Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fb0280-9d86-4c11-89d1-87881127fcbf/1/lLgWPbqpzk_AEu3bOyOuwha97aU.roa
File: lLgWPbqpzk_AEu3bOyOuwha97aU.roa (raw, json)
Hash identifier: puZSw569sBQ7BXnAO4M6c7+mfi7JHB5pvye6f64ws9w=
Subject key identifier: 94:B8:16:3D:BA:A9:CE:4F:C0:12:ED:DB:3B:23:AE:C2:16:BD:ED:A5
Certificate issuer: /CN=78c71e65cf7a3d2e2fc2b8cc3d43d45d2b350df3
Certificate serial: 091E56B2
Authority key identifier: 78:C7:1E:65:CF:7A:3D:2E:2F:C2:B8:CC:3D:43:D4:5D:2B:35:0D:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eMceZc96PS4vwrjMPUPUXSs1DfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/fb0280-9d86-4c11-89d1-87881127fcbf/1/lLgWPbqpzk_AEu3bOyOuwha97aU.roa
Signing time: Sat 01 Jan 2022 15:58:22 +0000
ROA not before: Sat 01 Jan 2022 15:58:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8592
IP address blocks: 212.16.0.0/20 maxlen: 20
212.16.0.0/19 maxlen: 19
212.16.16.0/21 maxlen: 21
212.16.24.0/22 maxlen: 22
2a02:24f0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152983218 (0x91e56b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78c71e65cf7a3d2e2fc2b8cc3d43d45d2b350df3
Validity
Not Before: Jan 1 15:58:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94b8163dbaa9ce4fc012eddb3b23aec216bdeda5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0a:58:e3:80:d4:85:d4:6b:08:c0:8f:cd:6f:
32:c5:42:f9:17:9f:fa:8e:68:b1:0b:c0:cb:0e:94:
c7:38:5e:13:7b:ff:88:ac:28:40:b7:c4:12:9f:00:
3c:af:32:2f:16:7c:45:fa:5c:3e:18:2a:29:99:ea:
29:df:e3:84:12:7a:b4:3d:dd:b8:cc:f9:6b:35:ec:
f4:1c:0d:a3:49:cf:2b:d6:e5:d0:c4:ed:96:a1:5c:
cd:bf:4c:95:4c:51:ee:b3:60:88:eb:af:d4:d9:0e:
08:eb:fc:56:bc:11:51:72:c1:1b:0b:02:5f:85:65:
10:a1:34:f1:de:2e:03:31:09:6b:b7:48:e6:41:5c:
e6:d7:59:d8:61:d8:53:c7:18:f3:dd:0f:a8:a2:24:
15:ef:be:28:2a:ae:07:1c:ac:d9:38:e3:b6:3f:59:
2e:b2:c6:bb:a8:eb:17:2b:5a:c8:08:1a:c7:e3:a2:
24:6b:67:01:6f:72:96:99:a6:42:c1:22:24:4a:eb:
8e:5f:d5:2a:1c:de:5b:85:56:88:2d:b7:a0:92:8c:
eb:db:c7:05:0b:1f:d8:10:3b:35:45:cf:b3:b9:1f:
52:22:33:d2:c6:ea:76:14:51:67:f5:61:be:45:25:
87:4a:44:d1:af:33:83:63:62:d1:0f:fb:78:a9:ae:
06:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B8:16:3D:BA:A9:CE:4F:C0:12:ED:DB:3B:23:AE:C2:16:BD:ED:A5
X509v3 Authority Key Identifier:
keyid:78:C7:1E:65:CF:7A:3D:2E:2F:C2:B8:CC:3D:43:D4:5D:2B:35:0D:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eMceZc96PS4vwrjMPUPUXSs1DfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fb0280-9d86-4c11-89d1-87881127fcbf/1/lLgWPbqpzk_AEu3bOyOuwha97aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fb0280-9d86-4c11-89d1-87881127fcbf/1/eMceZc96PS4vwrjMPUPUXSs1DfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.16.0.0/19
