Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/A5hdA6AMVHJCWpZGzRRTu-DFXqc.roa
File: A5hdA6AMVHJCWpZGzRRTu-DFXqc.roa (raw, json)
Hash identifier: QvglW9yH2BOrFh8RIzIY6o4RzCGvQSWjT6liAaQihXo=
Subject key identifier: 03:98:5D:03:A0:0C:54:72:42:5A:96:46:CD:14:53:BB:E0:C5:5E:A7
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 018571BA030EEBBF005BC52C4BC9CC17C28F
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/A5hdA6AMVHJCWpZGzRRTu-DFXqc.roa
Signing time: Mon 02 Jan 2023 09:04:53 +0000
ROA not before: Mon 02 Jan 2023 09:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9000
IP address blocks: 212.50.32.0/24 maxlen: 24
212.50.33.0/24 maxlen: 24
212.50.37.0/24 maxlen: 24
212.50.36.0/24 maxlen: 24
212.50.41.0/24 maxlen: 24
212.50.44.0/24 maxlen: 24
212.50.39.0/24 maxlen: 24
212.50.55.0/24 maxlen: 24
212.50.54.0/24 maxlen: 24
212.50.61.0/24 maxlen: 24
2001:1b68::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:03:0e:eb:bf:00:5b:c5:2c:4b:c9:cc:17:c2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Jan 2 09:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03985d03a00c5472425a9646cd1453bbe0c55ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7a:44:a5:b6:7b:05:d5:34:15:b3:a2:39:35:
91:3b:58:1f:67:e5:0d:a9:a8:e0:d7:fb:28:5d:41:
c1:36:82:bc:69:ee:06:2d:f4:1f:14:e2:9e:83:0b:
da:2c:9c:94:e1:37:e6:f5:cd:1d:4c:e8:db:a5:be:
c0:2a:bf:7e:ea:77:af:7c:cd:ce:e2:60:81:67:9d:
e9:92:8a:a7:2d:81:14:9e:45:62:4c:a8:bf:ad:b5:
86:11:47:e2:02:b5:d5:dd:8d:82:9b:29:05:98:c6:
c5:e0:45:46:42:c1:a4:5c:c6:72:33:06:fe:f4:ff:
e5:cb:86:f5:d2:df:0d:58:2d:bd:4e:c3:39:de:e9:
f5:b4:4b:07:64:0f:b0:60:af:6e:58:c0:ca:e2:9e:
32:b2:77:5e:43:17:e7:23:60:b8:e5:83:f3:53:de:
0c:85:9e:d0:29:a6:8c:67:a1:60:4d:6e:14:9b:0c:
d2:83:1d:3d:b6:3f:65:d6:d5:00:0d:e7:71:9c:87:
3c:1f:f4:41:ba:dd:01:1f:9f:3a:62:75:8a:f0:2e:
f5:65:f5:fe:1a:09:16:69:75:cb:d4:29:40:fe:ac:
20:31:04:bc:9d:32:bf:4b:60:c0:00:40:b0:6f:bd:
f7:ea:80:f0:28:b3:b4:d9:8d:a4:bb:6c:78:21:83:
ac:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:98:5D:03:A0:0C:54:72:42:5A:96:46:CD:14:53:BB:E0:C5:5E:A7
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/A5hdA6AMVHJCWpZGzRRTu-DFXqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.50.32.0/23
212.50.36.0/23
212.50.39.0/24
212.50.41.0/24
212.50.44.0/24
212.50.54.0/23
212.50.61.0/24
IPv6:
2001:1b68::/29
Signature Algorithm: sha256WithRSAEncryption
2b:64:17:f7:a4:71:74:89:13:8a:ee:3f:42:66:e4:36:08:2d:
eb:34:9b:13:f2:9a:f6:55:99:29:85:3f:cd:35:34:56:43:4e:
da:13:6f:b6:d9:be:d0:7f:75:05:bf:af:94:d2:2a:a5:aa:fe:
0f:9d:df:6c:b9:79:0f:fe:1a:a1:b6:b5:42:87:48:9f:39:f9:
cf:42:8e:50:37:de:5b:34:fa:97:33:fb:11:1f:a1:25:45:00:
8d:d5:d4:7c:5b:c2:77:9c:f7:7d:ca:1c:92:43:29:9d:29:e8:
b0:e4:03:87:24:3c:0a:c4:ef:ff:2d:7b:a5:84:00:16:ec:25:
b8:ea:f5:7b:51:e8:2d:5d:58:40:31:af:c5:6e:0c:f9:7f:b9:
04:f0:07:34:91:b7:44:b9:e2:97:41:65:98:17:f9:e3:63:b2:
92:b8:cd:0d:ff:43:d3:5a:6b:00:b7:89:57:39:35:d6:5a:7e:
d9:54:74:96:a1:d0:45:74:3d:9c:1a:2b:a3:3c:f4:10:c1:6c:
a8:0f:22:88:47:59:a0:b5:92:1a:c0:8d:57:77:cb:9a:8b:7a:
9c:15:97:c6:50:eb:25:16:0b:39:97:8b:48:38:ba:ae:f7:ea:
31:81:45:27:58:67:62:c9:4f:1e:03:5a:12:1f:ea:b2:4b:fd:
d2:1d:8d:0d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVxugMO678AW8UsS8nMF8KPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjMwMTAyMDkwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk4NWQwM2EwMGM1NDcyNDI1YTk2NDZjZDE0NTNiYmUwYzU1ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnpEpbZ7BdU0FbOiOTWRO1gfZ+UN
qajg1/soXUHBNoK8ae4GLfQfFOKegwvaLJyU4Tfm9c0dTOjbpb7AKr9+6nevfM3O
4mCBZ53pkoqnLYEUnkViTKi/rbWGEUfiArXV3Y2CmykFmMbF4EVGQsGkXMZyMwb+
9P/ly4b10t8NWC29TsM53un1tEsHZA+wYK9uWMDK4p4ysndeQxfnI2C45YPzU94M
hZ7QKaaMZ6FgTW4UmwzSgx09tj9l1tUADedxnIc8H/RBut0BH586YnWK8C71ZfX+
GgkWaXXL1ClA/qwgMQS8nTK/S2DAAECwb7336oDwKLO02Y2ku2x4IYOsZwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAOYXQOgDFRyQlqWRs0UU7vgxV6nMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvQTVoZEE2QU1WSEpDV3BaR3pSUlR1LURGWHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQB1DIgAwQB
1DIkAwQA1DInAwQA1DIpAwQA1DIsAwQB1DI2AwQA1DI9MA0EAgACMAcDBQMgARto
MA0GCSqGSIb3DQEBCwUAA4IBAQArZBf3pHF0iROK7j9CZuQ2CC3rNJsT8pr2VZkp
hT/NNTRWQ07aE2+22b7Qf3UFv6+U0iqlqv4Pnd9suXkP/hqhtrVCh0ifOfnPQo5Q
N95bNPqXM/sRH6ElRQCN1dR8W8J3nPd9yhySQymdKeiw5AOHJDwKxO//LXulhAAW
7CW46vV7UegtXVhAMa/Fbgz5f7kE8Ac0kbdEueKXQWWYF/njY7KSuM0N/0PTWmsA
t4lXOTXWWn7ZVHSWodBFdD2cGiujPPQQwWyoDyKIR1mgtZIawI1Xd8uai3qcFZfG
UOslFgs5l4tIOLqu9+oxgUUnWGdiyU8eA1oSH+qyS/3SHY0N
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:44 2025 by rpki-client