:9b:7b:cc:b8:89:
ec:1a:92:68:97:43:c7:50:2c:54:e0:e3:c1:21:52:1a:8c:89:
1b:07:6f:1e:d7:2a:3a:a8:26:d6:37:d6:43:ed:52:e7:f4:6d:
58:2a:a2:bd:74:77:28:6e:0f:53:5a:9a:8f:f1:ba:71:a1:d2:
48:68:88:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVseFBuulDbbDubHeS4preZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwMTAxMDgzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY2MGM4NTk2Mzc0N2Y0ZDM4ODY4MzZjMzRlMWM4NGQ1MmVjM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEwsXWbL9mr3SdvKYqtv80gQBxB6
HWsm3ucxO9VnE/JeRx9uziTS6dyROfDGv9XSPeAUuho361fSUOi0sdyrEfm5QuiN
t498DAjsQgiQIOGpa/fnX4x3FoUlftAVl0uu+E66Sy0zi3qM5QqOibtfjjz64B1w
VqoVCnmKdr8zc1OJAp7Hkheivl8cYz6B/FURE+/+Or8GjYdMMFmrE6YxHfqk6kSm
ZlhgihFJKJFSNFcKpCVVJTjiEu7RAm3N44BJdm/TN6v0wX8gHXHV5zmDzRatz0cK
/DIlZg/6P74VRjQY54T992CJXvhCYw5zZoUXn5+EkXvbZMo97/ZQAs9/QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM9mDIWWN0f004hoNsNOHITVLsPyMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvejJZTWhaWTNSX1RUaUdnMncwNGNoTlV1d19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCixysAwQC
1DwAMA0GCSqGSIb3DQEBCwUAA4IBAQAJk0A2jRGkk0SCqQu3bkgNpNL6oRZOCQ6E
+0lIzuS8KuVLUnKRrsFC0mdZDtk1ei68UiyRk3fMuRbp6LYUhtywxqGgH3G7zRin
VKaIINCp7xysFuv8rstLYEg1YpP65WArFO5sQxIrlvajvidbMgH9z0M07hE8v1W2
3//bJDnpGo5ZCdext1MpnpEamY6wEN2c70MjZwUVDOKiUxEmcesA2f2kuf6glUBU
Kn8pdSQui1LFP1qfGaBSJYgEwZ9wtnBTm3vMuInsGpJol0PHUCxU4OPBIVIajIkb
B28e1yo6qCbWN9ZD7VLn9G1YKqK9dHcobg9TWpqP8bpxodJIaIhZ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:45 2025 by rpki-client