IPv6:
2a02:24f0::/32
Signature Algorithm: sha256WithRSAEncryption
39:32:98:65:a2:5e:67:db:92:18:64:a8:4c:af:08:4a:e5:95:
cc:bb:2b:16:27:43:13:7e:bd:0e:3a:66:33:f7:e7:62:67:4f:
16:c4:1e:f7:bb:56:ec:92:80:28:0b:e6:a7:7d:68:d4:81:d3:
e6:fe:52:b0:7d:ff:08:df:89:32:c9:d5:2f:4c:fb:a9:50:54:
3e:2b:b2:9e:b5:1a:a0:a6:61:e1:53:21:c3:13:29:e0:12:6e:
0d:28:8f:82:0d:e6:b0:6a:30:4e:6f:05:88:57:07:2d:b6:c5:
1d:f7:cf:06:de:e3:a1:ed:99:5b:38:2e:31:35:ee:1b:13:a5:
9b:84:a9:3d:b0:80:17:61:5f:87:ce:cc:1a:59:35:23:88:d7:
e5:45:ca:5f:7c:3d:db:25:72:4d:b0:b6:70:78:fb:cb:83:d4:
8d:69:05:5a:ff:a7:1f:31:f4:74:83:5c:5b:54:fe:39:b6:36:
d6:49:44:da:69:fc:eb:56:d2:f0:ff:1d:a1:ce:6f:0d:a3:71:
21:f3:b9:77:be:cf:e8:cb:ca:f3:80:86:c3:6b:66:f8:24:eb:
80:95:5f:2e:45:15:0e:46:8d:7d:d8:6f:61:f9:f8:9a:0a:6b:
3d:75:a9:65:95:9a:b4:69:5b:65:0c:91:b5:3d:2b:a1:aa:be:
b6:2a:de:a7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECR5WsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OGM3MWU2NWNmN2EzZDJlMmZjMmI4Y2MzZDQzZDQ1ZDJiMzUwZGYzMB4XDTIyMDEw
MTE1NTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRiODE2M2RiYWE5
Y2U0ZmMwMTJlZGRiM2IyM2FlYzIxNmJkZWRhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI8KWOOA1IXUawjAj81vMsVC+Ref+o5osQvAyw6UxzheE3v/
iKwoQLfEEp8APK8yLxZ8RfpcPhgqKZnqKd/jhBJ6tD3duMz5azXs9BwNo0nPK9bl
0MTtlqFczb9MlUxR7rNgiOuv1NkOCOv8VrwRUXLBGwsCX4VlEKE08d4uAzEJa7dI
5kFc5tdZ2GHYU8cY890PqKIkFe++KCquBxys2Tjjtj9ZLrLGu6jrFytayAgax+Oi
JGtnAW9ylpmmQsEiJErrjl/VKhzeW4VWiC23oJKM69vHBQsf2BA7NUXPs7kfUiIz
0sbqdhRRZ/VhvkUlh0pE0a8zg2Ni0Q/7eKmuBlsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSUuBY9uqnOT8AS7ds7I67CFr3tpTAfBgNVHSMEGDAWgBR4xx5lz3o9Li/C
uMw9Q9RdKzUN8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VNY2VaYzk2UFM0dndyak1QVVBVWFNzMURmTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvZmIwMjgwLTlkODYtNGMxMS04OWQxLTg3ODgxMTI3ZmNiZi8x
L2xMZ1dQYnFwemtfQUV1M2JPeU91d2hhOTdhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
ZmIwMjgwLTlkODYtNGMxMS04OWQxLTg3ODgxMTI3ZmNiZi8xL2VNY2VaYzk2UFM0
dndyak1QVVBVWFNzMURmTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBdQQADANBAIAAjAHAwUAKgIk8DAN
BgkqhkiG9w0BAQsFAAOCAQEAOTKYZaJeZ9uSGGSoTK8ISuWVzLsrFidDE369Djpm
M/fnYmdPFsQe97tW7JKAKAvmp31o1IHT5v5SsH3/CN+JMsnVL0z7qVBUPiuynrUa
oKZh4VMhwxMp4BJuDSiPgg3msGowTm8FiFcHLbbFHffPBt7joe2ZWzguMTXuGxOl
m4SpPbCAF2Ffh87MGlk1I4jX5UXKX3w92yVyTbC2cHj7y4PUjWkFWv+nHzH0dINc
W1T+ObY21klE2mn861bS8P8doc5vDaNxIfO5d77P6MvK84CGw2tm+CTrgJVfLkUV
DkaNfdhvYfn4mgprPXWpZZWatGlbZQyRtT0roaq+tirepw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org