Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/y_dIbZjppN2hhwEzLHnClr4LDz0.roa
File: y_dIbZjppN2hhwEzLHnClr4LDz0.roa (raw, json)
Hash identifier: E21eKDmdPFIUmEmTGJxZlUTe0BxRxrIcvCoHwcKkWoM=
Subject key identifier: CB:F7:48:6D:98:E9:A4:DD:A1:87:01:33:2C:79:C2:96:BE:0B:0F:3D
Certificate issuer: /CN=688b75dc67295d5861b77d51a02118b60dc55868
Certificate serial: 01856F9494E63A6720997E31AD836DBC003A
Authority key identifier: 68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/y_dIbZjppN2hhwEzLHnClr4LDz0.roa
Signing time: Sun 01 Jan 2023 23:04:46 +0000
ROA not before: Sun 01 Jan 2023 23:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210638
IP address blocks: 62.233.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:94:e6:3a:67:20:99:7e:31:ad:83:6d:bc:00:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=688b75dc67295d5861b77d51a02118b60dc55868
Validity
Not Before: Jan 1 23:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbf7486d98e9a4dda18701332c79c296be0b0f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e9:4b:6b:56:99:c0:e8:e9:aa:bc:d4:24:96:
35:85:4e:cb:ee:56:ae:81:f2:ca:df:63:7e:7e:b3:
05:a8:fc:03:4c:1c:26:ce:a9:2a:d2:4a:d9:b9:bf:
00:58:92:32:3b:bb:44:fe:24:1a:1c:20:47:af:07:
c7:5f:c1:88:67:d1:8f:42:29:af:19:e4:6d:49:d5:
4a:09:eb:1b:98:80:10:92:e9:63:09:74:a3:00:28:
ac:22:60:23:8b:0d:9c:04:e2:9c:c1:73:ab:12:3b:
e6:eb:9f:18:ae:c5:89:c4:29:09:d5:8f:80:44:94:
87:ca:64:d5:22:eb:d2:3d:94:5a:e5:35:84:04:22:
76:e3:29:1a:a6:0a:7b:4f:88:84:d4:42:da:8a:a5:
42:75:4a:6d:59:cf:65:3b:04:d0:ba:3b:a3:89:cd:
a1:dc:6f:93:9d:3f:25:f2:be:21:57:52:2d:b7:e9:
7a:01:ea:f4:de:48:5d:64:3b:60:3f:da:0e:33:37:
ad:a7:99:b5:a7:c4:6f:94:fd:ed:dc:c7:35:b8:a7:
23:6e:11:21:3f:49:ac:4d:d1:f0:76:b3:18:dd:80:
30:c4:9d:89:f1:90:a0:e1:b9:95:53:f2:9a:b9:a0:
55:e0:47:c6:8c:36:78:bf:ee:ff:e9:71:ac:9e:25:
f6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F7:48:6D:98:E9:A4:DD:A1:87:01:33:2C:79:C2:96:BE:0B:0F:3D
X509v3 Authority Key Identifier:
keyid:68:8B:75:DC:67:29:5D:58:61:B7:7D:51:A0:21:18:B6:0D:C5:58:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aIt13GcpXVhht31RoCEYtg3FWGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/y_dIbZjppN2hhwEzLHnClr4LDz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5a4561-5092-4c28-9d5f-518ee7bde1f8/1/aIt13GcpXVhht31RoCEYtg3FWGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.58.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c6:0b:12:f9:59:fd:8a:9c:97:ef:ff:28:ec:ac:24:e7:49:
