Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/pBoPnMgONhwUKxC0l0KmiLaEk7E.roa
File: pBoPnMgONhwUKxC0l0KmiLaEk7E.roa (raw, json)
Hash identifier: UMHqu+RdfzGG5Qo9dtCcdsjUo72tzFfxIcbvEwG2Jck=
Subject key identifier: A4:1A:0F:9C:C8:0E:36:1C:14:2B:10:B4:97:42:A6:88:B6:84:93:B1
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 17DE376E
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/pBoPnMgONhwUKxC0l0KmiLaEk7E.roa
Signing time: Sat 01 Jan 2022 03:59:49 +0000
ROA not before: Sat 01 Jan 2022 03:59:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 213.91.168.0/24 maxlen: 24
212.5.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400439150 (0x17de376e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 03:59:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a41a0f9cc80e361c142b10b49742a688b68493b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:35:59:32:12:38:14:29:b0:6d:3b:21:d7:cb:
31:58:81:67:54:37:9c:17:2b:d0:84:30:76:ff:42:
6b:f6:b3:6a:6d:29:5f:7b:3d:60:10:68:5e:8f:44:
f9:c8:18:fb:7f:91:f6:04:c5:23:29:74:e6:f7:01:
2f:65:ed:8a:4d:6d:77:0a:0a:55:57:54:a4:b8:27:
df:0d:be:af:e5:74:d3:3b:d3:be:ed:ff:50:eb:a9:
08:38:d8:f9:35:44:4c:e3:14:0f:a7:fc:7a:11:56:
ab:75:d8:c5:46:0a:f2:aa:cc:88:aa:ec:27:87:56:
00:f7:dc:af:37:a5:8d:7c:c9:d5:15:49:d1:62:96:
9b:cb:c9:38:22:a9:39:b0:f7:33:c7:42:ad:e0:f1:
c0:c5:b0:f7:cd:85:a3:0e:d5:ed:ce:a5:65:48:b1:
e7:a2:11:86:6e:1a:d4:a5:93:36:c2:fb:64:02:40:
ce:f1:55:a8:a6:45:dc:af:70:d6:ae:96:7c:3f:5b:
31:db:b8:4c:a0:15:b6:97:ba:9a:05:79:ce:62:c4:
65:72:a4:07:51:a7:a9:40:d4:23:54:6b:f2:6a:0f:
80:25:99:a7:41:ec:44:73:33:3f:f1:b2:0a:1d:83:
ba:55:ae:62:09:d2:e8:2a:67:d7:d8:08:22:d9:f1:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:1A:0F:9C:C8:0E:36:1C:14:2B:10:B4:97:42:A6:88:B6:84:93:B1
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/pBoPnMgONhwUKxC0l0KmiLaEk7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.5.156.0/24
213.91.168.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:33:1b:32:fa:00:8d:58:28:25:e6:fa:23:2b:d7:9a:ce:ce:
0f:31:d7:0a:9c:e9:6e:d5:3c:1d:33:a6:bb:28:1b:0c:4c:e4:
43:91:47:0e:dc:59:c2:bd:80:80:09:55:ee:25:88:59:35:20:
58:5d:e9:47:cc:eb:27:6a:c1:9d:6d:d3:39:ff:e1:4f:1b:56:
2e:77:0a:c1:86:6c:17:fb:50:1d:05:7f:63:70:c5:f4:27:ff:
30:bb:34:9e:42:15:10:23:97:44:67:97:a5:83:89:c6:62:f8:
36:51:ae:d9:19:32:17:1c:ee:aa:96:0f:b9:00:c0:77:82:8a:
93:65:e9:3e:35:60:f4:86:3e:cc:28:25:7c:6e:f6:35:65:81:
4d:bd:1b:47:f2:bd:f8:c2:f1:05:a4:91:7b:12:24:57:09:83:
76:b8:47:2b:9f:1e:55:b6:fc:a5:3e:53:cd:05:38:c3:1c:02:
14:db:c3:58:49:a2:ac:07:e5:e4:ce:00:b0:86:44:1f:6c:be:
e9:80:07:a4:64:3e:57:78:f0:cb:bd:48:cc:2d:64:a5:0f:fd:
b9:97:db:04:4f:bb:04:53:bc:b6:2c:1f:ad:aa:76:ad:b4:c7:
30:ee:d5:1d:e0:3e:1a:68:ad:f5:33:27:8a:50:48:15:04:c1:
2b:22:0e:8e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF943bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTAzNTk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQxYTBmOWNjODBl
MzYxYzE0MmIxMGI0OTc0MmE2ODhiNjg0OTNiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ1WTISOBQpsG07IdfLMViBZ1Q3nBcr0IQwdv9Ca/azam0p
X3s9YBBoXo9E+cgY+3+R9gTFIyl05vcBL2Xtik1tdwoKVVdUpLgn3w2+r+V00zvT
vu3/UOupCDjY+TVETOMUD6f8ehFWq3XYxUYK8qrMiKrsJ4dWAPfcrzeljXzJ1RVJ
0WKWm8vJOCKpObD3M8dCreDxwMWw982Fow7V7c6lZUix56IRhm4a1KWTNsL7ZAJA
zvFVqKZF3K9w1q6WfD9bMdu4TKAVtpe6mgV5zmLEZXKkB1GnqUDUI1Rr8moPgCWZ
p0HsRHMzP/GyCh2DulWuYgnS6Cpn19gIItnxK78CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSkGg+cyA42HBQrELSXQqaItoSTsTAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L3BCb1BuTWdPTmh3VUt4QzBsMEttaUxhRWs3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANQFnAMEANVbqDANBgkqhkiG9w0B
AQsFAAOCAQEAbjMbMvoAjVgoJeb6IyvXms7ODzHXCpzpbtU8HTOmuygbDEzkQ5FH
DtxZwr2AgAlV7iWIWTUgWF3pR8zrJ2rBnW3TOf/hTxtWLncKwYZsF/tQHQV/Y3DF
9Cf/MLs0nkIVECOXRGeXpYOJxmL4NlGu2RkyFxzuqpYPuQDAd4KKk2XpPjVg9IY+
zCglfG72NWWBTb0bR/K9+MLxBaSRexIkVwmDdrhHK58eVbb8pT5TzQU4wxwCFNvD
WEmirAfl5M4AsIZEH2y+6YAHpGQ+V3jwy71IzC1kpQ/9uZfbBE+7BFO8tiwfrap2
rbTHMO7VHeA+Gmit9TMnilBIFQTBKyIOjg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:04 2025 by rpki-client