Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/N_9FeGkuptUlTOItzeU6hTQLHow.roa
File: N_9FeGkuptUlTOItzeU6hTQLHow.roa (raw, json)
Hash identifier: yiZXD7cu0Ml91UyZFDIvhUH/DtTWlCl4PpcA5OJoenQ=
Subject key identifier: 37:FF:45:78:69:2E:A6:D5:25:4C:E2:2D:CD:E5:3A:85:34:0B:1E:8C
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018570306E9B8F1890BC5B1D6413A821F3D5
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/N_9FeGkuptUlTOItzeU6hTQLHow.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207353
IP address blocks: 185.62.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:6e:9b:8f:18:90:bc:5b:1d:64:13:a8:21:f3:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ff4578692ea6d5254ce22dcde53a85340b1e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:62:cb:ee:4b:56:17:18:83:bc:7b:61:36:f0:
90:8b:6d:96:1f:b8:bf:3a:ee:60:66:d2:24:a9:eb:
d9:54:1b:c3:0e:83:76:ba:94:83:5e:f3:a3:4e:97:
fe:63:aa:9f:a0:6a:d7:e9:f4:07:fa:f1:9c:77:97:
06:2e:54:96:f4:87:51:8f:8c:5d:c9:c5:f2:27:7c:
be:02:3a:e2:5e:32:2e:a3:33:f1:ac:6b:d5:fa:4a:
f4:ca:2a:9d:93:4d:82:25:76:4f:50:00:80:ba:64:
58:19:26:ee:5c:e7:3d:9b:7d:0e:c6:1d:5c:1d:ca:
7d:e9:95:a0:01:b1:d4:4e:b1:d6:ef:f8:6c:ee:95:
5c:17:02:36:52:34:32:47:d8:ff:92:c7:c8:e4:e7:
00:e6:de:c1:97:93:be:ff:a8:41:0f:3d:20:78:7b:
12:da:45:70:c0:67:09:ca:59:8c:5f:4b:b6:2e:3f:
7c:30:c7:a3:2e:18:e0:a4:ae:d1:c0:b0:a2:9c:4d:
b9:5c:6a:9e:e2:1e:6a:8a:99:86:e3:b4:c5:94:9c:
05:46:58:b1:e6:f5:69:a9:41:f5:e1:b8:d5:12:1c:
5c:77:a9:a2:19:0c:fa:d3:c0:f8:78:4b:dd:32:49:
f7:8a:50:42:dd:90:30:4a:73:ce:21:f3:9d:c7:ad:
1b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FF:45:78:69:2E:A6:D5:25:4C:E2:2D:CD:E5:3A:85:34:0B:1E:8C
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/N_9FeGkuptUlTOItzeU6hTQLHow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.100.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:fe:3b:7f:85:29:59:b0:ca:78:79:f0:70:7c:e3:c5:23:a6:
3a:cc:46:bc:8e:00:3d:bf:86:3a:90:24:58:05:35:bb:73:64:
b5:aa:bf:e2:9b:23:c4:bd:10:60:4d:ac:54:1c:16:d9:e9:e4:
eb:1a:67:b3:d7:48:a8:84:ef:73:e0:d4:8f:8d:d0:e1:f0:26:
ec:da:1a:41:0b:70:ea:fc:c2:8a:2e:a2:f5:90:6a:c1:64:68:
92:5c:2a:76:b6:c8:fc:61:fd:49:7b:1b:b9:1f:37:6a:20:42:
04:73:8a:5b:58:16:6a:0f:49:4a:52:04:0a:cb:c3:8f:77:97:
a3:63:71:6c:50:17:77:8e:92:eb:ad:5a:dc:24:60:c2:cb:d3:
e3:29:b3:9d:d0:75:42:e6:a0:7d:b7:6d:c0:5a:68:ed:e1:7b:
59:93:7b:55:2e:46:66:a7:d0:58:90:5f:71:90:c8:4c:90:38:
7d:22:3e:7d:5a:31:40:e3:b5:2b:8c:c3:9b:dc:ff:56:c3:52:
20:e9:61:52:f7:e7:a9:96:5c:15:9e:99:02:30:7c:03:8b:a7:
c7:c5:bc:60:f9:fa:04:18:00:a6:84:e0:fe:bf:f8:61:41:7d:
4e:f2:cc:93:b4:fe:6e:83:60:f1:0a:e9:85:9b:ac:c4:d6:86:
e5:e5:39:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMG6bjxiQvFsdZBOoIfPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2ZmNDU3ODY5MmVhNmQ1MjU0Y2UyMmRjZGU1M2E4NTM0MGIxZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mLL7ktWFxiDvHthNvCQi22WH7i/
Ou5gZtIkqevZVBvDDoN2upSDXvOjTpf+Y6qfoGrX6fQH+vGcd5cGLlSW9IdRj4xd
ycXyJ3y+AjriXjIuozPxrGvV+kr0yiqdk02CJXZPUACAumRYGSbuXOc9m30Oxh1c
Hcp96ZWgAbHUTrHW7/hs7pVcFwI2UjQyR9j/ksfI5OcA5t7Bl5O+/6hBDz0geHsS
2kVwwGcJylmMX0u2Lj98MMejLhjgpK7RwLCinE25XGqe4h5qipmG47TFlJwFRlix
5vVpqUH14bjVEhxcd6miGQz608D4eEvdMkn3ilBC3ZAwSnPOIfOdx60bXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDf/RXhpLqbVJUziLc3lOoU0Cx6MMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvTl85RmVHa3VwdFVsVE9JdHplVTZoVFFMSG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT5kMA0G
CSqGSIb3DQEBCwUAA4IBAQAf/jt/hSlZsMp4efBwfOPFI6Y6zEa8jgA9v4Y6kCRY
BTW7c2S1qr/imyPEvRBgTaxUHBbZ6eTrGmez10iohO9z4NSPjdDh8Cbs2hpBC3Dq
/MKKLqL1kGrBZGiSXCp2tsj8Yf1Jexu5HzdqIEIEc4pbWBZqD0lKUgQKy8OPd5ej
Y3FsUBd3jpLrrVrcJGDCy9PjKbOd0HVC5qB9t23AWmjt4XtZk3tVLkZmp9BYkF9x
kMhMkDh9Ij59WjFA47UrjMOb3P9Ww1Ig6WFS9+epllwVnpkCMHwDi6fHxbxg+foE
GACmhOD+v/hhQX1O8syTtP5ug2DxCumFm6zE1obl5Tl9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:07 2025 by rpki-client