Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/1V1Yqa-2t9oOOFI7O5_aCs-IJ5Q.roa
File: 1V1Yqa-2t9oOOFI7O5_aCs-IJ5Q.roa (raw, json)
Hash identifier: AzDqHtj/QbpxRqCNBQM7QMiFaR4EY7K7y3G+Z0mnpzc=
Subject key identifier: D5:5D:58:A9:AF:B6:B7:DA:0E:38:52:3B:3B:9F:DA:0A:CF:88:27:94
Certificate issuer: /CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Certificate serial: 018C54DFC5D63512A60A16A13F30B7348339
Authority key identifier: A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/1V1Yqa-2t9oOOFI7O5_aCs-IJ5Q.roa
Signing time: Sun 10 Dec 2023 17:56:40 +0000
ROA not before: Sun 10 Dec 2023 17:56:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209975
IP address blocks: 212.60.8.0/24 maxlen: 24
212.60.8.0/22 maxlen: 22
212.60.9.0/24 maxlen: 24
212.60.11.0/24 maxlen: 24
212.60.10.0/24 maxlen: 24
2a09:800:1002::/48 maxlen: 48
2a09:800:1001::/48 maxlen: 48
2a09:800:4000::/35 maxlen: 35
2a09:800:2000::/35 maxlen: 35
2a09:800::/35 maxlen: 35
2a09:800::/36 maxlen: 36
2a09:800:1000::/48 maxlen: 48
2a09:800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:54:df:c5:d6:35:12:a6:0a:16:a1:3f:30:b7:34:83:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a2d637cb0accf8721f43e266ce213f8eddd26a
Validity
Not Before: Dec 10 17:56:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d55d58a9afb6b7da0e38523b3b9fda0acf882794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:89:17:89:51:a4:a1:5a:fe:6a:f4:a0:17:41:
14:19:06:ad:94:c1:15:fa:ee:4c:e4:71:a7:5a:6a:
2b:75:55:66:f7:e7:c8:28:50:06:2e:42:f7:32:2e:
27:6f:03:0f:b6:de:53:ca:ea:8c:bf:02:b2:26:59:
ae:aa:8c:df:a1:98:5d:c7:47:5d:d9:aa:b3:78:35:
df:15:61:f6:78:cd:08:6e:cd:55:b6:4a:66:d4:a4:
8b:c8:b0:50:4a:1d:24:3d:7a:d3:f5:0d:4e:cb:13:
40:9b:bf:ee:c4:9e:74:78:ab:8d:25:15:c7:db:51:
06:bc:aa:81:a9:0f:c1:53:7c:42:e7:df:9f:bc:16:
c2:97:73:09:a3:a4:ff:46:b8:48:9b:36:43:5d:48:
de:68:00:32:c6:e8:34:75:93:15:06:85:25:9b:b2:
f2:0a:5d:74:ef:7e:8d:c1:8d:25:9c:c2:42:c8:cd:
96:6f:8e:ea:f1:30:b3:c7:77:8c:31:a4:98:24:56:
0b:a8:f3:c3:f5:f8:10:91:85:3a:6a:15:7b:d1:11:
50:f7:be:3a:e2:75:87:b1:70:15:8b:e5:b5:88:fd:
2e:a1:66:1b:66:11:77:fa:39:31:8e:7a:59:b2:af:
5e:d5:b4:34:e8:36:2d:27:df:18:a3:8a:17:13:fc:
82:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:5D:58:A9:AF:B6:B7:DA:0E:38:52:3B:3B:9F:DA:0A:CF:88:27:94
X509v3 Authority Key Identifier:
keyid:A1:A2:D6:37:CB:0A:CC:F8:72:1F:43:E2:66:CE:21:3F:8E:DD:D2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaLWN8sKzPhyH0PiZs4hP47d0mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/1V1Yqa-2t9oOOFI7O5_aCs-IJ5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/edbf44-3732-44ff-a944-e21974a294ba/1/oaLWN8sKzPhyH0PiZs4hP47d0mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.60.8.0/22
