Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p4yvuORQLNLj9Onu8FjZiUqxfpc.roa
File: p4yvuORQLNLj9Onu8FjZiUqxfpc.roa (raw, json)
Hash identifier: 8I9HXvnGSCxLYA+Vt09+FX+MDcFuGxGhodbu9W/gc3g=
Subject key identifier: A7:8C:AF:B8:E4:50:2C:D2:E3:F4:E9:EE:F0:58:D9:89:4A:B1:7E:97
Certificate issuer: /CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Certificate serial: 050EC15E
Authority key identifier: A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p4yvuORQLNLj9Onu8FjZiUqxfpc.roa
Signing time: Sat 01 Jan 2022 05:58:15 +0000
ROA not before: Sat 01 Jan 2022 05:58:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 212.101.204.0/24 maxlen: 24
212.101.205.0/24 maxlen: 24
212.101.211.0/24 maxlen: 24
212.101.212.0/23 maxlen: 24
212.101.207.0/24 maxlen: 24
212.101.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84853086 (0x50ec15e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7aee67620d9c0ae63d295785c9d956f063c21c3
Validity
Not Before: Jan 1 05:58:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a78cafb8e4502cd2e3f4e9eef058d9894ab17e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:85:6c:24:6a:68:8d:6a:ca:1d:3a:85:9c:ff:
fd:44:c5:99:21:c4:69:a9:03:c9:a9:97:90:3e:cb:
7d:20:79:2e:57:dc:83:c4:b1:05:b4:20:31:31:94:
b5:6d:ab:8e:d4:7e:3a:b8:5e:3e:de:88:55:b1:6c:
fa:e5:08:ee:b7:fa:64:eb:17:e0:43:72:84:e4:52:
ae:02:51:10:af:b7:37:b0:d4:c2:14:d4:f8:81:3e:
b6:eb:3d:22:f4:d0:05:61:13:f2:36:4f:31:50:3e:
76:a3:84:d7:11:2e:b2:4f:a1:e8:63:77:dd:07:a4:
9b:c1:22:eb:78:02:2a:58:a2:8a:27:fc:15:19:73:
2a:ac:28:c4:ae:c2:6f:b9:a0:81:01:db:ea:a3:f5:
45:d4:b9:9d:fa:52:59:e7:5f:16:19:59:5c:88:ea:
74:21:66:0f:3e:52:7e:68:c0:55:b1:09:a8:4f:91:
af:c0:50:e9:2d:9e:d3:cf:88:d4:f5:00:67:4c:48:
af:10:e4:ce:0b:1a:bd:fd:46:55:a8:85:5f:f8:21:
22:85:71:0b:14:66:e6:e5:81:47:bd:ed:53:e6:e9:
df:e5:b7:96:69:32:3f:18:4c:2d:fc:a5:83:bf:b9:
46:7b:2d:84:b2:50:b9:4c:94:30:41:ab:3e:53:53:
0a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8C:AF:B8:E4:50:2C:D2:E3:F4:E9:EE:F0:58:D9:89:4A:B1:7E:97
X509v3 Authority Key Identifier:
keyid:A7:AE:E6:76:20:D9:C0:AE:63:D2:95:78:5C:9D:95:6F:06:3C:21:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p67mdiDZwK5j0pV4XJ2VbwY8IcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p4yvuORQLNLj9Onu8FjZiUqxfpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2ba25a-0abd-4550-bca4-0b7f15b509cb/1/p67mdiDZwK5j0pV4XJ2VbwY8IcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.101.204.0/23
212.101.207.0/24
212.101.211.0-212.101.214.255
