Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/epz_6AwF-DpTRUGc6Bq3HyjE6ZA.roa
File: epz_6AwF-DpTRUGc6Bq3HyjE6ZA.roa (raw, json)
Hash identifier: NEa9d+sNK5c/9Sh7bi40DdkfOHGlG+AN/bDsxe6XtoE=
Subject key identifier: 7A:9C:FF:E8:0C:05:F8:3A:53:45:41:9C:E8:1A:B7:1F:28:C4:E9:90
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 0184E5D7B0783296857699D812200CE70FCB
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/epz_6AwF-DpTRUGc6Bq3HyjE6ZA.roa
Signing time: Tue 06 Dec 2022 05:10:28 +0000
ROA not before: Tue 06 Dec 2022 05:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9000
IP address blocks: 212.50.32.0/24 maxlen: 24
212.50.33.0/24 maxlen: 24
212.50.37.0/24 maxlen: 24
212.50.36.0/24 maxlen: 24
212.50.41.0/24 maxlen: 24
212.50.44.0/24 maxlen: 24
212.50.39.0/24 maxlen: 24
212.50.55.0/24 maxlen: 24
212.50.54.0/24 maxlen: 24
212.50.61.0/24 maxlen: 24
2001:1b68::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e5:d7:b0:78:32:96:85:76:99:d8:12:20:0c:e7:0f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Dec 6 05:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a9cffe80c05f83a5345419ce81ab71f28c4e990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:76:66:64:f9:24:07:15:5a:d9:b7:97:2a:ec:
8b:12:cf:f1:90:40:10:86:b0:c5:5d:6c:ec:c9:1b:
1a:90:f2:58:65:28:36:c9:11:f0:45:8c:5b:ce:ef:
d0:08:85:37:20:3e:ae:e5:38:5f:d5:8d:9a:e8:fe:
a5:0c:e1:b4:ee:06:0d:56:2e:8e:1f:c9:85:56:ff:
ee:b0:e8:9c:74:f3:55:d1:f7:c2:22:76:4a:2f:91:
f4:d8:37:b5:bc:18:94:0d:b8:b0:71:8a:15:bd:36:
5d:83:3b:65:d9:f7:fb:b7:fa:e3:a9:c6:bf:09:f0:
f0:b2:96:a9:17:63:35:f9:71:28:c1:80:e2:b6:06:
69:f3:18:0b:fb:87:b8:66:7f:65:68:6d:d3:08:98:
1a:0c:f6:9d:cf:e0:c2:ce:25:6f:5e:da:9a:0b:20:
ee:a9:0d:57:d8:8a:40:fe:a7:90:0b:3e:5b:f2:fa:
b9:58:82:22:8e:91:71:f1:79:0c:06:99:71:75:bd:
34:88:64:2a:d4:f9:77:42:59:6f:df:20:f8:33:d1:
f8:15:be:45:ff:81:7d:be:0a:31:ae:44:0a:dd:23:
86:8f:c8:3f:51:85:1e:7a:e2:c4:57:9c:3e:6c:3c:
e1:f5:4f:b0:24:d8:8a:01:6e:6a:aa:7f:8f:cc:41:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9C:FF:E8:0C:05:F8:3A:53:45:41:9C:E8:1A:B7:1F:28:C4:E9:90
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/epz_6AwF-DpTRUGc6Bq3HyjE6ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.50.32.0/23
212.50.36.0/23
212.50.39.0/24
212.50.41.0/24
212.50.44.0/24
212.50.54.0/23
212.50.61.0/24
IPv6:
2001:1b68::/29
Signature Algorithm: sha256WithRSAEncryption
71:25:db:82:a8:0a:e5:f4:80:a0:bd:13:31:59:d7:82:32:d9:
d5:45:3a:29:cd:d6:26:69:de:56:57:6a:9a:1e:06:07:fe:83:
44:d1:89:6c:db:d7:ba:c1:35:42:ef:83:06:30:7d:51:35:d9:
40:f7:23:a5:4f:20:8a:4c:78:26:a0:c7:b6:ee:bb:60:27:15:
41:05:71:58:da:dd:00:46:28:99:f5:88:08:79:9e:db:2f:b8:
82:ba:4c:1a:19:4a:8e:8e:22:be:a2:a4:4d:df:d1:11:1c:b7:
8a:10:59:43:4b:57:03:37:91:01:1d:fd:76:de:37:ef:9c:a9:
10:6d:2d:cf:79:8e:f3:1d:e1:a1:1b:b4:1a:14:f6:30:3a:2c:
08:83:02:df:7d:87:01:a0:36:d4:3f:c4:be:13:3b:e2:89:b8:
e2:e1:f4:53:d0:db:e5:30:68:cc:b9:63:55:27:66:5d:f2:6e:
a8:55:f3:a1:94:d0:8a:fe:de:de:ff:11:36:1f:98:3a:32:8d:
42:ba:47:66:72:40:2a:90:d1:34:05:6a:4c:82:da:34:1f:7f:
30:11:f1:ce:62:2c:16:f0:aa:fd:2f:be:2a:6f:0f:a6:89:4e:
70:19:94:70:eb:8d:74:95:cd:96:ae:ee:cf:f5:85:79:20:9b:
90:4b:c6:e2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYTl17B4MpaFdpnYEiAM5w/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjIxMjA2MDUxMDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTljZmZlODBjMDVmODNhNTM0NTQxOWNlODFhYjcxZjI4YzRlOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nZmZPkkBxVa2beXKuyLEs/xkEAQ
hrDFXWzsyRsakPJYZSg2yRHwRYxbzu/QCIU3ID6u5Thf1Y2a6P6lDOG07gYNVi6O
H8mFVv/usOicdPNV0ffCInZKL5H02De1vBiUDbiwcYoVvTZdgztl2ff7t/rjqca/
CfDwspapF2M1+XEowYDitgZp8xgL+4e4Zn9laG3TCJgaDPadz+DCziVvXtqaCyDu
qQ1X2IpA/qeQCz5b8vq5WIIijpFx8XkMBplxdb00iGQq1Pl3Qllv3yD4M9H4Fb5F
/4F9vgoxrkQK3SOGj8g/UYUeeuLEV5w+bDzh9U+wJNiKAW5qqn+PzEGXDQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHqc/+gMBfg6U0VBnOgatx8oxOmQMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvZXB6XzZBd0YtRHBUUlVHYzZCcTNIeWpFNlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQB1DIgAwQB
1DIkAwQA1DInAwQA1DIpAwQA1DIsAwQB1DI2AwQA1DI9MA0EAgACMAcDBQMgARto
MA0GCSqGSIb3DQEBCwUAA4IBAQBxJduCqArl9ICgvRMxWdeCMtnVRTopzdYmad5W
V2qaHgYH/oNE0Yls29e6wTVC74MGMH1RNdlA9yOlTyCKTHgmoMe27rtgJxVBBXFY
2t0ARiiZ9YgIeZ7bL7iCukwaGUqOjiK+oqRN39ERHLeKEFlDS1cDN5EBHf123jfv
nKkQbS3PeY7zHeGhG7QaFPYwOiwIgwLffYcBoDbUP8S+Ezviibji4fRT0NvlMGjM
uWNVJ2Zd8m6oVfOhlNCK/t7e/xE2H5g6Mo1CukdmckAqkNE0BWpMgto0H38wEfHO
YiwW8Kr9L74qbw+miU5wGZRw6410lc2Wru7P9YV5IJuQS8bi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:11 2024 by rpki-client on console-ams.rpki-client.org