Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/I9GerDAOejfVXXroyv1OqNLMhB4.roa
File: I9GerDAOejfVXXroyv1OqNLMhB4.roa (raw, json)
Hash identifier: TammFegc8a8fHoviY3MbFN+ZxqurADFsqx8aTAdZ3gk=
Subject key identifier: 23:D1:9E:AC:30:0E:7A:37:D5:5D:7A:E8:CA:FD:4E:A8:D2:CC:84:1E
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 18052783
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/I9GerDAOejfVXXroyv1OqNLMhB4.roa
Signing time: Sat 01 Jan 2022 04:00:32 +0000
ROA not before: Sat 01 Jan 2022 04:00:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197929
IP address blocks: 212.5.152.0/23 maxlen: 23
212.5.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402990979 (0x18052783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 04:00:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23d19eac300e7a37d55d7ae8cafd4ea8d2cc841e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:a9:a8:b1:68:2f:e7:cd:d1:c9:fc:90:2c:
51:06:64:0d:82:fa:47:a3:47:7b:e5:41:ea:59:50:
b9:7d:fe:72:19:53:23:0d:bf:c2:8a:df:03:f9:f9:
ce:a8:0c:57:fc:b6:5c:38:93:7e:ed:d6:e0:d4:65:
36:62:b7:13:a2:22:b9:c0:72:a6:6b:81:57:23:21:
bf:f4:2c:4f:dd:89:9d:50:28:11:2d:85:a1:56:10:
e3:97:8c:bb:f9:fb:8f:1a:e7:9c:07:a5:46:7d:9d:
86:3c:80:61:81:4a:10:7b:a3:84:5d:55:85:1b:24:
dd:a4:bb:dc:54:56:5d:23:fb:5d:81:17:0f:50:38:
9f:3b:e2:36:d1:bf:17:ff:01:ca:10:e4:37:33:f3:
ea:93:0d:72:05:e4:aa:aa:f1:8e:f5:2f:d7:96:99:
d1:79:86:44:51:de:f2:01:17:2f:5e:a5:e5:4f:17:
01:cf:0e:cd:7e:9e:17:a0:f6:75:3f:c5:5e:d6:2e:
fa:80:d0:62:4d:bc:1c:4c:03:fb:57:83:26:3c:64:
83:9a:1a:2d:f3:80:2d:95:f3:5f:33:91:4e:46:6f:
ae:1b:21:0b:75:8b:c0:25:d2:f0:28:8b:dd:7c:a6:
39:53:24:98:2d:03:6b:43:c7:9e:b3:ec:e0:1a:06:
a5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D1:9E:AC:30:0E:7A:37:D5:5D:7A:E8:CA:FD:4E:A8:D2:CC:84:1E
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/I9GerDAOejfVXXroyv1OqNLMhB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.5.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:4d:a3:ca:2c:64:46:fc:d4:75:10:7a:e4:3d:93:34:21:1c:
29:74:ea:12:f3:39:da:cc:14:19:f2:3b:39:06:82:cf:3d:59:
11:c9:33:83:6d:03:c7:c3:2f:54:90:79:77:25:9d:7f:6c:00:
f2:3b:b5:5a:99:57:a9:c2:03:2e:c5:d4:27:43:a6:94:54:38:
57:d9:fa:23:c8:69:00:fd:81:d9:a6:29:da:e5:7f:0f:49:db:
db:24:bf:08:c5:5a:b5:cc:d2:f9:f3:f6:4a:4b:6e:e5:43:77:
76:4a:a3:f8:64:9f:d1:98:08:52:6b:b2:78:c3:f1:5b:80:07:
f2:7b:01:a7:a1:a0:ab:db:50:58:f0:46:4d:0c:22:c2:51:75:
5d:1f:c6:37:5e:7b:63:83:57:b1:c4:cf:85:38:ee:76:35:ac:
95:de:6c:ca:55:34:d1:72:8d:32:82:65:ae:5c:be:75:e9:e1:
ff:1d:de:ab:0d:1a:02:48:f4:af:a0:35:c5:45:15:18:f6:5c:
05:6f:18:af:07:86:46:d5:e2:44:d2:0f:1c:70:da:12:e8:fd:
05:b8:c4:2a:bf:23:99:eb:1d:6b:ab:7f:13:e8:4d:29:4d:53:
97:e3:a6:91:92:d6:22:ea:11:a5:b9:80:51:87:04:a3:3d:57:
56:fd:93:ca
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGAUngzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNkMTllYWMzMDBl
N2EzN2Q1NWQ3YWU4Y2FmZDRlYThkMmNjODQxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXSqaixaC/nzdHJ/JAsUQZkDYL6R6NHe+VB6llQuX3+chlT
Iw2/worfA/n5zqgMV/y2XDiTfu3W4NRlNmK3E6IiucBypmuBVyMhv/QsT92JnVAo
ES2FoVYQ45eMu/n7jxrnnAelRn2dhjyAYYFKEHujhF1VhRsk3aS73FRWXSP7XYEX
D1A4nzviNtG/F/8ByhDkNzPz6pMNcgXkqqrxjvUv15aZ0XmGRFHe8gEXL16l5U8X
Ac8OzX6eF6D2dT/FXtYu+oDQYk28HEwD+1eDJjxkg5oaLfOALZXzXzORTkZvrhsh
C3WLwCXS8CiL3XymOVMkmC0Da0PHnrPs4BoGpdsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQj0Z6sMA56N9VdeujK/U6o0syEHjAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L0k5R2VyREFPZWpmVlhYcm95djFPcU5MTWhCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtQFmDANBgkqhkiG9w0BAQsFAAOC
AQEAPk2jyixkRvzUdRB65D2TNCEcKXTqEvM52swUGfI7OQaCzz1ZEckzg20Dx8Mv
VJB5dyWdf2wA8ju1WplXqcIDLsXUJ0OmlFQ4V9n6I8hpAP2B2aYp2uV/D0nb2yS/
CMVatczS+fP2Sktu5UN3dkqj+GSf0ZgIUmuyeMPxW4AH8nsBp6Ggq9tQWPBGTQwi
wlF1XR/GN157Y4NXscTPhTjudjWsld5sylU00XKNMoJlrly+denh/x3eqw0aAkj0
r6A1xUUVGPZcBW8YrweGRtXiRNIPHHDaEuj9BbjEKr8jmesda6t/E+hNKU1Tl+Om
kZLWIuoRpbmAUYcEoz1XVv2Tyg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:22 2025 by rpki-client