Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/62d-Ga5Zoj7AwGjrurKK8BaeDck.roa
File: 62d-Ga5Zoj7AwGjrurKK8BaeDck.roa (raw, json)
Hash identifier: hYwDBl6zrV/7AxjjhBGCs4hEl1LtQLRO8Y/reoh0SBY=
Subject key identifier: EB:67:7E:19:AE:59:A2:3E:C0:C0:68:EB:BA:B2:8A:F0:16:9E:0D:C9
Certificate issuer: /CN=83bce35561f541bda97e777e6879a1d704e7b42f
Certificate serial: 0185723123E67A2B4CE470354BAC6307144C
Authority key identifier: 83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/62d-Ga5Zoj7AwGjrurKK8BaeDck.roa
Signing time: Mon 02 Jan 2023 11:15:01 +0000
ROA not before: Mon 02 Jan 2023 11:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3259
IP address blocks: 31.44.217.0/24 maxlen: 24
31.44.218.0/24 maxlen: 24
31.44.216.0/24 maxlen: 24
31.44.219.0/24 maxlen: 24
31.44.220.0/22 maxlen: 22
31.44.212.0/24 maxlen: 24
31.44.213.0/24 maxlen: 24
31.44.210.0/24 maxlen: 24
31.44.208.0/24 maxlen: 24
31.44.209.0/24 maxlen: 24
45.156.132.0/22 maxlen: 22
194.5.112.0/24 maxlen: 24
194.5.108.0/24 maxlen: 24
194.5.108.0/22 maxlen: 24
194.5.111.0/24 maxlen: 24
194.5.109.0/24 maxlen: 24
194.5.110.0/24 maxlen: 24
194.5.114.0/24 maxlen: 24
194.5.115.0/24 maxlen: 24
194.5.113.0/24 maxlen: 24
194.5.118.0/24 maxlen: 24
194.5.116.0/24 maxlen: 24
194.5.117.0/24 maxlen: 24
194.5.121.0/24 maxlen: 24
194.5.122.0/24 maxlen: 24
194.5.119.0/24 maxlen: 24
194.5.120.0/24 maxlen: 24
194.5.125.0/24 maxlen: 24
194.5.123.0/24 maxlen: 24
194.5.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:23:e6:7a:2b:4c:e4:70:35:4b:ac:63:07:14:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bce35561f541bda97e777e6879a1d704e7b42f
Validity
Not Before: Jan 2 11:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb677e19ae59a23ec0c068ebbab28af0169e0dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:51:02:66:d6:aa:23:e5:6e:88:66:b4:7e:e2:
26:f1:ba:59:ad:ac:cf:29:73:7b:79:bd:4a:49:92:
5a:89:ce:9c:34:7c:30:ba:61:43:8d:31:50:db:76:
8b:b6:ba:4e:31:bb:1f:18:96:22:76:cb:e3:10:bb:
3d:fb:70:16:f5:fe:4e:47:ed:cc:f7:59:7a:fa:a1:
0b:d4:8c:23:ed:e5:90:87:56:f7:c1:cb:bc:4a:f4:
56:4a:79:0f:96:23:d9:7c:19:cb:57:a0:8b:7a:f3:
52:7d:ee:e1:c1:85:d6:ce:82:7b:82:79:26:a3:b6:
0e:e7:21:ba:84:42:f1:73:5f:3b:e1:48:1a:9a:18:
bd:4d:67:7a:63:cd:85:cb:44:71:bc:36:26:ef:cc:
c1:93:75:f7:89:84:6d:8d:5e:5e:8f:a1:ca:8c:49:
0c:93:29:51:ff:67:50:ed:b2:26:d5:5e:a9:ea:80:
8e:1c:80:bc:1b:4b:b2:d1:c0:33:91:0f:dc:bb:cf:
ba:e5:02:6e:71:b3:74:c6:4b:7c:52:28:7f:bb:61:
b6:d8:bf:a8:96:f7:5e:56:08:14:83:5c:45:81:d4:
97:59:fc:e9:59:7c:d9:12:c6:e4:cf:f9:e1:45:1f:
38:62:58:a3:f4:3f:f5:04:13:73:f8:c4:f7:ec:7c:
10:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:67:7E:19:AE:59:A2:3E:C0:C0:68:EB:BA:B2:8A:F0:16:9E:0D:C9
