Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/cQIYzexQqrHqbG5YQSA9h4Y9fAA.roa
File: cQIYzexQqrHqbG5YQSA9h4Y9fAA.roa (raw, json)
Hash identifier: jH4ffJY3sSCjsU13Zi0XdsYgYI7FEa0U04BbPQuEhXs=
Subject key identifier: 71:02:18:CD:EC:50:AA:B1:EA:6C:6E:58:41:20:3D:87:86:3D:7C:00
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 05786E
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/cQIYzexQqrHqbG5YQSA9h4Y9fAA.roa
Signing time: Wed 02 Mar 2022 00:36:48 +0000
ROA not before: Wed 02 Mar 2022 00:36:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12912
IP address blocks: 213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
212.38.192.0/19 maxlen: 19
62.29.128.0/17 maxlen: 17
212.203.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358510 (0x5786e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Mar 2 00:36:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=710218cdec50aab1ea6c6e5841203d87863d7c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f4:12:98:84:7f:df:50:e7:1a:d7:77:3b:66:
d9:2d:10:04:95:f8:e4:3b:0b:eb:27:83:e4:c5:15:
98:3f:96:7a:e6:52:f0:30:4c:a8:b3:6b:db:0d:5d:
ee:88:60:21:1f:86:c1:b4:88:bd:7c:54:a1:da:c1:
2e:5a:96:92:e6:f5:f4:fa:04:76:09:43:d7:f0:93:
70:f1:02:73:58:af:07:ff:59:11:87:0b:51:78:9a:
7e:bd:14:2e:a4:7f:ab:93:ea:93:e3:35:d2:21:45:
c3:dc:03:2a:73:e6:f3:d4:7f:db:78:80:7f:eb:52:
62:15:e3:c0:a0:cf:92:f3:b3:68:9a:82:0f:cf:d9:
e3:aa:eb:3d:9d:e5:67:6a:d5:0f:88:9c:08:a0:fc:
dc:85:f8:65:8b:15:88:b3:e3:94:99:1d:99:5d:b1:
bb:b6:62:5f:57:de:a8:e0:d1:4e:6b:f5:14:85:c6:
8c:d4:b7:19:bb:6b:e7:59:7e:e5:30:df:b2:82:18:
06:c1:e5:72:a8:ce:23:7f:13:a6:38:19:a2:1c:8c:
0d:18:b2:51:ea:dc:81:18:50:7a:63:48:ea:bb:b4:
c3:14:b7:9a:6c:6a:8c:7f:57:a6:46:78:72:f7:cd:
73:cd:6d:1a:31:87:e6:93:fe:fa:1c:85:ca:88:b9:
fe:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:02:18:CD:EC:50:AA:B1:EA:6C:6E:58:41:20:3D:87:86:3D:7C:00
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/cQIYzexQqrHqbG5YQSA9h4Y9fAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
62:02:f4:45:98:0a:bd:ca:b8:b5:cf:c5:75:a6:3f:6a:fb:99:
4b:e3:d5:51:cf:77:a4:66:d0:85:4d:da:dc:72:97:a7:63:10:
87:6c:02:c0:04:a9:18:de:c2:c3:be:26:2e:1d:2d:ef:4a:f5:
91:02:2d:e9:b5:6a:a7:b7:66:b1:3d:c4:33:67:01:1e:4a:e0:
d7:ef:b0:88:98:d1:e4:a7:47:0a:dc:09:9b:2c:97:03:e0:85:
06:67:c3:d6:9b:7e:c2:86:5d:a2:d6:12:7b:98:d4:d2:f2:7e:
b8:43:03:ff:2f:a7:e3:a7:70:10:cc:c2:0d:9f:bd:5c:b1:1a:
2c:77:4c:cc:de:fc:2d:89:8b:d8:cd:6b:42:f3:39:63:12:4f:
43:3c:6c:a2:5d:ce:79:ad:56:00:cf:f7:93:02:fb:0f:06:56:
83:55:61:fb:64:ae:1c:6c:c3:6d:94:d0:a4:32:0e:a6:c1:4a:
ef:e9:33:78:fe:78:c9:0a:f4:39:6c:2a:73:7b:f2:03:1e:b6:
2c:65:53:f4:b9:25:35:03:6d:e3:21:16:27:6d:d5:20:54:5a:
3f:4b:f0:b4:ba:9f:82:7f:8c:9a:75:71:44:da:d6:e1:bb:cc:
2f:0b:47:5c:43:03:29:13:1d:c0:5f:b2:cd:6d:d0:50:7f:59:
cb:fe:b5:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDBXhuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNl
MGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNlOThlMjAwHhcNMjIwMzAy
MDAzNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MTAyMThjZGVjNTBh
YWIxZWE2YzZlNTg0MTIwM2Q4Nzg2M2Q3YzAwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAu/QSmIR/31DnGtd3O2bZLRAElfjkOwvrJ4PkxRWYP5Z65lLw
MEyos2vbDV3uiGAhH4bBtIi9fFSh2sEuWpaS5vX0+gR2CUPX8JNw8QJzWK8H/1kR
hwtReJp+vRQupH+rk+qT4zXSIUXD3AMqc+bz1H/beIB/61JiFePAoM+S87NomoIP
z9njqus9neVnatUPiJwIoPzchfhlixWIs+OUmR2ZXbG7tmJfV96o4NFOa/UUhcaM
1LcZu2vnWX7lMN+yghgGweVyqM4jfxOmOBmiHIwNGLJR6tyBGFB6Y0jqu7TDFLea
bGqMf1emRnhy981zzW0aMYfmk/76HIXKiLn+hQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFHECGM3sUKqx6mxuWEEgPYeGPXwAMB8GA1UdIwQYMBaAFD4L6OSNugffIXEX
Rbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4LzEv
Y1FJWXpleFFxckhxYkc1WVFTQTloNFk5ZkFBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85
NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4LzEvUGd2bzVJMjZCOTho
Y1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF1CbAAwQH1MuAAwQF1dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQBiAvRFmAq9yri1z8V1pj9q+5lL49VRz3ekZtCF
TdrccpenYxCHbALABKkY3sLDviYuHS3vSvWRAi3ptWqnt2axPcQzZwEeSuDX77CI
mNHkp0cK3AmbLJcD4IUGZ8PWm37Chl2i1hJ7mNTS8n64QwP/L6fjp3AQzMINn71c
sRosd0zM3vwtiYvYzWtC8zljEk9DPGyiXc55rVYAz/eTAvsPBlaDVWH7ZK4cbMNt
lNCkMg6mwUrv6TN4/njJCvQ5bCpze/IDHrYsZVP0uSU1A23jIRYnbdUgVFo/S/C0
up+Cf4yadXFE2tbhu8wvC0dcQwMpEx3AX7LNbdBQf1nL/rVw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:41 2025 by rpki-client