Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/sYJU7x58klaTDGO-ajiVJ8sBwmg.roa
File: sYJU7x58klaTDGO-ajiVJ8sBwmg.roa (raw, json)
Hash identifier: +K70Dw91w8IhKIO3gfKz+1F89Od7rf5R0MNM2er/4yQ=
Subject key identifier: B1:82:54:EF:1E:7C:92:56:93:0C:63:BE:6A:38:95:27:CB:01:C2:68
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0184CEBE8060E6C8333F224607392E8FDF61
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/sYJU7x58klaTDGO-ajiVJ8sBwmg.roa
Signing time: Thu 01 Dec 2022 17:31:41 +0000
ROA not before: Thu 01 Dec 2022 17:31:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12548
IP address blocks: 212.68.160.0/22 maxlen: 22
212.68.164.0/22 maxlen: 22
212.68.172.0/22 maxlen: 22
212.68.176.0/22 maxlen: 22
212.68.180.0/22 maxlen: 22
212.68.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:be:80:60:e6:c8:33:3f:22:46:07:39:2e:8f:df:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Dec 1 17:31:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b18254ef1e7c9256930c63be6a389527cb01c268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:52:fd:f5:62:eb:07:4c:26:95:a2:95:f0:19:
5d:06:75:ad:1f:8e:9a:f0:48:af:c5:d4:83:08:d4:
be:92:4c:2c:8a:3c:f3:b4:39:22:65:e3:a1:ed:64:
f1:06:68:e0:1c:e0:1b:95:90:50:99:b6:59:83:8b:
59:49:66:15:87:11:15:6a:dc:e8:36:ba:d1:2e:e4:
df:af:5c:d7:e5:d7:7d:8f:35:a0:41:5d:6a:5a:b7:
fe:24:c4:68:30:5c:96:7a:ed:7f:63:d7:a4:c9:6f:
59:58:58:82:6d:2d:9c:b7:45:ce:d3:c8:2f:4d:3d:
ff:32:0e:4a:db:56:4d:cb:a0:95:e1:95:0d:01:44:
83:2b:87:71:75:52:93:e6:07:78:8a:aa:f5:f8:8f:
91:55:70:a0:b7:2d:9a:9a:e9:40:b7:21:b8:d8:bc:
e9:68:3c:e1:7d:e2:88:4d:53:e7:d5:ae:b3:f4:1c:
5b:fa:c6:62:a7:39:79:80:80:00:bf:66:0f:e6:68:
ce:35:95:ba:2c:68:1b:32:4d:25:f2:bb:fc:c3:54:
36:60:21:7b:0e:03:47:9b:bf:34:e7:3c:95:7b:92:
39:75:2a:ec:10:1b:f6:a4:63:1d:01:46:33:70:c0:
57:56:09:bc:d1:4c:1f:b7:b6:56:a5:75:08:d0:67:
44:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:82:54:EF:1E:7C:92:56:93:0C:63:BE:6A:38:95:27:CB:01:C2:68
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/sYJU7x58klaTDGO-ajiVJ8sBwmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.160.0/21
212.68.172.0-212.68.187.255
Signature Algorithm: sha256WithRSAEncryption
53:64:ef:77:09:3c:33:b6:de:c1:5f:93:98:b4:7a:8b:28:c3:
b8:44:e0:bb:6a:5c:b5:b0:ab:2e:7a:4e:94:04:0b:03:4e:08:
71:b5:6c:f5:8b:9b:c1:b7:33:41:ff:5c:a8:54:2a:ad:d1:ef:
f5:f2:dc:91:0d:9d:fa:c5:0b:30:e9:ef:b5:f7:80:80:87:bd:
60:96:59:5e:e7:d0:05:e5:b3:63:b5:e6:04:b2:91:d3:0c:a6:
91:31:f5:79:a1:4e:c7:19:ab:56:d2:ea:b7:21:ba:92:d9:36:
99:58:12:f7:e3:88:5e:34:4d:c7:3b:8d:5d:76:b6:09:36:c8:
38:10:fe:ea:34:93:a1:9a:e3:a5:1d:90:09:39:b8:4e:9a:9e:
07:d0:02:b4:1e:d7:6d:80:d7:02:c1:a2:5e:d9:a0:b8:f1:a0:
88:b4:52:67:b4:1b:2a:fc:48:90:61:d5:73:98:a0:67:a0:84:
b1:57:17:63:8e:e6:b9:46:de:93:7f:78:7f:f7:75:6a:b5:7d:
53:6c:97:c9:48:e6:85:92:f5:1b:73:a9:e4:61:af:1a:de:ef:
fd:c2:4d:3b:49:5f:1f:46:96:e8:e3:db:8d:f1:02:2f:72:9a:
1a:95:d4:57:25:41:75:28:e4:5a:a1:ec:af:bd:2c:98:fc:17:
46:12:4c:14
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYTOvoBg5sgzPyJGBzkuj99hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjIxMjAxMTczMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTgyNTRlZjFlN2M5MjU2OTMwYzYzYmU2YTM4OTUyN2NiMDFjMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVL99WLrB0wmlaKV8BldBnWtH46a
8EivxdSDCNS+kkwsijzztDkiZeOh7WTxBmjgHOAblZBQmbZZg4tZSWYVhxEVatzo
NrrRLuTfr1zX5dd9jzWgQV1qWrf+JMRoMFyWeu1/Y9ekyW9ZWFiCbS2ct0XO08gv
TT3/Mg5K21ZNy6CV4ZUNAUSDK4dxdVKT5gd4iqr1+I+RVXCgty2amulAtyG42Lzp
aDzhfeKITVPn1a6z9Bxb+sZipzl5gIAAv2YP5mjONZW6LGgbMk0l8rv8w1Q2YCF7
DgNHm7805zyVe5I5dSrsEBv2pGMdAUYzcMBXVgm80Uwft7ZWpXUI0GdElwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLGCVO8efJJWkwxjvmo4lSfLAcJoMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvc1lKVTd4NThrbGFUREdPLWFqaVZKOHNCd21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQD1ESgMAwD
BALURKwDBALURLgwDQYJKoZIhvcNAQELBQADggEBAFNk73cJPDO23sFfk5i0eoso
w7hE4LtqXLWwqy56TpQECwNOCHG1bPWLm8G3M0H/XKhUKq3R7/Xy3JENnfrFCzDp
77X3gICHvWCWWV7n0AXls2O15gSykdMMppEx9XmhTscZq1bS6rchupLZNplYEvfj
iF40Tcc7jV12tgk2yDgQ/uo0k6Ga46UdkAk5uE6angfQArQe122A1wLBol7ZoLjx
oIi0Ume0Gyr8SJBh1XOYoGeghLFXF2OO5rlG3pN/eH/3dWq1fVNsl8lI5oWS9Rtz
qeRhrxre7/3CTTtJXx9Glujj243xAi9ymhqV1FclQXUo5Fqh7K+9LJj8F0YSTBQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:14 2025 by rpki-client