Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/VMAlNpKy6iMTBtfkLHYafZIQBMI.roa
File: VMAlNpKy6iMTBtfkLHYafZIQBMI.roa (raw, json)
Hash identifier: i1IYAXIfa+NhWRwuQ3ZOLB6wlg34nAdMFc9rljapVt0=
Subject key identifier: 54:C0:25:36:92:B2:EA:23:13:06:D7:E4:2C:76:1A:7D:92:10:04:C2
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 04829CE3
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/VMAlNpKy6iMTBtfkLHYafZIQBMI.roa
Signing time: Sat 01 Jan 2022 12:06:35 +0000
ROA not before: Sat 01 Jan 2022 12:06:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5593
IP address blocks: 212.110.128.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75668707 (0x4829ce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 12:06:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54c0253692b2ea231306d7e42c761a7d921004c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ca:2d:63:c8:56:89:cf:97:54:55:50:ee:aa:
c7:aa:35:b0:3e:74:37:4d:cc:f6:aa:fe:1b:f9:cb:
97:5f:ed:22:65:57:97:4f:0d:18:fe:5b:4c:f5:32:
1d:5d:14:ac:d5:91:1b:f2:00:de:cb:17:fd:ed:35:
78:a4:3c:be:a1:44:83:d6:0c:1f:b4:f7:26:89:c5:
1b:f2:31:f3:41:a1:45:17:74:2a:92:72:6d:11:fb:
6d:34:da:3b:b4:e3:23:5f:ca:de:85:b8:e9:4d:89:
88:b8:91:df:7c:7b:5a:58:a6:ea:48:3e:11:12:2a:
e7:e2:ad:95:32:bf:2a:fe:5a:fa:0a:8a:72:4a:d8:
17:30:46:fe:ad:27:33:71:92:60:5a:e8:81:41:cd:
de:fd:19:bb:e7:d0:dd:94:11:d2:5c:1b:0f:0f:a9:
37:63:5a:33:b4:aa:de:fe:a1:78:10:6c:78:24:21:
ab:7e:64:2f:38:43:3d:f6:54:72:d1:27:a8:da:fe:
d4:3f:d7:06:de:90:09:6d:b7:12:0b:04:39:ba:85:
65:96:ec:13:0a:be:20:dc:05:7a:0e:85:2e:2c:61:
89:84:c7:f5:f1:ee:ce:21:37:83:42:33:ca:b9:85:
e3:af:fc:71:94:d2:9e:14:c6:58:0f:42:25:c1:b6:
26:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C0:25:36:92:B2:EA:23:13:06:D7:E4:2C:76:1A:7D:92:10:04:C2
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/VMAlNpKy6iMTBtfkLHYafZIQBMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.110.128.0/24
Signature Algorithm: sha256WithRSAEncryption
be:14:bc:b8:d0:92:55:74:f8:47:e0:72:60:6e:6d:72:6f:ef:
4b:e7:25:71:92:ea:3c:c5:4a:2c:87:db:c1:c4:01:1a:6d:68:
fd:cd:3d:49:ae:ec:f8:6f:ec:62:ed:ff:e0:00:5e:bd:7d:55:
71:1f:d3:4a:ff:da:43:8b:ea:e6:53:54:04:29:81:9b:f5:ea:
63:39:a7:b7:fd:8a:75:4b:20:6e:57:18:66:36:90:64:aa:3d:
d1:68:af:6b:14:25:4f:6b:18:17:d6:eb:96:94:22:28:94:71:
a0:95:68:f1:b0:b4:68:cc:d0:c3:e5:22:b8:df:5e:e4:47:c7:
63:da:d0:48:c6:70:41:ca:70:a5:3e:e4:ce:c2:45:5a:df:6a:
d6:da:f4:ad:cd:73:ae:8d:d1:30:57:f7:b3:05:c8:aa:24:a2:
70:97:f4:6a:67:87:57:f0:2b:aa:8f:8e:9e:cb:53:34:a5:a3:
91:de:81:06:83:28:a8:0d:2b:97:85:67:00:f5:27:12:f4:27:
10:e2:78:36:30:ad:fe:5e:20:1f:97:83:d3:d0:79:0f:af:d8:
c5:3d:c5:75:b4:be:06:66:e0:83:32:6c:76:47:c3:4b:69:7f:
9c:c1:86:d0:91:fa:5d:c9:27:cd:ee:6f:1d:86:23:7d:30:e7:
40:df:64:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBIKc4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDg3MTQyYmRjMmIzZjBkMDg0OGEwZDgwMGI2OTMwYjFhYmIzNGJjMB4XDTIyMDEw
MTEyMDYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRjMDI1MzY5MmIy
ZWEyMzEzMDZkN2U0MmM3NjFhN2Q5MjEwMDRjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3KLWPIVonPl1RVUO6qx6o1sD50N03M9qr+G/nLl1/tImVX
l08NGP5bTPUyHV0UrNWRG/IA3ssX/e01eKQ8vqFEg9YMH7T3JonFG/Ix80GhRRd0
KpJybRH7bTTaO7TjI1/K3oW46U2JiLiR33x7Wlim6kg+ERIq5+KtlTK/Kv5a+gqK
ckrYFzBG/q0nM3GSYFrogUHN3v0Zu+fQ3ZQR0lwbDw+pN2NaM7Sq3v6heBBseCQh
q35kLzhDPfZUctEnqNr+1D/XBt6QCW23EgsEObqFZZbsEwq+INwFeg6FLixhiYTH
9fHuziE3g0IzyrmF46/8cZTSnhTGWA9CJcG2Jl8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUwCU2krLqIxMG1+Qsdhp9khAEwjAfBgNVHSMEGDAWgBQNhxQr3Cs/DQhI
oNgAtpMLGrs0vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RZY1VLOXdyUHcwSVNLRFlBTGFUQ3hxN05Mdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvOGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8x
L1ZNQWxOcEt5NmlNVEJ0ZmtMSFlhZlpJUUJNSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
OGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8xL0RZY1VLOXdyUHcw
SVNLRFlBTGFUQ3hxN05Mdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANRugDANBgkqhkiG9w0BAQsFAAOC
AQEAvhS8uNCSVXT4R+ByYG5tcm/vS+clcZLqPMVKLIfbwcQBGm1o/c09Sa7s+G/s
Yu3/4ABevX1VcR/TSv/aQ4vq5lNUBCmBm/XqYzmnt/2KdUsgblcYZjaQZKo90Wiv
axQlT2sYF9brlpQiKJRxoJVo8bC0aMzQw+UiuN9e5EfHY9rQSMZwQcpwpT7kzsJF
Wt9q1tr0rc1zro3RMFf3swXIqiSicJf0ameHV/Arqo+OnstTNKWjkd6BBoMoqA0r
l4VnAPUnEvQnEOJ4NjCt/l4gH5eD09B5D6/YxT3FdbS+BmbggzJsdkfDS2l/nMGG
0JH6Xcknze5vHYYjfTDnQN9kZg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:52 2023 by rpki-client on console.sobornost.net