Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/wN2DE-dvQH1tFfWqcylKpVpEbgI.roa
File: wN2DE-dvQH1tFfWqcylKpVpEbgI.roa (raw, json)
Hash identifier: C/J6Y60nwL/voMu3hFpW3YVQcKksempsND24z3PFqQs=
Subject key identifier: C0:DD:83:13:E7:6F:40:7D:6D:15:F5:AA:73:29:4A:A5:5A:44:6E:02
Certificate issuer: /CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Certificate serial: 01863BE7BBC16A09A67A64B4F5330E0097D6
Authority key identifier: BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/wN2DE-dvQH1tFfWqcylKpVpEbgI.roa
Signing time: Fri 10 Feb 2023 15:18:08 +0000
ROA not before: Fri 10 Feb 2023 15:18:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9076
IP address blocks: 212.104.0.0/20 maxlen: 24
212.104.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:e7:bb:c1:6a:09:a6:7a:64:b4:f5:33:0e:00:97:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8a3bc47d13c83f7d1cf72a137e0066f83d0608
Validity
Not Before: Feb 10 15:18:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0dd8313e76f407d6d15f5aa73294aa55a446e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:08:a9:cf:e1:a7:3e:28:3d:9d:14:c4:69:b1:
2e:e4:24:a3:18:7a:b7:b1:d4:36:21:1e:af:44:e2:
6a:85:94:60:f4:39:7a:dc:fd:f4:af:71:f1:6b:03:
e6:6e:d6:5d:ab:07:b0:9c:44:6e:80:74:60:24:9b:
18:1d:71:86:11:df:68:0e:2a:49:66:c8:7f:1b:67:
1a:89:09:0f:dd:d5:b7:82:e8:93:c5:80:fd:84:95:
92:9e:a0:f6:84:6a:60:ac:02:a4:f1:1c:79:be:1b:
63:fd:46:86:cc:bb:6d:f2:1a:b5:8a:30:15:6f:ae:
ce:a0:d6:b2:c0:63:b3:3d:90:dd:8a:57:30:87:de:
50:7f:f0:3f:a4:5c:cb:82:1f:90:c3:21:bb:fb:ef:
25:1c:68:39:61:b7:74:54:4a:5e:c5:19:45:8e:33:
49:dd:09:37:43:7d:c3:a8:d4:f7:e4:7e:3e:ae:a5:
3d:9e:32:ff:fb:c6:6f:ba:f3:d1:af:59:15:a9:05:
d0:21:80:16:a2:f2:4e:4a:9f:68:5d:e7:c0:9e:cb:
71:4b:e8:77:1c:ef:72:b4:bb:50:e3:bb:79:1b:4e:
52:ad:76:1f:4d:1f:b0:8b:68:c7:ce:be:07:4c:63:
06:de:88:ee:7f:dd:19:eb:11:f3:57:5e:9b:e0:29:
51:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DD:83:13:E7:6F:40:7D:6D:15:F5:AA:73:29:4A:A5:5A:44:6E:02
X509v3 Authority Key Identifier:
keyid:BC:8A:3B:C4:7D:13:C8:3F:7D:1C:F7:2A:13:7E:00:66:F8:3D:06:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIo7xH0TyD99HPcqE34AZvg9Bgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/wN2DE-dvQH1tFfWqcylKpVpEbgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0ee921-a721-4f09-80f2-7113fc1b865b/1/vIo7xH0TyD99HPcqE34AZvg9Bgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.104.0.0/20
