Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/m66s1dfhC0RnuehMkbiKShVC4tM.roa
File: m66s1dfhC0RnuehMkbiKShVC4tM.roa (raw, json)
Hash identifier: CtGGhkj0/sjgWRsvoW95uFvzmyStANV7JKxjrI+9hOg=
Subject key identifier: 9B:AE:AC:D5:D7:E1:0B:44:67:B9:E8:4C:91:B8:8A:4A:15:42:E2:D3
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 0FFA78C7
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/m66s1dfhC0RnuehMkbiKShVC4tM.roa
Signing time: Sat 01 Jan 2022 08:53:43 +0000
ROA not before: Sat 01 Jan 2022 08:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33824
IP address blocks: 212.19.63.96/29 maxlen: 32
2a02:2e0:413::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268073159 (0xffa78c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 1 08:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9baeacd5d7e10b4467b9e84c91b88a4a1542e2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c7:25:c0:c8:f4:d2:b3:b5:f0:7c:5e:9f:5f:
5b:9b:22:70:0a:7d:27:3a:b8:26:e3:9f:3f:d9:1b:
dd:7c:84:24:6f:a3:90:06:4c:5b:f2:a1:02:e1:06:
3f:ba:21:5f:f8:11:f8:94:3d:42:70:c0:d6:a7:b7:
48:5b:c9:23:99:ce:93:9a:6b:a1:33:5f:dc:cb:c8:
85:d1:f6:a9:4a:bc:73:97:47:cb:3d:71:fa:81:ea:
04:e3:57:1a:68:99:ee:38:af:5c:60:68:0b:4d:16:
dc:14:da:e4:2a:3b:5e:03:b6:4c:e1:e7:dc:b3:22:
d3:7c:55:1e:2c:2f:da:27:be:b7:26:4f:ed:e9:76:
1b:59:15:c4:a5:56:bf:19:86:94:20:41:3c:8a:c9:
ff:94:7b:93:ef:3c:82:72:82:ab:e0:e6:15:0d:6f:
be:f9:0c:75:7b:f1:ed:a2:93:55:0a:07:d1:00:26:
86:a7:da:5c:72:48:aa:be:0d:d3:a5:52:c0:6d:62:
7d:cb:dc:af:e7:e4:23:e8:87:b7:80:fa:4a:9e:f4:
54:12:ef:a6:be:0d:06:0d:b1:0e:d7:34:a4:29:c1:
4a:0e:40:69:55:5a:8d:99:e9:0d:8e:84:1d:e2:46:
3a:8a:00:a7:72:17:28:56:0b:7f:5c:b1:97:d6:32:
06:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AE:AC:D5:D7:E1:0B:44:67:B9:E8:4C:91:B8:8A:4A:15:42:E2:D3
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/m66s1dfhC0RnuehMkbiKShVC4tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.19.63.96/29
IPv6:
2a02:2e0:413::/48
Signature Algorithm: sha256WithRSAEncryption
bd:99:72:bf:19:b1:d5:8e:cc:8a:5d:7f:c5:da:92:e6:53:79:
9b:39:1e:a7:aa:f0:48:e6:b1:76:56:6b:c4:85:b5:94:30:3c:
67:8d:f2:d0:fe:85:e8:6b:17:3e:e4:93:58:5a:51:5c:02:a0:
f4:e5:54:da:61:7e:6a:6d:67:76:a4:db:74:48:bf:1f:e7:3e:
1b:22:bf:6d:6c:db:ad:ba:64:af:df:51:e5:4a:98:0e:b3:83:
d0:ad:49:98:36:b2:58:f7:32:4f:31:c1:96:73:5d:18:8b:2a:
1f:57:6c:de:97:58:8d:63:a9:d5:db:a8:09:03:cb:5d:74:b8:
d8:f6:75:0f:08:68:cd:6d:ee:5f:f8:94:d1:65:a3:7c:a7:d7:
f2:df:1d:f4:96:c2:c4:be:35:f5:5a:d0:88:bd:59:83:57:74:
47:76:e4:58:67:c8:8a:b2:bd:ab:c7:8d:af:61:08:42:09:91:
2e:2e:ef:75:c7:d4:44:f4:4a:45:01:d7:03:09:d2:d7:89:b1:
93:e8:1f:91:b8:1a:c2:3d:1c:9e:c4:29:2c:e1:99:df:db:1c:
f1:c2:b8:2a:2c:68:61:35:d1:9b:af:e0:1e:3a:89:7a:97:45:
cd:df:62:1a:d1:f8:a3:91:a5:83:33:0e:68:11:9d:22:14:dd:
3e:32:c4:9b
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIED/p4xzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDhiYTBhNTJjNDIxMjlhZjFkNGY3NDNmZWIzM2JiMTQ0ZDRiYjVjMB4XDTIyMDEw
MTA4NTM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhZWFjZDVkN2Ux
MGI0NDY3YjllODRjOTFiODhhNGExNTQyZTJkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/HJcDI9NKztfB8Xp9fW5sicAp9Jzq4JuOfP9kb3XyEJG+j
kAZMW/KhAuEGP7ohX/gR+JQ9QnDA1qe3SFvJI5nOk5proTNf3MvIhdH2qUq8c5dH
yz1x+oHqBONXGmiZ7jivXGBoC00W3BTa5Co7XgO2TOHn3LMi03xVHiwv2ie+tyZP
7el2G1kVxKVWvxmGlCBBPIrJ/5R7k+88gnKCq+DmFQ1vvvkMdXvx7aKTVQoH0QAm
hqfaXHJIqr4N06VSwG1ifcvcr+fkI+iHt4D6Sp70VBLvpr4NBg2xDtc0pCnBSg5A
aVVajZnpDY6EHeJGOooAp3IXKFYLf1yxl9YyBgcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSbrqzV1+ELRGe56EyRuIpKFULi0zAfBgNVHSMEGDAWgBQ9i6ClLEISmvHU
90P+szuxRNS7XDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BZdWdwU3hDRXByeDFQZERfck03c1VUVXUxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvZmY2ZjRhLThkNWYtNDViMi04NzVjLWE1NjgzODQ0ZTc5Mi8x
L202NnMxZGZoQzBSbnVlaE1rYmlLU2hWQzR0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
ZmY2ZjRhLThkNWYtNDViMi04NzVjLWE1NjgzODQ0ZTc5Mi8xL1BZdWdwU3hDRXBy
eDFQZERfck03c1VUVXUxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwDQQCAAEwBwMFA9QTP2AwDwQCAAIwCQMHACoCAuAE
EzANBgkqhkiG9w0BAQsFAAOCAQEAvZlyvxmx1Y7Mil1/xdqS5lN5mzkep6rwSOax
dlZrxIW1lDA8Z43y0P6F6GsXPuSTWFpRXAKg9OVU2mF+am1ndqTbdEi/H+c+GyK/
bWzbrbpkr99R5UqYDrOD0K1JmDayWPcyTzHBlnNdGIsqH1ds3pdYjWOp1duoCQPL
XXS42PZ1DwhozW3uX/iU0WWjfKfX8t8d9JbCxL419VrQiL1Zg1d0R3bkWGfIirK9
q8eNr2EIQgmRLi7vdcfURPRKRQHXAwnS14mxk+gfkbgawj0cnsQpLOGZ39sc8cK4
KixoYTXRm6/gHjqJepdFzd9iGtH4o5GlgzMOaBGdIhTdPjLEmw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-fra.rpki-client.org