Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/BP8tGqxm6FC1LMmTdVagd1UjmcQ.roa
File: BP8tGqxm6FC1LMmTdVagd1UjmcQ.roa (raw, json)
Hash identifier: qOmVIsJzb/0o/OjyEb399ZObbyA8GBCgeqboTLnRQyE=
Subject key identifier: 04:FF:2D:1A:AC:66:E8:50:B5:2C:C9:93:75:56:A0:77:55:23:99:C4
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018C5D154E9721163A78CA3C2796243DF628
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/BP8tGqxm6FC1LMmTdVagd1UjmcQ.roa
Signing time: Tue 12 Dec 2023 08:12:06 +0000
ROA not before: Tue 12 Dec 2023 08:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44947
IP address blocks: 62.60.216.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
62.60.146.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
213.176.6.0/23 maxlen: 23
213.176.120.0/23 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:15:4e:97:21:16:3a:78:ca:3c:27:96:24:3d:f6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Dec 12 08:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04ff2d1aac66e850b52cc9937556a077552399c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:0d:ab:8b:90:ae:9c:31:db:ef:01:e9:ee:
57:be:6b:a0:8d:1c:bb:cc:e2:7f:9c:91:bc:13:be:
4f:30:12:e1:df:f6:9b:89:cc:6c:11:32:7f:c9:ab:
a0:b4:c4:9f:3e:a9:51:55:61:a6:7c:9d:db:01:a3:
61:91:bf:50:c1:5e:4b:ad:e5:01:50:53:0c:ce:15:
d8:3a:8f:4d:2d:ea:90:1d:e4:09:3d:11:32:68:6f:
47:81:99:cd:6f:eb:63:22:95:9b:1a:5d:fa:87:f0:
60:4f:fd:87:77:7c:8b:13:32:aa:e5:1b:7e:2f:ea:
38:d0:6f:84:f8:95:42:49:94:dd:59:93:d1:ef:33:
50:48:c3:5b:ca:ce:e5:e5:f7:3f:d2:bb:74:e0:ec:
7a:48:87:20:0a:ac:f2:26:d1:0f:e6:0d:6e:51:f8:
dd:14:0e:ac:86:fc:56:f3:99:79:c9:ec:ab:76:6a:
ef:7f:60:43:cb:a4:12:b9:4e:d6:f6:57:69:92:1a:
51:9b:78:ca:ca:d2:a2:77:6c:2d:30:1a:0f:32:09:
5e:b8:ac:40:77:45:96:e8:e5:33:03:d3:72:de:7b:
27:77:63:3d:7a:dd:02:3c:48:93:69:82:c6:2c:01:
cd:d3:05:f3:b9:26:8b:fd:4b:04:3c:c2:a5:dd:2b:
36:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FF:2D:1A:AC:66:E8:50:B5:2C:C9:93:75:56:A0:77:55:23:99:C4
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/BP8tGqxm6FC1LMmTdVagd1UjmcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.146.0/23
62.60.156.0/22
62.60.184.0-62.60.195.255
62.60.216.0/22
213.176.6.0/23
213.176.64.0/22
213.176.120.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:c4:b1:d1:42:b9:a6:a1:3b:a4:81:ec:19:ee:d4:c7:61:09:
d4:14:66:9e:b2:1f:a6:b0:93:1b:32:06:c4:fe:32:16:69:d4:
29:73:f2:a4:eb:7a:4a:bb:30:e6:7c:59:4e:e2:6e:7e:4e:de:
d0:51:ad:7e:b2:89:40:9f:d2:25:bd:35:59:ed:ce:12:15:9e:
ca:6b:f0:a7:52:cf:cd:d7:6b:4e:8b:7f:1b:97:a9:8c:42:ff:
72:b1:85:25:c0:f6:5d:fd:72:ed:cf:86:be:c9:c1:1a:20:1c:
17:40:68:07:0d:ee:e9:3b:88:06:5e:0a:cc:8c:77:76:5b:3f:
31:ff:bf:0a:49:9f:15:e6:0f:c6:89:af:15:67:d3:e1:e8:ad:
a3:b9:6c:aa:3c:c0:bf:a2:5a:1b:30:e2:db:d3:dd:3c:5b:87:
4d:bd:bc:3e:12:cd:b6:18:46:57:ad:08:c8:89:1c:1d:fd:60:
f8:3f:2b:bc:be:e0:ec:23:6c:c3:7e:d7:1f:bf:14:35:d5:29:
0c:f7:f9:bf:e8:59:90:fb:00:e6:6d:34:96:df:b2:40:f6:41:
3c:61:d8:f3:7d:d2:7c:3c:35:2e:a0:00:57:3e:ee:50:18:d0:
d1:f8:b8:da:e9:e7:b1:e0:73:b2:9e:26:9a:c2:09:fe:34:42:
cb:6b:9d:05
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYxdFU6XIRY6eMo8J5YkPfYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMxMjEyMDgxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGZmMmQxYWFjNjZlODUwYjUyY2M5OTM3NTU2YTA3NzU1MjM5OWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW4Nq4uQrpwx2+8B6e5XvmugjRy7
zOJ/nJG8E75PMBLh3/abicxsETJ/yaugtMSfPqlRVWGmfJ3bAaNhkb9QwV5LreUB
UFMMzhXYOo9NLeqQHeQJPREyaG9HgZnNb+tjIpWbGl36h/BgT/2Hd3yLEzKq5Rt+
L+o40G+E+JVCSZTdWZPR7zNQSMNbys7l5fc/0rt04Ox6SIcgCqzyJtEP5g1uUfjd
FA6shvxW85l5yeyrdmrvf2BDy6QSuU7W9ldpkhpRm3jKytKid2wtMBoPMgleuKxA
d0WW6OUzA9Ny3nsnd2M9et0CPEiTaYLGLAHN0wXzuSaL/UsEPMKl3Ss21wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAT/LRqsZuhQtSzJk3VWoHdVI5nEMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvQlA4dEdxeG02RkMxTE1tVGRWYWdkMVVqbWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBPjySAwQC
PjycMAwDBAM+PLgDBAI+PMADBAI+PNgDBAHVsAYDBALVsEADBAHVsHgwDQYJKoZI
hvcNAQELBQADggEBAMXEsdFCuaahO6SB7Bnu1MdhCdQUZp6yH6awkxsyBsT+MhZp
1Clz8qTrekq7MOZ8WU7ibn5O3tBRrX6yiUCf0iW9NVntzhIVnspr8KdSz83Xa06L
fxuXqYxC/3KxhSXA9l39cu3Phr7JwRogHBdAaAcN7uk7iAZeCsyMd3ZbPzH/vwpJ
nxXmD8aJrxVn0+HoraO5bKo8wL+iWhsw4tvT3Txbh029vD4SzbYYRletCMiJHB39
YPg/K7y+4OwjbMN+1x+/FDXVKQz3+b/oWZD7AOZtNJbfskD2QTxh2PN90nw8NS6g
AFc+7lAY0NH4uNrp57Hgc7KeJprCCf40QstrnQU=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:04:08 2025 by rpki-client