Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/WoPfhWmJCw5zhAZoYC46pla_FdY.roa
File: WoPfhWmJCw5zhAZoYC46pla_FdY.roa (raw, json)
Hash identifier: jn3c2xCXgTMUPYm7rQPZZ5Nn0SVa18eJOYhepUISy98=
Subject key identifier: 5A:83:DF:85:69:89:0B:0E:73:84:06:68:60:2E:3A:A6:56:BF:15:D6
Certificate issuer: /CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Certificate serial: 0553C89D
Authority key identifier: A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/WoPfhWmJCw5zhAZoYC46pla_FdY.roa
Signing time: Tue 01 Feb 2022 14:46:28 +0000
ROA not before: Tue 01 Feb 2022 14:46:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 212.101.192.0/24 maxlen: 24
212.101.204.0/24 maxlen: 24
212.101.205.0/24 maxlen: 24
212.101.201.0/24 maxlen: 24
212.101.211.0/24 maxlen: 24
212.101.212.0/23 maxlen: 24
212.101.207.0/24 maxlen: 24
212.101.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89376925 (0x553c89d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Validity
Not Before: Feb 1 14:46:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a83df8569890b0e73840668602e3aa656bf15d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ca:26:8f:f2:2a:9a:5d:de:51:b9:9a:dd:37:
49:b7:bc:13:a0:9d:da:b4:5d:95:9c:56:32:87:a4:
84:5a:1f:99:54:e6:25:12:95:fb:03:e4:13:02:4c:
8a:84:3d:da:72:ef:05:8b:28:99:2b:9b:0d:6c:44:
85:e1:3f:0a:fc:33:4b:98:20:f9:4a:55:c8:2b:a8:
5a:00:86:0f:4e:df:7a:37:f0:ea:cc:13:82:22:38:
a2:1e:03:58:bb:13:f9:cb:00:6d:29:77:f4:6c:8f:
9f:df:95:b8:18:24:00:8f:f1:4b:31:1c:fa:6a:59:
fd:ab:a8:51:84:5b:3a:bd:b8:ac:c8:bc:f6:55:cc:
e6:d5:16:c9:b1:fb:ce:5d:3f:ed:dd:65:0e:01:fb:
af:04:18:3d:41:77:b8:0e:68:03:27:8c:f0:8c:b9:
37:99:30:80:b0:75:f0:9d:16:c5:69:42:d5:27:b1:
24:fb:61:76:c3:fd:51:78:ca:35:27:33:b5:b9:1a:
32:8f:af:c5:e8:2e:32:f1:cd:0e:5e:6d:49:32:86:
a2:21:62:3c:d6:c5:89:6c:84:38:92:5b:97:04:11:
3a:63:47:2a:e2:f1:3d:ad:35:9c:88:ea:a9:0b:7b:
6a:d7:2d:1f:f5:cb:fd:a1:fa:68:be:70:5e:ea:4f:
00:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:83:DF:85:69:89:0B:0E:73:84:06:68:60:2E:3A:A6:56:BF:15:D6
X509v3 Authority Key Identifier:
keyid:A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/WoPfhWmJCw5zhAZoYC46pla_FdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p67mdiDZwK5j0pV4XJ2VbwY8IcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.192.0/24
212.101.201.0/24
212.101.204.0/23
212.101.207.0/24
212.101.211.0-212.101.214.255
Signature Algorithm: sha256WithRSAEncryption
a6:ed:b0:b6:b4:f2:4e:26:af:c9:92:ce:31:a2:df:40:5a:58:
7a:97:b4:89:e2:db:65:e6:f1:a3:d6:c6:56:54:61:2f:bc:f3:
6d:2e:6f:51:14:ba:61:63:9b:58:c9:19:9f:55:05:38:bd:71:
37:86:cf:01:e0:da:c9:84:3b:cf:e8:94:ab:3a:91:d9:92:d2:
36:78:73:12:d7:7c:1e:45:db:ce:32:24:65:cd:a7:7e:c1:25:
12:94:65:1b:43:4d:2c:3e:c5:32:71:4c:58:65:f4:67:87:63:
ba:16:63:db:fd:bf:22:28:fc:31:95:07:d5:43:6b:39:df:9a:
e7:43:7d:8d:27:15:62:d0:bb:0f:d5:e8:05:09:57:20:6e:46:
27:41:9e:53:5e:32:21:93:5f:56:87:96:a0:13:54:88:52:42:
74:ee:5a:c4:a1:de:13:81:73:c4:2d:a1:4a:83:cc:6f:14:7a:
8d:2b:e8:79:5f:6b:61:e5:6e:32:4f:6f:16:47:5f:32:35:e3:
4a:b7:2b:c9:13:1c:69:97:0d:0f:26:c1:7a:14:87:51:d1:dc:
0d:f7:cc:29:65:b5:0f:d1:1f:fb:47:e3:3a:2b:63:a3:0c:bd:
0e:94:5b:af:54:6c:4a:2b:61:1a:fe:d6:de:9b:b3:9c:67:4e:
75:ad:33:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBVPInTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2FlZTY3NjIwZDljMGFlNjNkMjk1Nzg1YzlkOTU2ZjA2M2MyMWMzMB4XDTIyMDIw
MTE0NDYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE4M2RmODU2OTg5
MGIwZTczODQwNjY4NjAyZTNhYTY1NmJmMTVkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrKJo/yKppd3lG5mt03Sbe8E6Cd2rRdlZxWMoekhFofmVTm
JRKV+wPkEwJMioQ92nLvBYsomSubDWxEheE/CvwzS5gg+UpVyCuoWgCGD07fejfw
6swTgiI4oh4DWLsT+csAbSl39GyPn9+VuBgkAI/xSzEc+mpZ/auoUYRbOr24rMi8
9lXM5tUWybH7zl0/7d1lDgH7rwQYPUF3uA5oAyeM8Iy5N5kwgLB18J0WxWlC1Sex
JPthdsP9UXjKNScztbkaMo+vxeguMvHNDl5tSTKGoiFiPNbFiWyEOJJblwQROmNH
KuLxPa01nIjqqQt7atctH/XL/aH6aL5wXupPAAMCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRag9+FaYkLDnOEBmhgLjqmVr8V1jAfBgNVHSMEGDAWgBSnruZ2INnArmPS
lXhcnZVvBjwhwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3A2N21kaURad0s1ajBwVjRYSjJWYndZOEljTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvMmJhMjVhLTBhYmQtNDU1MC1iY2E0LTBiN2YxNWI1MDljYi8x
L1dvUGZoV21KQ3c1emhBWm9ZQzQ2cGxhX0ZkWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
MmJhMjVhLTBhYmQtNDU1MC1iY2E0LTBiN2YxNWI1MDljYi8xL3A2N21kaURad0s1
ajBwVjRYSjJWYndZOEljTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEANRlwAMEANRlyQMEAdRlzAMEANRl
zzAMAwQA1GXTAwQA1GXWMA0GCSqGSIb3DQEBCwUAA4IBAQCm7bC2tPJOJq/Jks4x
ot9AWlh6l7SJ4ttl5vGj1sZWVGEvvPNtLm9RFLphY5tYyRmfVQU4vXE3hs8B4NrJ
hDvP6JSrOpHZktI2eHMS13weRdvOMiRlzad+wSUSlGUbQ00sPsUycUxYZfRnh2O6
FmPb/b8iKPwxlQfVQ2s535rnQ32NJxVi0LsP1egFCVcgbkYnQZ5TXjIhk19Wh5ag
E1SIUkJ07lrEod4TgXPELaFKg8xvFHqNK+h5X2th5W4yT28WR18yNeNKtyvJExxp
lw0PJsF6FIdR0dwN98wpZbUP0R/7R+M6K2OjDL0OlFuvVGxKK2Ea/tbem7OcZ051
rTPU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:17 2024 by rpki-client on console-ams.rpki-client.org