212.104.32.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:b4:22:43:2c:83:3d:0e:0c:60:d9:78:7a:ed:b5:a8:3f:99:
e1:e4:a3:6c:a8:e9:ab:ef:d0:23:e3:27:a0:cb:b0:e9:68:02:
04:f7:bd:54:3c:58:a0:27:8a:89:4c:2a:93:3f:87:7a:e5:74:
80:a0:9d:93:76:10:bb:48:c0:6c:15:8a:8c:25:7e:f3:d9:61:
d9:77:6d:ec:be:53:e6:bb:a1:74:12:d1:25:c4:e9:50:a5:a7:
c2:cf:7c:66:71:d9:45:f0:e8:92:2a:01:68:5c:92:a9:cd:81:
d6:7e:2a:47:b7:ba:c0:83:5f:86:7d:75:37:07:1d:78:65:a7:
f0:90:7b:de:43:eb:42:78:bb:80:11:3d:95:10:75:3c:e3:a2:
6c:23:bc:12:ac:48:90:30:1a:92:05:1f:91:f1:81:c8:2a:5f:
1d:77:33:96:45:a8:21:86:a3:98:af:dc:21:11:93:50:39:4a:
65:c1:af:01:7c:db:2e:05:14:bb:50:93:d1:36:4f:b8:83:8b:
07:ad:07:54:30:c4:db:f3:cc:74:49:32:3e:3b:87:98:36:05:
3b:d8:1e:80:1a:10:45:6f:ee:c1:fd:00:18:8a:08:77:b5:57:
dd:7e:90:4c:f4:5c:28:50:1d:f2:f9:2d:9e:df:a9:33:77:45:
78:03:32:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY757vBagmmemS09TMOAJfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGEzYmM0N2QxM2M4M2Y3ZDFjZjcyYTEzN2UwMDY2Zjgz
ZDA2MDgwHhcNMjMwMjEwMTUxODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGRkODMxM2U3NmY0MDdkNmQxNWY1YWE3MzI5NGFhNTVhNDQ2ZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAipz+GnPig9nRTEabEu5CSjGHq3
sdQ2IR6vROJqhZRg9Dl63P30r3HxawPmbtZdqwewnERugHRgJJsYHXGGEd9oDipJ
Zsh/G2caiQkP3dW3guiTxYD9hJWSnqD2hGpgrAKk8Rx5vhtj/UaGzLtt8hq1ijAV
b67OoNaywGOzPZDdilcwh95Qf/A/pFzLgh+QwyG7++8lHGg5Ybd0VEpexRlFjjNJ
3Qk3Q33DqNT35H4+rqU9njL/+8ZvuvPRr1kVqQXQIYAWovJOSp9oXefAnstxS+h3
HO9ytLtQ47t5G05SrXYfTR+wi2jHzr4HTGMG3ojuf90Z6xHzV16b4ClREwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMDdgxPnb0B9bRX1qnMpSqVaRG4CMB8GA1UdIwQY
MBaAFLyKO8R9E8g/fRz3KhN+AGb4PQYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjIt
NzExM2ZjMWI4NjViLzEvd04yREUtZHZRSDF0RmZXcWN5bEtwVnBFYmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZWU5MjEtYTcyMS00ZjA5LTgwZjItNzExM2ZjMWI4NjVi
LzEvdklvN3hIMFR5RDk5SFBjcUUzNEFadmc5QmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE1GgAAwQE
1GggMA0GCSqGSIb3DQEBCwUAA4IBAQActCJDLIM9Dgxg2Xh67bWoP5nh5KNsqOmr
79Aj4yegy7DpaAIE971UPFigJ4qJTCqTP4d65XSAoJ2TdhC7SMBsFYqMJX7z2WHZ
d23svlPmu6F0EtElxOlQpafCz3xmcdlF8OiSKgFoXJKpzYHWfipHt7rAg1+GfXU3
Bx14ZafwkHveQ+tCeLuAET2VEHU846JsI7wSrEiQMBqSBR+R8YHIKl8ddzOWRagh
hqOYr9whEZNQOUplwa8BfNsuBRS7UJPRNk+4g4sHrQdUMMTb88x0STI+O4eYNgU7
2B6AGhBFb+7B/QAYigh3tVfdfpBM9FwoUB3y+S2e36kzd0V4AzKp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:56 2025 by rpki-client