Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/yI4E6ojvTjGnpIcbacbkdsD1Tdk.roa
File: yI4E6ojvTjGnpIcbacbkdsD1Tdk.roa (raw, json)
Hash identifier: MfGdeIfjj87tdjfGx9/B7v+DzofOO0nYzWM7MIc4GqU=
Subject key identifier: C8:8E:04:EA:88:EF:4E:31:A7:A4:87:1B:69:C6:E4:76:C0:F5:4D:D9
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 03D39D84
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/yI4E6ojvTjGnpIcbacbkdsD1Tdk.roa
Signing time: Sat 01 Jan 2022 10:02:17 +0000
ROA not before: Sat 01 Jan 2022 10:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212179
IP address blocks: 212.172.0.0/16 maxlen: 24
212.172.20.0/24 maxlen: 32
212.172.165.128/27 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64200068 (0x3d39d84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 1 10:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c88e04ea88ef4e31a7a4871b69c6e476c0f54dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ac:f9:1a:75:79:7e:df:d9:f1:94:27:04:87:
6d:93:a6:72:d4:d8:63:e9:8f:f7:18:e5:bb:1c:b1:
91:ca:41:52:49:11:0b:ad:7e:16:c1:73:ef:ef:fd:
5d:95:dd:29:08:51:c8:f1:6c:79:b4:f8:1b:63:70:
3c:a2:86:0d:71:8a:dd:11:1f:07:bc:90:0b:96:87:
4e:df:4c:f7:78:16:b7:d5:67:23:ef:c7:d9:37:83:
e8:f8:cc:5a:ce:7a:cf:29:1c:f3:91:2f:d7:b2:54:
74:39:08:65:60:7a:fa:17:07:4a:b1:47:5e:be:95:
ed:fd:88:ea:73:09:52:af:54:f1:89:3c:7d:c5:3b:
33:3c:aa:2b:63:9b:c5:3b:4e:2c:94:2b:b6:f3:a0:
ec:da:c9:e6:f5:eb:fa:2f:20:6b:4c:12:fb:01:b2:
f4:ca:b9:30:59:bd:00:d7:82:fe:b2:a6:9d:2e:9e:
97:2c:df:e9:13:cd:5a:92:e0:f0:bf:2a:45:68:ad:
d7:38:d9:7c:22:db:01:fd:aa:ab:67:e3:d4:fd:1b:
81:f9:ce:4a:29:2c:46:50:c3:2e:f7:ec:a8:07:a0:
63:41:da:70:3a:21:9f:71:f3:75:4f:a5:21:f8:02:
49:1a:42:3d:91:69:64:12:dc:7a:df:cc:74:20:bd:
29:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8E:04:EA:88:EF:4E:31:A7:A4:87:1B:69:C6:E4:76:C0:F5:4D:D9
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/yI4E6ojvTjGnpIcbacbkdsD1Tdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.172.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:51:cb:d6:9e:21:e7:7c:0b:8b:dc:3e:d0:30:85:42:7e:d0:
e6:cc:2e:68:aa:ee:91:db:1f:46:7f:64:c0:3a:db:3b:c0:9b:
3c:f7:25:96:97:ec:9a:5e:93:90:d3:e5:09:b4:4e:ca:84:79:
62:50:02:68:94:33:d7:83:a4:ce:bd:c7:ba:f0:2a:63:02:2a:
d8:ba:c5:58:4d:86:9b:83:6c:e2:cd:5c:78:21:73:b7:ee:b2:
74:73:3c:89:d3:cd:aa:bd:aa:41:cd:ad:0d:d3:a6:04:3c:1e:
fc:f1:fd:99:bc:5c:74:8c:6e:31:e2:5b:f9:df:fd:ff:67:2b:
ab:5b:83:e3:1b:fb:de:25:a9:eb:d9:c0:da:a2:e7:5f:9c:d5:
4f:65:37:9e:b6:62:76:cf:e2:f5:16:69:68:5a:30:7f:9d:c5:
8d:e4:18:8c:da:d2:b0:9d:77:2b:55:e4:bf:d3:77:c7:81:7f:
be:27:38:25:72:6f:4e:7c:40:00:ea:66:ee:bb:22:d5:7f:e1:
f5:ac:fa:88:52:c8:bf:f7:9e:29:f9:c7:34:e1:6b:e5:4e:99:
26:3d:95:7c:2a:5a:31:07:4c:a5:51:35:08:4a:c4:a4:4d:2b:
c5:65:2a:3f:7b:9b:92:71:93:c8:88:6f:32:b4:a2:a2:68:a8:
1e:77:e5:d3
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEA9OdhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDEw
MTEwMDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg4ZTA0ZWE4OGVm
NGUzMWE3YTQ4NzFiNjljNmU0NzZjMGY1NGRkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGs+Rp1eX7f2fGUJwSHbZOmctTYY+mP9xjluxyxkcpBUkkR
C61+FsFz7+/9XZXdKQhRyPFsebT4G2NwPKKGDXGK3REfB7yQC5aHTt9M93gWt9Vn
I+/H2TeD6PjMWs56zykc85Ev17JUdDkIZWB6+hcHSrFHXr6V7f2I6nMJUq9U8Yk8
fcU7MzyqK2ObxTtOLJQrtvOg7NrJ5vXr+i8ga0wS+wGy9Mq5MFm9ANeC/rKmnS6e
lyzf6RPNWpLg8L8qRWit1zjZfCLbAf2qq2fj1P0bgfnOSiksRlDDLvfsqAegY0Ha
cDohn3HzdU+lIfgCSRpCPZFpZBLcet/MdCC9KZ8CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTIjgTqiO9OMaekhxtpxuR2wPVN2TAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
L3lJNEU2b2p2VGpHbnBJY2JhY2JrZHNEMVRkay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSsMA0GCSqGSIb3DQEBCwUAA4IB
AQChUcvWniHnfAuL3D7QMIVCftDmzC5oqu6R2x9Gf2TAOts7wJs89yWWl+yaXpOQ
0+UJtE7KhHliUAJolDPXg6TOvce68CpjAirYusVYTYabg2zizVx4IXO37rJ0czyJ
082qvapBza0N06YEPB788f2ZvFx0jG4x4lv53/3/ZyurW4PjG/veJanr2cDaoudf
nNVPZTeetmJ2z+L1FmloWjB/ncWN5BiM2tKwnXcrVeS/03fHgX++Jzglcm9OfEAA
6mbuuyLVf+H1rPqIUsi/954p+cc04WvlTpkmPZV8KloxB0ylUTUISsSkTSvFZSo/
e5uScZPIiG8ytKKiaKged+XT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:41 2024 by rpki-client on console-fra.rpki-client.org