Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/22fa42-b02f-4311-90fb-45a112a1e7ac/1/0JFMPBkPUTktqKKBxzG8XJMxTQA.roa
File: 0JFMPBkPUTktqKKBxzG8XJMxTQA.roa (raw, json)
Hash identifier: 1oP8koTVuHTkkjhCKMwMDOtTe3ZKTCLyn+TyTLZGUXI=
Subject key identifier: D0:91:4C:3C:19:0F:51:39:2D:A8:A2:81:C7:31:BC:5C:93:31:4D:00
Certificate issuer: /CN=44348141fc46dc0187087cbc86556e9a449ee1e7
Certificate serial: 018571F9EF06324948789D63C2B3537A1F1A
Authority key identifier: 44:34:81:41:FC:46:DC:01:87:08:7C:BC:86:55:6E:9A:44:9E:E1:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDSBQfxG3AGHCHy8hlVumkSe4ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/22fa42-b02f-4311-90fb-45a112a1e7ac/1/0JFMPBkPUTktqKKBxzG8XJMxTQA.roa
Signing time: Mon 02 Jan 2023 10:14:43 +0000
ROA not before: Mon 02 Jan 2023 10:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25367
IP address blocks: 212.63.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:ef:06:32:49:48:78:9d:63:c2:b3:53:7a:1f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44348141fc46dc0187087cbc86556e9a449ee1e7
Validity
Not Before: Jan 2 10:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0914c3c190f51392da8a281c731bc5c93314d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a2:17:56:67:a0:ec:9b:1d:92:55:cb:ae:0b:
fd:9a:69:87:60:a8:02:6e:91:09:ff:7a:f0:0b:d1:
ec:87:95:82:01:31:8b:8c:f5:c6:11:d1:f4:35:31:
17:f8:78:2c:34:f2:54:98:53:57:40:54:ed:75:de:
0e:9b:2a:65:33:cf:e3:04:15:db:23:df:b8:17:d0:
7a:aa:97:71:9e:e5:34:0c:04:cc:cb:55:5d:5d:4b:
26:6c:5e:2c:ec:cb:a6:a2:2c:08:15:8c:46:73:01:
e0:35:a8:b1:ae:7f:dd:4a:4d:a1:a1:6b:5b:05:30:
dd:67:7e:3d:ca:20:27:48:dc:52:94:5d:15:3b:12:
74:44:b9:b2:8d:74:86:bb:a2:71:5f:f2:32:be:5b:
2e:3d:81:51:ff:0c:97:5e:c9:4a:80:54:87:ed:0f:
c0:38:7e:7e:d0:c7:4a:73:ba:0f:be:ad:76:eb:05:
c8:82:01:c8:88:e7:07:c5:fe:ee:eb:d7:13:7f:b7:
73:7a:f7:ff:48:1b:32:5c:b4:79:40:e7:53:e8:43:
7f:fb:15:be:67:88:4a:c4:1a:c8:ee:fe:e5:85:1d:
1c:c0:de:79:13:2d:28:3b:bb:ae:22:ee:b7:63:35:
49:72:b8:7b:7a:db:96:97:d3:55:2d:87:c0:68:c6:
24:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:91:4C:3C:19:0F:51:39:2D:A8:A2:81:C7:31:BC:5C:93:31:4D:00
X509v3 Authority Key Identifier:
keyid:44:34:81:41:FC:46:DC:01:87:08:7C:BC:86:55:6E:9A:44:9E:E1:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDSBQfxG3AGHCHy8hlVumkSe4ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/22fa42-b02f-4311-90fb-45a112a1e7ac/1/0JFMPBkPUTktqKKBxzG8XJMxTQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/22fa42-b02f-4311-90fb-45a112a1e7ac/1/RDSBQfxG3AGHCHy8hlVumkSe4ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.63.224.0/19
