Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/0l19USHu3wp8WiZBq51nujlF5Uc.roa
File: 0l19USHu3wp8WiZBq51nujlF5Uc.roa (raw, json)
Hash identifier: r7kDDcJUkobHUnr1MjHxhSBRE6cmU4g3Uz+gowTiF58=
Subject key identifier: D2:5D:7D:51:21:EE:DF:0A:7C:5A:26:41:AB:9D:67:BA:39:45:E5:47
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08E74BDD
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/0l19USHu3wp8WiZBq51nujlF5Uc.roa
Signing time: Sat 01 Jan 2022 08:05:14 +0000
ROA not before: Sat 01 Jan 2022 08:05:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25374
IP address blocks: 212.21.130.0/24 maxlen: 24
212.21.140.0/22 maxlen: 24
212.21.144.0/21 maxlen: 24
212.21.152.0/22 maxlen: 24
212.21.156.0/23 maxlen: 24
212.21.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149375965 (0x8e74bdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d25d7d5121eedf0a7c5a2641ab9d67ba3945e547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:82:6b:77:a8:8c:60:84:51:b6:d1:83:76:
34:8f:96:bd:82:8e:85:2f:2c:10:2e:54:d2:c9:ba:
9c:63:cc:75:4d:68:a7:08:eb:98:69:80:4a:22:b8:
d9:04:70:ac:70:f8:11:aa:19:f5:8b:78:a2:1c:99:
7f:15:0b:f6:86:8e:a8:8a:64:93:8c:3f:9d:38:0d:
02:01:0f:a4:e0:14:3d:24:a6:f5:21:a4:f7:b3:d2:
05:67:30:c0:8e:2e:6a:36:1f:ec:e8:09:3b:e4:24:
8e:09:e6:a3:10:46:50:8d:99:f4:f7:54:bd:74:82:
49:fb:3f:d0:cc:bf:3e:1f:0b:16:ae:72:6a:6a:98:
40:57:f6:fa:a7:fc:2a:3e:2d:00:33:8e:2b:21:97:
69:dc:d5:15:f9:e9:79:51:de:0a:ad:06:c6:5a:be:
12:c1:53:3c:0b:62:1e:a5:24:1a:e2:cb:01:e7:1e:
c1:10:69:98:48:e6:97:6b:1c:39:dc:c7:0b:bb:30:
30:f5:31:db:fa:c7:96:d6:01:8e:b2:96:fb:18:75:
f9:ea:32:ee:c6:9e:ae:44:09:77:16:3f:4b:64:71:
79:a5:6a:f9:e3:97:8e:74:1b:df:50:98:ef:d0:c9:
e1:8c:af:dd:cf:d8:f7:63:7a:ea:71:a9:76:cd:54:
03:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5D:7D:51:21:EE:DF:0A:7C:5A:26:41:AB:9D:67:BA:39:45:E5:47
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/0l19USHu3wp8WiZBq51nujlF5Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.130.0/24
212.21.140.0-212.21.158.255
Signature Algorithm: sha256WithRSAEncryption
c3:47:5c:03:39:8a:bc:5b:d4:05:9a:57:cd:c7:8e:4c:27:87:
64:48:1a:ca:8d:af:e8:45:07:2c:a5:57:84:1a:ba:8d:7f:a6:
6f:6c:f1:0f:42:b8:52:84:89:c2:b2:ec:ed:cb:03:6f:6d:c3:
31:e8:4a:da:44:f4:f9:5a:3d:cd:44:76:a7:a6:2b:55:75:0f:
77:77:1e:85:82:06:f5:9e:52:78:c2:dc:e7:dc:ed:7b:73:bb:
59:eb:9b:3c:44:6a:ef:20:0a:9e:54:79:e6:02:9a:3d:93:65:
ae:d4:a1:1f:9d:30:b0:db:ad:17:30:c6:2a:9b:0f:80:63:58:
69:54:5a:bf:9e:f7:4a:7f:94:ea:1a:57:1f:ba:35:81:c2:32:
a9:c6:c7:28:97:37:f0:ff:8e:07:a4:6f:10:de:b5:2c:cd:8c:
90:90:89:3c:f2:04:c9:0a:12:1d:68:ea:99:17:6d:e4:03:2b:
6f:2d:f4:b7:58:25:26:f2:ec:a7:23:de:36:27:7c:6e:63:8c:
fd:8d:9c:4b:e1:7c:65:d5:0c:ad:6b:db:43:36:41:a6:b9:7d:
83:58:56:5b:06:62:a8:bd:c9:d3:29:5b:07:74:39:84:b5:b3:
0e:6d:29:a4:92:c6:2f:bd:d6:86:ee:78:99:ba:42:5b:bd:4a:
28:18:28:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECOdL3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI1ZDdkNTEyMWVl
ZGYwYTdjNWEyNjQxYWI5ZDY3YmEzOTQ1ZTU0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcvgmt3qIxghFG20YN2NI+WvYKOhS8sEC5U0sm6nGPMdU1o
pwjrmGmASiK42QRwrHD4EaoZ9Yt4ohyZfxUL9oaOqIpkk4w/nTgNAgEPpOAUPSSm
9SGk97PSBWcwwI4uajYf7OgJO+QkjgnmoxBGUI2Z9PdUvXSCSfs/0My/Ph8LFq5y
amqYQFf2+qf8Kj4tADOOKyGXadzVFfnpeVHeCq0Gxlq+EsFTPAtiHqUkGuLLAece
wRBpmEjml2scOdzHC7swMPUx2/rHltYBjrKW+xh1+eoy7saerkQJdxY/S2RxeaVq
+eOXjnQb31CY79DJ4Yyv3c/Y92N66nGpds1UAxkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBTSXX1RIe7fCnxaJkGrnWe6OUXlRzAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
LzBsMTlVU0h1M3dwOFdpWkJxNTFudWpsRjVVYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEANQVgjAMAwQC1BWMAwQA1BWeMA0G
CSqGSIb3DQEBCwUAA4IBAQDDR1wDOYq8W9QFmlfNx45MJ4dkSBrKja/oRQcspVeE
GrqNf6ZvbPEPQrhShInCsuztywNvbcMx6EraRPT5Wj3NRHanpitVdQ93dx6Fggb1
nlJ4wtzn3O17c7tZ65s8RGrvIAqeVHnmApo9k2Wu1KEfnTCw260XMMYqmw+AY1hp
VFq/nvdKf5TqGlcfujWBwjKpxscolzfw/44HpG8Q3rUszYyQkIk88gTJChIdaOqZ
F23kAytvLfS3WCUm8uynI942J3xuY4z9jZxL4Xxl1Qyta9tDNkGmuX2DWFZbBmKo
vcnTKVsHdDmEtbMObSmkksYvvdaG7niZukJbvUooGCiJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:35 2024 by rpki-client on console-ams.rpki-client.org