Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/l2ASj0s3BV603ilUUHTs9cv-KJA.roa
File: l2ASj0s3BV603ilUUHTs9cv-KJA.roa (raw, json)
Hash identifier: APusBVhmcY64ypbbmArcu3NdDLjzB22bG+ad5Cx+yLg=
Subject key identifier: 97:60:12:8F:4B:37:05:5E:B4:DE:29:54:50:74:EC:F5:CB:FE:28:90
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08F3E9CD
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/l2ASj0s3BV603ilUUHTs9cv-KJA.roa
Signing time: Sat 01 Jan 2022 08:05:24 +0000
ROA not before: Sat 01 Jan 2022 08:05:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200361
IP address blocks: 212.21.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150202829 (0x8f3e9cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9760128f4b37055eb4de29545074ecf5cbfe2890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f9:36:48:9f:d1:17:92:19:90:a8:68:a5:b7:
b4:90:31:91:96:bc:1a:86:a8:86:5a:f3:f0:75:3a:
59:79:05:bf:5b:7b:55:1f:10:78:22:ad:e7:f8:5c:
ba:18:6c:bd:3e:5b:9b:12:5e:85:69:af:02:06:2b:
a5:b5:10:ef:94:0f:f0:64:7d:55:71:12:a3:85:ec:
48:4a:21:9e:11:c1:bd:bf:d6:1c:90:70:1a:97:40:
01:c1:24:2d:ee:3a:80:2f:ea:cc:3c:3f:62:bd:0c:
10:84:a3:99:e5:ed:d3:2e:fe:f3:34:55:9e:91:2b:
87:f3:24:e6:66:e1:8e:96:3a:78:b4:b3:92:5d:50:
3c:2e:7b:aa:6f:54:c3:8b:77:cd:0b:6d:3d:82:1c:
c7:91:95:7d:c5:ba:32:ae:35:81:cc:35:aa:55:80:
48:25:92:d4:13:92:a6:13:d4:58:92:3c:6c:38:b2:
d5:a5:ab:59:40:5a:54:68:72:1e:c5:db:87:61:3e:
9b:54:8f:85:08:6d:c0:9e:f4:a4:47:89:fb:52:0c:
ba:a9:11:67:b0:cc:10:2e:db:dd:27:2e:0b:a8:cf:
a7:81:13:0c:52:31:e4:a5:59:20:cc:63:44:0c:5c:
79:95:4b:11:bd:24:c0:33:a6:b4:b6:13:ee:24:b2:
59:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:60:12:8F:4B:37:05:5E:B4:DE:29:54:50:74:EC:F5:CB:FE:28:90
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/l2ASj0s3BV603ilUUHTs9cv-KJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.134.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:e7:b7:6f:fc:96:d2:8f:6e:33:31:2a:44:80:d3:2b:43:fe:
14:38:d3:9a:07:49:df:b1:ac:af:26:56:94:20:bc:ac:a8:53:
51:10:88:59:21:0a:24:06:33:6a:40:8b:48:f3:c9:2b:9e:2b:
6d:5a:2a:6f:08:6d:b0:a4:7f:86:1f:35:bb:92:32:32:d7:e7:
b6:a9:6f:38:59:72:5e:58:b0:55:c8:87:eb:21:76:a0:d2:fb:
2a:2b:79:9e:73:20:df:56:dc:90:14:46:fc:39:1b:6b:97:af:
c6:8f:b1:92:ec:2e:46:75:73:f0:36:4b:0a:e8:cc:99:9c:a5:
5c:3b:ac:d9:3f:14:c3:6a:05:81:2c:c8:a5:aa:07:a1:f5:fb:
60:63:db:9f:48:5e:98:c4:93:e5:7d:4e:eb:eb:94:16:39:5c:
b2:ce:42:f9:ad:2b:f1:75:42:b6:de:61:74:75:dd:0b:53:fb:
55:ed:03:d2:d0:d4:60:d8:b9:ca:d4:93:17:09:0c:5c:aa:9c:
4e:6c:74:31:e7:60:a4:12:26:b6:57:65:cb:78:02:fc:92:d7:
23:3a:b8:7b:ae:f9:19:3e:ae:ed:cd:d0:f9:a7:54:e4:87:f8:
3a:e3:fc:f5:7d:09:1f:ea:80:1d:57:64:d9:93:c3:23:31:7c:
d3:b1:be:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECPPpzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2MDEyOGY0YjM3
MDU1ZWI0ZGUyOTU0NTA3NGVjZjVjYmZlMjg5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKT5Nkif0ReSGZCoaKW3tJAxkZa8Goaohlrz8HU6WXkFv1t7
VR8QeCKt5/hcuhhsvT5bmxJehWmvAgYrpbUQ75QP8GR9VXESo4XsSEohnhHBvb/W
HJBwGpdAAcEkLe46gC/qzDw/Yr0MEISjmeXt0y7+8zRVnpErh/Mk5mbhjpY6eLSz
kl1QPC57qm9Uw4t3zQttPYIcx5GVfcW6Mq41gcw1qlWASCWS1BOSphPUWJI8bDiy
1aWrWUBaVGhyHsXbh2E+m1SPhQhtwJ70pEeJ+1IMuqkRZ7DMEC7b3ScuC6jPp4ET
DFIx5KVZIMxjRAxceZVLEb0kwDOmtLYT7iSyWS8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXYBKPSzcFXrTeKVRQdOz1y/4okDAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L2wyQVNqMHMzQlY2MDNpbFVVSFRzOWN2LUtKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQVhjANBgkqhkiG9w0BAQsFAAOC
AQEAuOe3b/yW0o9uMzEqRIDTK0P+FDjTmgdJ37GsryZWlCC8rKhTURCIWSEKJAYz
akCLSPPJK54rbVoqbwhtsKR/hh81u5IyMtfntqlvOFlyXliwVciH6yF2oNL7Kit5
nnMg31bckBRG/Dkba5evxo+xkuwuRnVz8DZLCujMmZylXDus2T8Uw2oFgSzIpaoH
ofX7YGPbn0hemMST5X1O6+uUFjlcss5C+a0r8XVCtt5hdHXdC1P7Ve0D0tDUYNi5
ytSTFwkMXKqcTmx0MedgpBImtldly3gC/JLXIzq4e675GT6u7c3Q+adU5If4OuP8
9X0JH+qAHVdk2ZPDIzF807G+vg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:37 2023 by rpki-client on console-ams.rpki-client.org