Signature Algorithm: sha256WithRSAEncryption
7f:82:4f:c9:e7:0f:6d:b1:45:db:12:d6:01:3b:a5:82:10:7a:
10:cb:ea:c6:7a:ad:2c:5e:b7:2e:e0:18:e3:38:f1:39:67:79:
ba:f2:63:f7:18:22:d0:15:58:26:21:eb:6e:fa:5f:e0:50:70:
29:f1:0a:e0:86:d5:0a:4e:36:87:6e:1c:86:57:16:f5:14:aa:
a3:be:d8:36:e1:f5:58:cc:a4:cb:42:fb:b4:6d:63:a2:2c:17:
2e:29:99:fb:b7:14:2a:95:9f:d1:12:e6:fa:be:3d:46:93:7a:
4b:f8:5a:63:a1:4a:4b:27:ac:ad:4c:3b:44:5c:93:ed:f5:14:
07:05:7d:31:ed:da:ec:af:1c:ef:1b:e0:ba:06:c0:08:09:3a:
46:8b:48:f6:bb:ec:9b:bc:08:c0:68:bd:49:48:c3:2b:1d:0c:
46:c4:17:38:25:35:fa:f2:88:a9:36:a2:76:f5:c4:b5:9c:a9:
bf:b4:b7:a5:80:f0:2a:b6:e1:58:71:74:1d:56:7a:41:ce:09:
2c:c0:cb:7c:75:4b:f2:c0:ca:46:f8:70:69:1f:e8:64:06:09:
87:24:be:0e:fd:f2:e0:08:3e:29:d9:fc:84:a1:d3:fb:84:27:
d2:c1:61:fb:b1:12:19:37:0d:19:9c:b8:8d:04:07:47:ef:75:
56:e7:8a:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+e8GMklIeJ1jwrNTeh8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzQ4MTQxZmM0NmRjMDE4NzA4N2NiYzg2NTU2ZTlhNDQ5
ZWUxZTcwHhcNMjMwMTAyMTAxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkxNGMzYzE5MGY1MTM5MmRhOGEyODFjNzMxYmM1YzkzMzE0ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKIXVmeg7JsdklXLrgv9mmmHYKgC
bpEJ/3rwC9Hsh5WCATGLjPXGEdH0NTEX+HgsNPJUmFNXQFTtdd4OmyplM8/jBBXb
I9+4F9B6qpdxnuU0DATMy1VdXUsmbF4s7MumoiwIFYxGcwHgNaixrn/dSk2hoWtb
BTDdZ349yiAnSNxSlF0VOxJ0RLmyjXSGu6JxX/IyvlsuPYFR/wyXXslKgFSH7Q/A
OH5+0MdKc7oPvq126wXIggHIiOcHxf7u69cTf7dzevf/SBsyXLR5QOdT6EN/+xW+
Z4hKxBrI7v7lhR0cwN55Ey0oO7uuIu63YzVJcrh7etuWl9NVLYfAaMYkYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCRTDwZD1E5LaiigccxvFyTMU0AMB8GA1UdIwQY
MBaAFEQ0gUH8RtwBhwh8vIZVbppEnuHnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRTQlFmeEczQUdIQ0h5OGhsVnVta1NlNGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8yMmZhNDItYjAyZi00MzExLTkwZmIt
NDVhMTEyYTFlN2FjLzEvMEpGTVBCa1BVVGt0cUtLQnh6RzhYSk14VFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8yMmZhNDItYjAyZi00MzExLTkwZmItNDVhMTEyYTFlN2Fj
LzEvUkRTQlFmeEczQUdIQ0h5OGhsVnVta1NlNGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1D/gMA0G
CSqGSIb3DQEBCwUAA4IBAQB/gk/J5w9tsUXbEtYBO6WCEHoQy+rGeq0sXrcu4Bjj
OPE5Z3m68mP3GCLQFVgmIetu+l/gUHAp8QrghtUKTjaHbhyGVxb1FKqjvtg24fVY
zKTLQvu0bWOiLBcuKZn7txQqlZ/REub6vj1Gk3pL+FpjoUpLJ6ytTDtEXJPt9RQH
BX0x7drsrxzvG+C6BsAICTpGi0j2u+ybvAjAaL1JSMMrHQxGxBc4JTX68oipNqJ2
9cS1nKm/tLelgPAqtuFYcXQdVnpBzgkswMt8dUvywMpG+HBpH+hkBgmHJL4O/fLg
CD4p2fyEodP7hCfSwWH7sRIZNw0ZnLiNBAdH73VW54p8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:35 2025 by rpki-client