Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/0Z8G1Nqu4AN-9aaRkIIgagHjH1I.roa
File: 0Z8G1Nqu4AN-9aaRkIIgagHjH1I.roa (raw, json)
Hash identifier: JHTunXYPm1U+iBiGEj1Qpo1jivHcZzrE2+VdKkXknhM=
Subject key identifier: D1:9F:06:D4:DA:AE:E0:03:7E:F5:A6:91:90:82:20:6A:01:E3:1F:52
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 018419DC2E9BFB9FF51BE0DDE410D2C5AAC2
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/0Z8G1Nqu4AN-9aaRkIIgagHjH1I.roa
Signing time: Thu 27 Oct 2022 14:32:50 +0000
ROA not before: Thu 27 Oct 2022 14:32:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210616
IP address blocks: 212.15.56.0/24 maxlen: 24
212.15.56.0/23 maxlen: 23
212.15.58.0/23 maxlen: 23
212.15.58.0/24 maxlen: 24
212.15.57.0/24 maxlen: 24
212.15.63.0/24 maxlen: 24
212.15.59.0/24 maxlen: 24
212.15.62.0/24 maxlen: 24
212.15.62.0/23 maxlen: 23
212.15.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:dc:2e:9b:fb:9f:f5:1b:e0:dd:e4:10:d2:c5:aa:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Oct 27 14:32:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d19f06d4daaee0037ef5a6919082206a01e31f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bf:d6:b7:a0:19:42:39:47:61:b8:14:a3:d4:
9d:aa:7b:1d:ae:83:fa:94:ce:bd:b0:60:48:cb:1b:
41:bb:db:7d:6f:d1:4c:43:48:4d:cd:c2:39:09:40:
04:52:c9:72:b7:b6:ae:d4:80:67:b4:15:9a:59:53:
3a:8d:ba:c9:9f:12:37:16:14:2a:d5:e3:42:9f:7f:
00:db:82:65:25:ae:03:aa:2d:d1:ab:40:a0:73:dd:
c9:69:2b:82:77:e4:c2:16:49:20:b0:54:05:b7:3b:
ed:23:9d:a4:f1:8a:b2:c0:15:0e:80:39:7e:aa:af:
8b:cb:4f:0e:2c:6e:cd:de:c9:d0:b4:32:4a:19:72:
ea:2e:84:41:69:97:0c:02:a4:d8:d7:55:d4:9e:f7:
42:5b:1f:4e:a1:58:e9:09:8b:46:db:ef:b4:38:df:
09:1c:94:32:f5:fd:ec:11:03:2f:76:87:17:ae:5e:
8d:de:4d:88:7b:78:53:12:b0:35:c7:24:49:36:d5:
79:4d:9a:ae:95:f1:26:29:a2:c9:c6:db:e5:c6:84:
e7:f9:3e:90:c5:cb:ee:3b:f9:c5:cd:cd:e5:aa:22:
b2:f7:e6:5a:42:2f:52:14:30:e2:0f:23:96:12:db:
dd:fa:88:4e:08:da:aa:c0:9e:a2:1d:ce:73:30:be:
02:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9F:06:D4:DA:AE:E0:03:7E:F5:A6:91:90:82:20:6A:01:E3:1F:52
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/0Z8G1Nqu4AN-9aaRkIIgagHjH1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.15.56.0/22
212.15.61.0-212.15.63.255
Signature Algorithm: sha256WithRSAEncryption
11:36:ca:0c:2b:c1:63:dd:44:fe:29:ed:2a:16:f7:10:c2:36:
2f:96:1e:2a:68:2e:4d:60:8f:6d:4f:dd:12:74:86:55:f9:f5:
cb:e6:6c:2a:39:c4:6a:d6:f1:c2:55:3b:99:97:e9:2c:ec:20:
e8:b3:48:50:3e:8d:41:db:52:44:e5:a9:f4:c2:2d:17:4d:10:
6e:f4:ad:85:8c:14:d6:6d:8e:2b:12:ca:fc:0a:27:f9:28:ba:
ec:60:d7:48:80:cc:00:05:f5:a3:77:8b:ce:35:c7:cf:1f:f7:
66:35:6b:64:07:ff:08:e6:1d:72:32:88:5a:f2:9b:eb:e5:7a:
b9:33:ad:48:cf:97:25:22:bd:de:f0:13:39:85:47:c2:89:1e:
48:73:11:cd:c5:64:1f:a2:3d:89:2b:bc:1d:43:d0:c1:16:b4:
2a:46:b9:09:7e:e5:a2:e2:27:a5:f7:49:e8:87:29:65:f5:b7:
67:35:b1:73:07:45:b3:e3:12:2f:5c:25:7b:dc:01:a6:d2:cb:
b1:85:d1:a9:b8:8e:12:05:25:70:11:12:e1:b9:a8:7f:9a:e2:
d3:98:c6:44:ce:c8:61:2d:69:de:2a:c0:05:69:0a:57:e8:69:
75:63:7c:9e:80:e4:9c:ea:b0:bd:4d:ee:d8:dd:7d:15:9c:e8:
8e:df:9a:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYQZ3C6b+5/1G+Dd5BDSxarCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjIxMDI3MTQzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlmMDZkNGRhYWVlMDAzN2VmNWE2OTE5MDgyMjA2YTAxZTMxZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr/Wt6AZQjlHYbgUo9SdqnsdroP6
lM69sGBIyxtBu9t9b9FMQ0hNzcI5CUAEUslyt7au1IBntBWaWVM6jbrJnxI3FhQq
1eNCn38A24JlJa4Dqi3Rq0Cgc93JaSuCd+TCFkkgsFQFtzvtI52k8YqywBUOgDl+
qq+Ly08OLG7N3snQtDJKGXLqLoRBaZcMAqTY11XUnvdCWx9OoVjpCYtG2++0ON8J
HJQy9f3sEQMvdocXrl6N3k2Ie3hTErA1xyRJNtV5TZqulfEmKaLJxtvlxoTn+T6Q
xcvuO/nFzc3lqiKy9+ZaQi9SFDDiDyOWEtvd+ohOCNqqwJ6iHc5zML4CxQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNGfBtTaruADfvWmkZCCIGoB4x9SMB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvMFo4RzFOcXU0QU4tOWFhUmtJSWdhZ0hqSDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1A84MAwD
BADUDz0DBAbUDwAwDQYJKoZIhvcNAQELBQADggEBABE2ygwrwWPdRP4p7SoW9xDC
Ni+WHipoLk1gj21P3RJ0hlX59cvmbCo5xGrW8cJVO5mX6SzsIOizSFA+jUHbUkTl
qfTCLRdNEG70rYWMFNZtjisSyvwKJ/kouuxg10iAzAAF9aN3i841x88f92Y1a2QH
/wjmHXIyiFrym+vlerkzrUjPlyUivd7wEzmFR8KJHkhzEc3FZB+iPYkrvB1D0MEW
tCpGuQl+5aLiJ6X3SeiHKWX1t2c1sXMHRbPjEi9cJXvcAabSy7GF0am4jhIFJXAR
EuG5qH+a4tOYxkTOyGEtad4qwAVpClfoaXVjfJ6A5JzqsL1N7tjdfRWc6I7fmg8=
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:04:02 2025 by rpki-client