d9:88:3a:83:f4:f9:86:69:b9:78:78:fb:fb:5b:d9:87:e7:8c:
a7:a5:c7:e4:fb:ce:37:77:e6:73:bf:f4:0a:19:5b:9f:7d:b9:
a7:77:1d:82:e6:fa:df:1d:5a:84:d3:24:9c:d1:d5:eb:60:bf:
dd:b0:01:69:ba:a0:4f:48:46:89:db:23:64:cd:1a:4f:2c:42:
4b:90:62:c8:3e:82:b1:9f:e6:39:f7:e2:5d:95:99:71:a2:ab:
7c:d6:f9:4b:e0:86:2f:97:dd:30:59:66:d1:4c:df:36:17:f3:
12:ca:a3:ce:a5:6e:52:10:d6:e1:46:48:f8:2a:b6:cb:aa:85:
40:3c:99:64:28:4b:a8:a4:bf:2f:6b:0e:74:9c:ad:5e:db:76:
da:ae:3a:0e:de:e3:36:17:bb:71:65:bc:06:4a:cd:f3:3a:cf:
0e:d0:ef:8b:4e:3a:7a:12:86:0c:55:2c:6c:72:61:f5:7d:b6:
8d:93:89:7d:a6:68:2c:01:fe:a6:ff:2e:26:f8:04:fb:f4:89:
88:04:dc:45:0d:b6:31:11:37:82:49:6e:e8:c9:99:06:32:33:
34:85:61:8b:33:df:0d:43:54:44:3b:2b:dc:e8:61:3e:87:ee:
7c:3e:b9:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJTmOmcgmX4xrYNtvAA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OGI3NWRjNjcyOTVkNTg2MWI3N2Q1MWEwMjExOGI2MGRj
NTU4NjgwHhcNMjMwMTAxMjMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY3NDg2ZDk4ZTlhNGRkYTE4NzAxMzMyYzc5YzI5NmJlMGIwZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmelLa1aZwOjpqrzUJJY1hU7L7lau
gfLK32N+frMFqPwDTBwmzqkq0krZub8AWJIyO7tE/iQaHCBHrwfHX8GIZ9GPQimv
GeRtSdVKCesbmIAQkuljCXSjACisImAjiw2cBOKcwXOrEjvm658YrsWJxCkJ1Y+A
RJSHymTVIuvSPZRa5TWEBCJ24ykapgp7T4iE1ELaiqVCdUptWc9lOwTQujujic2h
3G+TnT8l8r4hV1Itt+l6Aer03khdZDtgP9oOMzetp5m1p8RvlP3t3Mc1uKcjbhEh
P0msTdHwdrMY3YAwxJ2J8ZCg4bmVU/KauaBV4EfGjDZ4v+7/6XGsniX2FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMv3SG2Y6aTdoYcBMyx5wpa+Cw89MB8GA1UdIwQY
MBaAFGiLddxnKV1YYbd9UaAhGLYNxVhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYt
NTE4ZWU3YmRlMWY4LzEveV9kSWJaanBwTjJoaHdFekxIbkNscjRMRHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81YTQ1NjEtNTA5Mi00YzI4LTlkNWYtNTE4ZWU3YmRlMWY4
LzEvYUl0MTNHY3BYVmhodDMxUm9DRVl0ZzNGV0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPuk6MA0G
CSqGSIb3DQEBCwUAA4IBAQBlxgsS+Vn9ipyX7/8o7Kwk50nZiDqD9PmGabl4ePv7
W9mH54ynpcfk+843d+Zzv/QKGVuffbmndx2C5vrfHVqE0ySc0dXrYL/dsAFpuqBP
SEaJ2yNkzRpPLEJLkGLIPoKxn+Y59+JdlZlxoqt81vlL4IYvl90wWWbRTN82F/MS
yqPOpW5SENbhRkj4KrbLqoVAPJlkKEuopL8vaw50nK1e23barjoO3uM2F7txZbwG
Ss3zOs8O0O+LTjp6EoYMVSxscmH1fbaNk4l9pmgsAf6m/y4m+AT79ImIBNxFDbYx
ETeCSW7oyZkGMjM0hWGLM98NQ1REOyvc6GE+h+58Prmc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:42 2025 by rpki-client