Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212219.roa
File: AS212219.roa (raw, json)
Hash identifier: RRV+6qtThMbT2LdpiJOAJzLmWSAHIVqaAcHHTIWHEAw=
Subject key identifier: DD:0C:D2:CC:D8:2A:B0:50:8E:BB:83:6C:9D:59:A4:64:E7:B9:1D:77
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 02BB3C922F6DA7978F1FA4B5EAA41B993F273E7D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212219.roa
Signing time: Mon 13 Mar 2023 16:34:55 +0000
ROA not before: Mon 13 Mar 2023 16:29:55 +0000
ROA not after: Mon 11 Mar 2024 16:34:55 +0000
asID: 212219
IP address blocks: 181.215.7.0/24 maxlen: 24
181.215.23.0/24 maxlen: 24
191.96.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:bb:3c:92:2f:6d:a7:97:8f:1f:a4:b5:ea:a4:1b:99:3f:27:3e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 13 16:29:55 2023 GMT
Not After : Mar 11 16:34:55 2024 GMT
Subject: CN=DD0CD2CCD82AB0508EBB836C9D59A464E7B91D77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8b:e6:63:28:bf:ec:71:4e:54:51:a4:2d:97:
53:85:ea:fb:b6:44:2b:fe:d6:a3:c2:21:c6:9e:0c:
10:1b:3e:40:51:8c:f5:ce:e2:7d:d3:46:63:d9:8f:
f7:50:35:f9:2d:d4:81:a9:41:44:a6:8e:b9:1d:92:
ec:a9:74:20:f2:3f:9e:77:d1:1e:7b:55:49:a5:5e:
30:5c:ae:2e:b8:42:78:60:ec:d5:e4:23:d9:9f:f8:
d3:a6:64:36:b4:4b:4f:ea:49:43:02:63:b3:30:81:
0c:c5:90:b4:97:cf:92:c5:ca:06:2b:6e:00:c7:af:
e4:f6:df:cc:3e:69:81:4d:a2:34:3c:dd:f8:bf:fb:
2b:a6:be:98:78:3e:84:ca:d4:03:ee:e3:c4:76:77:
0e:d2:45:1b:8b:d8:9d:66:97:f9:16:09:e0:43:c2:
50:ad:06:e8:0e:89:fb:53:e7:b3:28:cb:3b:4a:4c:
b7:b6:e4:f3:f4:48:81:ce:98:e5:25:ff:2a:3e:3e:
c2:cc:a8:4f:44:a2:9b:b9:59:28:bb:10:ab:6a:a3:
f3:fd:02:a9:76:49:66:52:f7:f2:9d:e1:75:76:8c:
a3:07:00:78:c1:7c:69:05:aa:ab:b8:2b:16:6f:65:
a0:ce:fb:2b:60:fc:d7:d6:55:e5:63:da:39:1a:d8:
b4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0C:D2:CC:D8:2A:B0:50:8E:BB:83:6C:9D:59:A4:64:E7:B9:1D:77
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212219.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.7.0/24
181.215.23.0/24
191.96.127.0/24
Signature Algorithm: sha256WithRSAEncryption
71:45:fc:dd:18:71:93:2b:41:cb:f8:51:c7:dd:8b:09:25:4b:
f7:a9:1b:f2:8e:73:cb:fe:94:bf:89:f9:e8:cc:0a:cb:41:58:
23:84:32:b8:6d:05:ac:0e:fa:ad:63:e1:99:bd:3b:89:a8:25:
42:4e:34:bf:b9:78:62:e4:ab:08:81:98:5e:69:f7:2e:8a:82:
a8:72:2b:d7:11:75:31:fc:b2:56:40:0f:b9:ca:d2:8a:85:ef:
d2:00:59:64:38:3b:ac:3e:ac:55:e1:cf:5a:0a:87:a8:9a:39:
b5:0a:88:42:70:c7:be:74:82:24:35:08:66:9a:bb:ee:a8:94:
0e:7c:52:51:ab:57:06:7b:64:50:09:0d:65:32:7e:d1:6e:f8:
f9:e7:95:f6:f2:6a:ff:6e:79:8f:f8:59:cd:81:0b:22:27:dd:
39:46:7e:fc:3a:d7:fb:54:50:3f:ed:8a:bd:44:5e:9b:b0:0e:
05:39:23:08:eb:63:29:b7:dd:93:67:9b:cb:06:21:5e:0c:ca:
da:54:9d:5a:75:a2:8c:4d:10:f3:b1:1f:43:34:c9:3a:77:d9:
b1:4d:4e:f7:7b:fd:fa:2b:e6:0d:78:50:fa:8b:55:7c:6c:b5:
82:b5:cd:e5:9f:5d:ba:eb:ed:51:99:95:a1:93:d3:ac:c9:2e:
79:8a:df:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUArs8ki9tp5ePH6S16qQbmT8nPn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMTMxNjI5NTVaFw0yNDAzMTExNjM0NTVaMDMxMTAvBgNV
BAMTKEREMENEMkNDRDgyQUIwNTA4RUJCODM2QzlENTlBNDY0RTdCOTFENzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUi+ZjKL/scU5UUaQtl1OF6vu2
RCv+1qPCIcaeDBAbPkBRjPXO4n3TRmPZj/dQNfkt1IGpQUSmjrkdkuypdCDyP553
0R57VUmlXjBcri64Qnhg7NXkI9mf+NOmZDa0S0/qSUMCY7MwgQzFkLSXz5LFygYr
bgDHr+T238w+aYFNojQ83fi/+yumvph4PoTK1APu48R2dw7SRRuL2J1ml/kWCeBD
wlCtBugOiftT57MoyztKTLe25PP0SIHOmOUl/yo+PsLMqE9Eopu5WSi7EKtqo/P9
Aql2SWZS9/Kd4XV2jKMHAHjBfGkFqqu4KxZvZaDO+ytg/NfWVeVj2jka2LSjAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU3QzSzNgqsFCOu4NsnVmkZOe5HXcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMjE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAtdcH
AwQAtdcXAwQAv2B/MA0GCSqGSIb3DQEBCwUAA4IBAQBxRfzdGHGTK0HL+FHH3YsJ
JUv3qRvyjnPL/pS/ifnozArLQVgjhDK4bQWsDvqtY+GZvTuJqCVCTjS/uXhi5KsI
gZheafcuioKocivXEXUx/LJWQA+5ytKKhe/SAFlkODusPqxV4c9aCoeomjm1CohC
cMe+dIIkNQhmmrvuqJQOfFJRq1cGe2RQCQ1lMn7Rbvj555X28mr/bnmP+FnNgQsi
J905Rn78Otf7VFA/7Yq9RF6bsA4FOSMI62Mpt92TZ5vLBiFeDMraVJ1adaKMTRDz
sR9DNMk6d9mxTU73e/36K+YNeFD6i1V8bLWCtc3ln1266+1RmZWhk9OsyS55it/I
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org