Signature Algorithm: sha256WithRSAEncryption
13:63:95:16:e4:9e:6c:65:e7:51:b6:f5:88:d9:6d:e7:79:6c:
13:81:73:e2:f9:48:40:ca:8f:b6:ed:d6:4f:44:56:94:f4:83:
53:dd:15:2e:3b:0b:39:d0:40:91:60:ea:c7:02:67:a9:55:d9:
34:55:1e:e2:58:a4:73:7f:82:19:6b:ef:fa:e2:de:a1:c8:42:
12:f6:33:40:12:c2:22:48:0a:cc:04:18:7a:f2:06:b7:c5:ac:
59:cd:41:12:f1:96:2b:ec:80:61:ce:95:03:a5:07:1f:66:83:
8b:2b:d7:90:b2:24:4a:d2:0b:f0:47:19:2f:66:f2:89:cf:63:
85:71:9d:20:1e:af:70:87:e4:6f:42:29:7b:d3:17:b7:25:27:
07:e4:57:ec:7a:45:43:21:95:65:ff:45:de:c5:29:13:06:84:
24:bd:5d:3a:04:97:85:9f:54:49:d0:c9:eb:4d:39:94:e2:e6:
17:10:80:ab:d7:f6:eb:ad:12:97:ea:94:86:90:ad:b7:40:20:
06:4f:59:3c:6d:22:ff:28:39:bb:4b:0b:a0:2c:67:a5:d4:00:
eb:d6:21:ee:e2:ce:f0:a4:fe:06:ea:5b:0f:41:28:7f:88:bd:
12:4e:de:3f:0a:b7:67:eb:66:29:9c:ab:e5:4d:ff:a9:f6:b6:
17:ab:c9:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBQ7BXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2FlZTY3NjIwZDljMGFlNjNkMjk1Nzg1YzlkOTU2ZjA2M2MyMWMzMB4XDTIyMDEw
MTA1NTgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc4Y2FmYjhlNDUw
MmNkMmUzZjRlOWVlZjA1OGQ5ODk0YWIxN2U5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWFbCRqaI1qyh06hZz//UTFmSHEaakDyamXkD7LfSB5Llfc
g8SxBbQgMTGUtW2rjtR+OrhePt6IVbFs+uUI7rf6ZOsX4ENyhORSrgJREK+3N7DU
whTU+IE+tus9IvTQBWET8jZPMVA+dqOE1xEusk+h6GN33Qekm8Ei63gCKliiiif8
FRlzKqwoxK7Cb7mggQHb6qP1RdS5nfpSWedfFhlZXIjqdCFmDz5SfmjAVbEJqE+R
r8BQ6S2e08+I1PUAZ0xIrxDkzgsavf1GVaiFX/ghIoVxCxRm5uWBR73tU+bp3+W3
lmkyPxhMLfylg7+5RnsthLJQuUyUMEGrPlNTChkCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSnjK+45FAs0uP06e7wWNmJSrF+lzAfBgNVHSMEGDAWgBSnruZ2INnArmPS
lXhcnZVvBjwhwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3A2N21kaURad0s1ajBwVjRYSjJWYndZOEljTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvMmJhMjVhLTBhYmQtNDU1MC1iY2E0LTBiN2YxNWI1MDljYi8x
L3A0eXZ1T1JRTE5MajlPbnU4RmpaaVVxeGZwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
MmJhMjVhLTBhYmQtNDU1MC1iY2E0LTBiN2YxNWI1MDljYi8xL3A2N21kaURad0s1
ajBwVjRYSjJWYndZOEljTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAdRlzAMEANRlzzAMAwQA1GXTAwQA
1GXWMA0GCSqGSIb3DQEBCwUAA4IBAQATY5UW5J5sZedRtvWI2W3neWwTgXPi+UhA
yo+27dZPRFaU9INT3RUuOws50ECRYOrHAmepVdk0VR7iWKRzf4IZa+/64t6hyEIS
9jNAEsIiSArMBBh68ga3xaxZzUES8ZYr7IBhzpUDpQcfZoOLK9eQsiRK0gvwRxkv
ZvKJz2OFcZ0gHq9wh+RvQil70xe3JScH5FfsekVDIZVl/0XexSkTBoQkvV06BJeF
n1RJ0MnrTTmU4uYXEICr1/brrRKX6pSGkK23QCAGT1k8bSL/KDm7SwugLGel1ADr
1iHu4s7wpP4G6lsPQSh/iL0STt4/Crdn62YpnKvlTf+p9rYXq8mj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org