X509v3 Authority Key Identifier:
keyid:83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/62d-Ga5Zoj7AwGjrurKK8BaeDck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.208.0-31.44.210.255
31.44.212.0/23
31.44.216.0/21
45.156.132.0/22
194.5.108.0-194.5.125.255
Signature Algorithm: sha256WithRSAEncryption
ae:13:53:8e:80:1c:46:2c:8a:35:a0:d9:ec:1d:28:f8:78:34:
34:b9:72:e2:0e:68:bf:ca:f2:87:0e:aa:05:10:44:b0:e3:bd:
b0:ff:e4:d2:30:c0:5f:e8:fb:b5:3c:c5:6f:29:9c:aa:27:d9:
ab:2c:4b:9c:fa:5e:cf:61:0a:1d:2b:7e:a0:73:38:1e:07:20:
8e:b7:f6:5b:71:ff:dd:f7:58:f7:2c:4b:01:86:69:87:4c:76:
80:ed:55:b9:71:97:20:a0:76:7b:81:55:23:61:c3:57:37:28:
fb:05:0a:8b:c9:6f:a9:83:b7:0a:d1:8a:29:0a:dc:31:db:35:
7c:88:25:8d:fd:ba:9a:bd:88:0c:c1:ea:a6:89:b7:5a:b2:59:
c7:e2:c2:4e:0d:d1:60:4a:19:e1:f3:07:e3:ac:c8:59:42:c6:
4e:48:1a:ea:13:c4:1e:f8:81:ad:05:0b:b8:63:14:19:88:92:
02:cf:1a:e8:69:50:8e:da:c9:a1:64:45:28:b4:f0:b3:b3:93:
d6:e6:56:b8:63:2c:31:97:63:cc:22:9c:09:53:34:ed:20:82:
49:08:e6:76:98:cd:6e:57:f1:62:31:32:01:3f:f9:43:cd:51:
89:bf:2f:28:b9:21:c2:19:43:e5:5c:92:77:e5:b2:1a:16:a0:
47:78:f6:3b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVyMSPmeitM5HA1S6xjBxRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmNlMzU1NjFmNTQxYmRhOTdlNzc3ZTY4NzlhMWQ3MDRl
N2I0MmYwHhcNMjMwMTAyMTExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjY3N2UxOWFlNTlhMjNlYzBjMDY4ZWJiYWIyOGFmMDE2OWUwZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlECZtaqI+VuiGa0fuIm8bpZrazP
KXN7eb1KSZJaic6cNHwwumFDjTFQ23aLtrpOMbsfGJYidsvjELs9+3AW9f5OR+3M
91l6+qEL1Iwj7eWQh1b3wcu8SvRWSnkPliPZfBnLV6CLevNSfe7hwYXWzoJ7gnkm
o7YO5yG6hELxc1874Ugamhi9TWd6Y82Fy0RxvDYm78zBk3X3iYRtjV5ej6HKjEkM
kylR/2dQ7bIm1V6p6oCOHIC8G0uy0cAzkQ/cu8+65QJucbN0xkt8Uih/u2G22L+o
lvdeVggUg1xFgdSXWfzpWXzZEsbkz/nhRR84Ylij9D/1BBNz+MT37HwQ1QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOtnfhmuWaI+wMBo67qyivAWng3JMB8GA1UdIwQY
MBaAFIO841Vh9UG9qX53fmh5odcE57QvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMt
ZmQ4NjYwYzRmZDZlLzEvNjJkLUdhNVpvajdBd0dqcnVyS0s4QmFlRGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMtZmQ4NjYwYzRmZDZl
LzEvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAQfLNAD
BAAfLNIDBAEfLNQDBAMfLNgDBAItnIQwDAMEAsIFbAMEAcIFfDANBgkqhkiG9w0B
AQsFAAOCAQEArhNTjoAcRiyKNaDZ7B0o+Hg0NLly4g5ov8ryhw6qBRBEsOO9sP/k
0jDAX+j7tTzFbymcqifZqyxLnPpez2EKHSt+oHM4Hgcgjrf2W3H/3fdY9yxLAYZp
h0x2gO1VuXGXIKB2e4FVI2HDVzco+wUKi8lvqYO3CtGKKQrcMds1fIgljf26mr2I
DMHqpom3WrJZx+LCTg3RYEoZ4fMH46zIWULGTkga6hPEHviBrQULuGMUGYiSAs8a
6GlQjtrJoWRFKLTws7OT1uZWuGMsMZdjzCKcCVM07SCCSQjmdpjNblfxYjEyAT/5
Q81Rib8vKLkhwhlD5VySd+WyGhagR3j2Ow==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:03 2025 by rpki-client