Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/dss98hT0HwX85o-Zs9wes-8T-hc.roa
File: dss98hT0HwX85o-Zs9wes-8T-hc.roa (raw, json)
Hash identifier: ncIci2YIF8ciRjERR/aCJiVbuOEx39G9kGYj6e6A84k=
Subject key identifier: 76:CB:3D:F2:14:F4:1F:05:FC:E6:8F:99:B3:DC:1E:B3:EF:13:FA:17
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 0182819860075C61F518CD2D88B85540D1E2
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/dss98hT0HwX85o-Zs9wes-8T-hc.roa
Signing time: Tue 09 Aug 2022 07:53:43 +0000
ROA not before: Tue 09 Aug 2022 07:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207353
IP address blocks: 185.62.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:98:60:07:5c:61:f5:18:cd:2d:88:b8:55:40:d1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Aug 9 07:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76cb3df214f41f05fce68f99b3dc1eb3ef13fa17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:dd:92:ae:c4:f7:2a:31:b6:c2:5c:d3:ec:bc:
f0:b7:2d:db:32:da:89:b4:81:ac:7f:b0:57:00:df:
4d:ed:e1:de:fd:47:cf:01:84:2b:67:1c:6a:7a:90:
dc:12:57:7f:de:70:ab:c1:e1:ef:94:f8:d6:38:a0:
82:13:e4:8a:47:cc:06:6d:a9:55:ba:e8:6a:49:2b:
22:da:7b:51:46:49:fc:27:ef:ab:e3:ca:6d:26:a0:
ef:df:94:20:a8:2a:0e:32:10:79:11:47:09:e3:a3:
aa:ce:ab:3b:63:49:93:53:a6:e6:64:e2:61:70:85:
89:6d:eb:47:7d:f1:65:20:10:cb:5c:07:4b:b2:e2:
8d:2b:d9:2e:da:99:3f:fd:dd:22:9c:f2:6e:d1:42:
e9:12:f3:2f:19:8a:11:d6:10:32:36:b1:39:b0:6d:
d0:80:d2:ef:f9:9d:64:9d:e3:83:4d:62:6b:21:e5:
e0:89:13:7f:f7:ce:e5:a5:57:f2:90:47:e6:af:7d:
84:9d:4d:8e:5c:a1:9d:ad:b9:90:c2:49:40:53:4d:
c0:90:47:2d:34:84:0b:8b:8a:79:76:28:67:12:86:
fa:e7:53:36:14:c7:8b:9a:a9:fe:aa:4f:66:89:89:
40:84:98:35:03:58:c7:d3:10:e4:7a:1e:a8:6b:bf:
1c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CB:3D:F2:14:F4:1F:05:FC:E6:8F:99:B3:DC:1E:B3:EF:13:FA:17
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/dss98hT0HwX85o-Zs9wes-8T-hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.100.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ca:c6:1d:ee:a3:da:05:46:ff:93:8c:87:dd:68:5a:71:3e:
0d:6f:f4:b5:db:3d:de:b8:16:cd:3f:14:49:04:53:b0:7d:b4:
ec:e3:33:7e:e2:ab:08:e7:7c:21:ef:19:33:b6:79:33:03:64:
05:9b:58:00:73:00:ad:c7:8e:12:6e:ae:cb:29:4b:c2:f2:f1:
83:d1:24:6f:f8:ba:9a:3e:15:f8:52:59:17:ec:5a:c6:e8:ba:
7b:e2:bc:95:3f:69:0d:7e:66:a6:f1:46:14:f2:20:65:42:42:
28:51:83:f5:86:14:e1:a3:46:bf:52:ab:ba:78:97:7a:57:88:
bc:52:f8:69:cd:4c:0d:4f:df:55:49:db:73:28:b7:3e:cf:5b:
0c:41:b9:37:91:56:e6:a6:46:cf:8d:37:94:e4:71:b6:47:89:
fa:1d:cd:e0:64:2f:55:d9:92:30:7c:c4:c0:05:4a:3f:a3:67:
fc:a3:2a:4b:6a:b3:80:38:51:96:0b:74:7c:ae:a5:68:ec:77:
26:0e:37:9d:c2:2e:94:2a:f8:a0:f9:92:c9:d6:e4:54:28:53:
12:dd:0f:e4:66:39:30:72:5c:d0:4d:1e:36:66:f8:27:d9:32:
37:b6:07:99:cb:9e:a0:1a:a2:e5:53:01:22:6b:d9:0b:5c:00:
6c:f0:54:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKBmGAHXGH1GM0tiLhVQNHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjIwODA5MDc1MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNiM2RmMjE0ZjQxZjA1ZmNlNjhmOTliM2RjMWViM2VmMTNmYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt2SrsT3KjG2wlzT7Lzwty3bMtqJ
tIGsf7BXAN9N7eHe/UfPAYQrZxxqepDcEld/3nCrweHvlPjWOKCCE+SKR8wGbalV
uuhqSSsi2ntRRkn8J++r48ptJqDv35QgqCoOMhB5EUcJ46Oqzqs7Y0mTU6bmZOJh
cIWJbetHffFlIBDLXAdLsuKNK9ku2pk//d0inPJu0ULpEvMvGYoR1hAyNrE5sG3Q
gNLv+Z1kneODTWJrIeXgiRN/987lpVfykEfmr32EnU2OXKGdrbmQwklAU03AkEct
NIQLi4p5dihnEob651M2FMeLmqn+qk9miYlAhJg1A1jH0xDkeh6oa78cZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbLPfIU9B8F/OaPmbPcHrPvE/oXMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvZHNzOThoVDBId1g4NW8tWnM5d2VzLThULWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT5kMA0G
CSqGSIb3DQEBCwUAA4IBAQCYysYd7qPaBUb/k4yH3WhacT4Nb/S12z3euBbNPxRJ
BFOwfbTs4zN+4qsI53wh7xkztnkzA2QFm1gAcwCtx44Sbq7LKUvC8vGD0SRv+Lqa
PhX4UlkX7FrG6Lp74ryVP2kNfmam8UYU8iBlQkIoUYP1hhTho0a/Uqu6eJd6V4i8
UvhpzUwNT99VSdtzKLc+z1sMQbk3kVbmpkbPjTeU5HG2R4n6Hc3gZC9V2ZIwfMTA
BUo/o2f8oypLarOAOFGWC3R8rqVo7HcmDjedwi6UKvig+ZLJ1uRUKFMS3Q/kZjkw
clzQTR42Zvgn2TI3tgeZy56gGqLlUwEia9kLXABs8FQH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:19 2025 by rpki-client