Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/_4klZb9xls36WgVZKQeqiDq-Mb4.roa
File: _4klZb9xls36WgVZKQeqiDq-Mb4.roa (raw, json)
Hash identifier: cPHDT4LyhelIg3NvhIQaBw10+PVyLsGfuZ4UyIquOkc=
Subject key identifier: FF:89:25:65:BF:71:96:CD:FA:5A:05:59:29:07:AA:88:3A:BE:31:BE
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 091D9913
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/_4klZb9xls36WgVZKQeqiDq-Mb4.roa
Signing time: Sat 01 Jan 2022 07:54:20 +0000
ROA not before: Sat 01 Jan 2022 07:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8937
IP address blocks: 212.18.192.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152934675 (0x91d9913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Jan 1 07:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff892565bf7196cdfa5a05592907aa883abe31be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4f:8d:fb:eb:62:d7:47:3a:38:f0:46:e0:0f:
91:31:fa:08:11:d9:fb:21:7d:a6:fb:8d:a5:dc:07:
05:cf:a3:98:82:b8:55:d8:f3:9c:75:e4:42:e0:59:
ff:ae:b0:ba:e3:18:87:9f:b4:53:21:c1:03:d9:86:
db:0f:91:45:c1:28:27:68:8d:4d:45:b7:db:b1:9d:
35:64:3e:cc:18:09:82:da:3d:72:b1:8d:ab:54:94:
b6:68:80:53:3b:05:23:ab:80:ea:bd:a0:ea:00:14:
9e:7e:01:e0:0a:57:68:a0:b2:32:42:d3:a3:a4:30:
d7:2e:fb:db:8b:b4:43:43:1a:bc:da:50:d0:2f:92:
52:63:e1:e9:1b:87:d6:0c:56:3d:1a:a6:1d:69:41:
db:0d:12:9d:ba:13:a5:5d:7e:a2:28:07:36:cc:d3:
21:76:e7:33:73:d0:cf:da:99:c3:97:0e:1d:5d:47:
3e:77:8e:91:d5:47:90:c4:b7:77:f9:46:9d:da:03:
7d:03:28:64:d8:1a:41:ee:41:6b:9e:c6:69:37:26:
44:60:3b:1c:37:27:ba:73:57:fc:47:f6:2f:46:4d:
3f:3a:42:23:7a:6b:78:38:8d:31:43:5f:08:4e:d4:
ae:cb:61:f1:da:f5:91:90:1a:37:3f:51:6e:6d:12:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:89:25:65:BF:71:96:CD:FA:5A:05:59:29:07:AA:88:3A:BE:31:BE
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/_4klZb9xls36WgVZKQeqiDq-Mb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.192.0/19
Signature Algorithm: sha256WithRSAEncryption
57:84:a9:a3:1c:92:b3:47:5d:0d:f2:0d:53:b7:9a:56:e1:04:
82:8b:3e:05:a3:91:3e:b4:08:65:52:e1:90:af:fd:90:69:b1:
a8:8e:0a:42:da:23:31:13:3c:8a:7d:85:37:ee:32:e2:60:3b:
3a:ab:e9:28:17:87:4e:a9:1f:36:fe:b7:a1:c3:c1:39:b7:5f:
e1:51:cd:f5:7e:27:46:81:4a:7a:d5:f2:e3:00:62:36:1c:72:
6f:7a:25:71:f6:2a:18:2f:38:6f:2b:21:d2:34:f0:fb:f6:78:
cc:73:36:1f:3d:7c:99:82:2a:b3:99:cb:45:42:d9:a6:e8:56:
62:81:32:65:73:e6:2b:34:69:c8:b4:05:99:77:f3:2a:fe:e1:
45:28:11:8f:ef:f2:fe:58:2d:cd:22:74:51:d8:4d:89:00:0c:
57:09:8c:2a:23:b9:bd:3a:cc:a5:53:1c:92:55:1c:3c:6f:d4:
09:5e:b1:04:82:fd:1d:07:8b:99:83:e6:ae:93:fd:e9:e3:e4:
27:b2:2c:c4:33:30:c5:a8:4e:e1:91:31:bd:40:5c:36:89:66:
78:6c:ed:b4:05:ef:27:06:b2:e3:c7:c7:cc:2e:03:47:0a:2d:
11:6c:2e:2c:e0:6a:40:c9:14:72:d9:80:45:1f:24:34:96:55:
c9:60:67:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECR2ZEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTJiZTBlYTcxY2Y0MzdlMDhlZmRmM2ZlNzk4ZWFmOTg0MTMxYzQ2MB4XDTIyMDEw
MTA3NTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY4OTI1NjViZjcx
OTZjZGZhNWEwNTU5MjkwN2FhODgzYWJlMzFiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1PjfvrYtdHOjjwRuAPkTH6CBHZ+yF9pvuNpdwHBc+jmIK4
VdjznHXkQuBZ/66wuuMYh5+0UyHBA9mG2w+RRcEoJ2iNTUW327GdNWQ+zBgJgto9
crGNq1SUtmiAUzsFI6uA6r2g6gAUnn4B4ApXaKCyMkLTo6Qw1y7724u0Q0MavNpQ
0C+SUmPh6RuH1gxWPRqmHWlB2w0SnboTpV1+oigHNszTIXbnM3PQz9qZw5cOHV1H
PneOkdVHkMS3d/lGndoDfQMoZNgaQe5Ba57GaTcmRGA7HDcnunNX/Ef2L0ZNPzpC
I3preDiNMUNfCE7Ursth8dr1kZAaNz9Rbm0SQi0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT/iSVlv3GWzfpaBVkpB6qIOr4xvjAfBgNVHSMEGDAWgBQhK+Dqcc9Dfgjv
3z/nmOr5hBMcRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lTdmc2bkhQUTM0STc5OF81NWpxLVlRVEhFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvMWJhYmZjLTc5ZTYtNDVkZi04YzQwLTcyNTY4ZjA2ZmUxMC8x
L180a2xaYjl4bHMzNldnVlpLUWVxaURxLU1iNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
MWJhYmZjLTc5ZTYtNDVkZi04YzQwLTcyNTY4ZjA2ZmUxMC8xL0lTdmc2bkhQUTM0
STc5OF81NWpxLVlRVEhFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdQSwDANBgkqhkiG9w0BAQsFAAOC
AQEAV4SpoxySs0ddDfINU7eaVuEEgos+BaORPrQIZVLhkK/9kGmxqI4KQtojMRM8
in2FN+4y4mA7OqvpKBeHTqkfNv63ocPBObdf4VHN9X4nRoFKetXy4wBiNhxyb3ol
cfYqGC84bysh0jTw+/Z4zHM2Hz18mYIqs5nLRULZpuhWYoEyZXPmKzRpyLQFmXfz
Kv7hRSgRj+/y/lgtzSJ0UdhNiQAMVwmMKiO5vTrMpVMcklUcPG/UCV6xBIL9HQeL
mYPmrpP96ePkJ7IsxDMwxahO4ZExvUBcNolmeGzttAXvJway48fHzC4DRwotEWwu
LOBqQMkUctmARR8kNJZVyWBnLQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:12 2025 by rpki-client