Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/E_sU97ZMe0Q4dpkDFNObhST3DCc.roa
File: E_sU97ZMe0Q4dpkDFNObhST3DCc.roa (raw, json)
Hash identifier: 9W2ieEXwuWTA0qgygn0LaUHkLIcq13EvQ0bWYkLokNo=
Subject key identifier: 13:FB:14:F7:B6:4C:7B:44:38:76:99:03:14:D3:9B:85:24:F7:0C:27
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 0891CFB4
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/E_sU97ZMe0Q4dpkDFNObhST3DCc.roa
Signing time: Sat 01 Jan 2022 14:05:42 +0000
ROA not before: Sat 01 Jan 2022 14:05:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9000
IP address blocks: 212.50.32.0/24 maxlen: 24
212.50.33.0/24 maxlen: 24
212.50.35.0/24 maxlen: 24
212.50.37.0/24 maxlen: 24
212.50.36.0/24 maxlen: 24
212.50.41.0/24 maxlen: 24
212.50.44.0/24 maxlen: 24
212.50.39.0/24 maxlen: 24
212.50.55.0/24 maxlen: 24
212.50.54.0/24 maxlen: 24
212.50.61.0/24 maxlen: 24
2001:1b68::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143773620 (0x891cfb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Jan 1 14:05:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13fb14f7b64c7b443876990314d39b8524f70c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:67:92:8a:06:91:64:32:17:c6:74:cb:ac:6e:
8f:b4:65:c9:70:b3:56:82:7a:30:0f:ef:7a:b5:28:
28:8c:3e:c5:79:86:90:47:51:3d:7b:0b:2d:85:24:
05:01:49:5d:43:dc:46:70:5a:68:7d:17:a8:9c:7a:
67:18:5d:72:e6:a4:c5:67:7f:84:24:f2:f6:e4:ab:
3b:ae:5e:a8:23:3d:d1:1d:1c:97:72:ae:20:e8:64:
2a:c0:6f:68:e7:6d:92:ff:ce:1e:de:8b:43:c1:61:
f3:44:0a:3f:6d:c3:1e:d1:1b:3a:93:3f:c9:4c:d0:
0b:d8:ed:fa:52:62:a5:11:d2:2f:59:3d:39:9a:16:
78:74:c2:92:d0:2e:3c:42:6c:71:14:9b:89:a3:1d:
f3:b7:d7:cb:89:6e:86:56:93:4a:d9:26:f8:13:18:
ac:de:5f:6f:4c:6b:b2:03:9f:4a:6b:4b:f9:84:f0:
d7:c9:79:c4:32:1c:ec:7f:13:ec:ab:84:11:71:e4:
4f:1e:ff:69:31:72:74:48:00:97:ea:fb:c8:83:4f:
1a:01:13:e6:f8:8b:04:96:77:14:60:f4:ec:e0:4f:
2e:e1:97:9e:5b:96:fe:eb:ba:48:11:a7:74:30:5a:
46:78:2f:e1:40:10:bc:19:e5:cf:63:d1:6f:65:df:
c8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:FB:14:F7:B6:4C:7B:44:38:76:99:03:14:D3:9B:85:24:F7:0C:27
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/E_sU97ZMe0Q4dpkDFNObhST3DCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.50.32.0/23
212.50.35.0-212.50.37.255
212.50.39.0/24
212.50.41.0/24
212.50.44.0/24
212.50.54.0/23
212.50.61.0/24
IPv6:
2001:1b68::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a0:fe:f6:5c:47:b6:d7:61:7c:cb:cc:00:63:9e:ec:26:e7:
00:e2:83:9c:9f:46:6a:3d:cd:6e:b5:26:ca:bb:71:ef:8d:59:
bb:89:c9:52:40:48:ee:33:88:ce:cf:0e:29:60:3f:d4:74:fe:
60:6f:49:ae:b0:e5:cc:82:9f:53:ab:80:cd:38:0d:38:06:cf:
f7:c0:fb:82:77:46:7f:19:88:d1:69:39:71:f9:8b:56:5f:3d:
19:65:7d:f7:50:2f:03:82:a5:64:34:1f:d9:34:bb:91:d7:b2:
6e:9a:54:1d:67:c5:9b:f1:35:ab:5a:22:6a:91:c7:d0:c7:19:
d6:66:8c:09:f8:f6:60:11:62:dc:40:21:42:26:2f:a4:93:44:
39:f2:43:96:9f:c1:e7:bf:75:6e:da:e6:65:89:a4:f3:fa:29:
26:a6:8e:a8:fe:c6:7d:f2:72:92:4c:91:30:7c:d0:66:5a:91:
19:d1:9c:44:2b:51:78:df:04:cb:83:ff:ea:8b:a1:1f:5f:14:
8a:1b:e0:81:ea:d9:1d:6d:fa:0f:23:ed:a1:4c:bd:2d:6e:2c:
50:ee:3d:7c:ec:a4:1a:02:e4:46:8d:d1:0c:5c:75:f4:da:e3:
50:dc:76:02:a8:ca:1c:21:c7:c4:6a:9d:2c:5c:c0:1d:88:07:
37:92:d8:b2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIECJHPtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjhkNjRhMGRjMjE5OTZiMWM5OWU2OGNjOTUxNjk0ZTI5M2VkZWZlMB4XDTIyMDEw
MTE0MDU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTNmYjE0ZjdiNjRj
N2I0NDM4NzY5OTAzMTRkMzliODUyNGY3MGMyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZnkooGkWQyF8Z0y6xuj7RlyXCzVoJ6MA/verUoKIw+xXmG
kEdRPXsLLYUkBQFJXUPcRnBaaH0XqJx6ZxhdcuakxWd/hCTy9uSrO65eqCM90R0c
l3KuIOhkKsBvaOdtkv/OHt6LQ8Fh80QKP23DHtEbOpM/yUzQC9jt+lJipRHSL1k9
OZoWeHTCktAuPEJscRSbiaMd87fXy4luhlaTStkm+BMYrN5fb0xrsgOfSmtL+YTw
18l5xDIc7H8T7KuEEXHkTx7/aTFydEgAl+r7yINPGgET5viLBJZ3FGD07OBPLuGX
nluW/uu6SBGndDBaRngv4UAQvBnlz2PRb2XfyLUCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBQT+xT3tkx7RDh2mQMU05uFJPcMJzAfBgNVHSMEGDAWgBS7jWSg3CGZaxyZ
5ozJUWlOKT7e/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U0MWtvTndobVdzY21lYU15VkZwVGlrLTN2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvMjIwMzE4LTQ2ZjEtNGViZi1hNzk1LWRkNGEyMTdkNjA2Yi8x
L0Vfc1U5N1pNZTBRNGRwa0RGTk9iaFNUM0RDYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
MjIwMzE4LTQ2ZjEtNGViZi1hNzk1LWRkNGEyMTdkNjA2Yi8xL3U0MWtvTndobVdz
Y21lYU15VkZwVGlrLTN2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEAdQyIDAMAwQA1DIjAwQB1DIkAwQA
1DInAwQA1DIpAwQA1DIsAwQB1DI2AwQA1DI9MA0EAgACMAcDBQMgARtoMA0GCSqG
SIb3DQEBCwUAA4IBAQALoP72XEe212F8y8wAY57sJucA4oOcn0ZqPc1utSbKu3Hv
jVm7iclSQEjuM4jOzw4pYD/UdP5gb0musOXMgp9Tq4DNOA04Bs/3wPuCd0Z/GYjR
aTlx+YtWXz0ZZX33UC8DgqVkNB/ZNLuR17JumlQdZ8Wb8TWrWiJqkcfQxxnWZowJ
+PZgEWLcQCFCJi+kk0Q58kOWn8Hnv3Vu2uZliaTz+ikmpo6o/sZ98nKSTJEwfNBm
WpEZ0ZxEK1F43wTLg//qi6EfXxSKG+CB6tkdbfoPI+2hTL0tbixQ7j187KQaAuRG
jdEMXHX02uNQ3HYCqMocIcfEap0sXMAdiAc3ktiy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:11 2024 by rpki-client on console-ams.rpki-client.org