IPv6:
2a09:800::/29
Signature Algorithm: sha256WithRSAEncryption
b1:f9:3f:4d:70:75:af:42:38:e0:ef:07:44:e9:aa:45:d4:ad:
46:43:a2:81:70:3a:5c:80:9d:44:26:1c:6b:88:ac:1e:61:7a:
13:86:5d:4e:46:6a:3f:e0:ee:2c:29:b6:8a:91:25:a4:7f:49:
20:9f:77:98:a1:a2:a7:92:af:d9:e1:73:8d:3d:0e:ca:b0:bb:
36:45:37:74:df:75:c2:c0:34:db:cc:0c:2a:57:8c:11:ce:dc:
f6:ad:ef:24:69:b5:20:85:af:f6:55:7d:e2:34:6a:45:f0:d5:
f1:ef:ec:fb:b7:aa:56:67:8e:9b:57:c3:90:88:df:03:d4:65:
8d:56:0d:8d:c0:98:4f:22:df:c7:51:8a:4d:2b:94:74:9c:31:
0f:45:a9:ba:56:3e:fd:30:60:39:72:2e:d2:39:15:0e:ab:db:
27:26:b3:a1:5f:2c:06:c7:fc:63:8f:4c:1e:56:64:b7:78:51:
b6:24:2e:52:d3:cf:88:9e:d1:27:fa:d7:72:76:a0:a9:6d:13:
d4:55:96:29:67:92:79:5c:bd:03:cb:3a:f1:cf:aa:7b:7f:d3:
8b:08:57:de:ae:63:42:ac:ff:b2:a2:7f:03:8b:47:13:51:e9:
bc:31:56:bd:2e:bc:82:38:ef:c3:45:5d:ea:18:a4:c7:eb:83:
65:39:f2:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxU38XWNRKmChahPzC3NIM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTJkNjM3Y2IwYWNjZjg3MjFmNDNlMjY2Y2UyMTNmOGVk
ZGQyNmEwHhcNMjMxMjEwMTc1NjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTVkNThhOWFmYjZiN2RhMGUzODUyM2IzYjlmZGEwYWNmODgyNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYkXiVGkoVr+avSgF0EUGQatlMEV
+u5M5HGnWmordVVm9+fIKFAGLkL3Mi4nbwMPtt5TyuqMvwKyJlmuqozfoZhdx0dd
2aqzeDXfFWH2eM0Ibs1Vtkpm1KSLyLBQSh0kPXrT9Q1OyxNAm7/uxJ50eKuNJRXH
21EGvKqBqQ/BU3xC59+fvBbCl3MJo6T/RrhImzZDXUjeaAAyxug0dZMVBoUlm7Ly
Cl10736NwY0lnMJCyM2Wb47q8TCzx3eMMaSYJFYLqPPD9fgQkYU6ahV70RFQ9746
4nWHsXAVi+W1iP0uoWYbZhF3+jkxjnpZsq9e1bQ06DYtJ98Yo4oXE/yCmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNVdWKmvtrfaDjhSOzuf2grPiCeUMB8GA1UdIwQY
MBaAFKGi1jfLCsz4ch9D4mbOIT+O3dJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQt
ZTIxOTc0YTI5NGJhLzEvMVYxWXFhLTJ0OW9PT0ZJN081X2FDcy1JSjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9lZGJmNDQtMzczMi00NGZmLWE5NDQtZTIxOTc0YTI5NGJh
LzEvb2FMV044c0t6UGh5SDBQaVpzNGhQNDdkMG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1DwIMA0E
AgACMAcDBQMqCQgAMA0GCSqGSIb3DQEBCwUAA4IBAQCx+T9NcHWvQjjg7wdE6apF
1K1GQ6KBcDpcgJ1EJhxriKweYXoThl1ORmo/4O4sKbaKkSWkf0kgn3eYoaKnkq/Z
4XONPQ7KsLs2RTd033XCwDTbzAwqV4wRztz2re8kabUgha/2VX3iNGpF8NXx7+z7
t6pWZ46bV8OQiN8D1GWNVg2NwJhPIt/HUYpNK5R0nDEPRam6Vj79MGA5ci7SORUO
q9snJrOhXywGx/xjj0weVmS3eFG2JC5S08+IntEn+tdydqCpbRPUVZYpZ5J5XL0D
yzrxz6p7f9OLCFfermNCrP+yon8Di0cTUem8MVa9LryCOO/DRV3qGKTH64NlOfLJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:47 2025 by rpki-client