Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/96ce99-7ebe-4e8a-94bd-0a1ca5490afd/1/3qikU1G7ZlSAIaFthPFJ_-BOBGs.roa
File: 3qikU1G7ZlSAIaFthPFJ_-BOBGs.roa (raw, json)
Hash identifier: UlO8jMX/s9Myj8PMnd5kY0NPen82l6qQJQfUEzcGF6U=
Subject key identifier: DE:A8:A4:53:51:BB:66:54:80:21:A1:6D:84:F1:49:FF:E0:4E:04:6B
Certificate issuer: /CN=555e0d730e1a56d57f827e2e5446d01d8d26158e
Certificate serial: 01856D9D25D3FB5F4CC5AE7AAC5091393CFF
Authority key identifier: 55:5E:0D:73:0E:1A:56:D5:7F:82:7E:2E:54:46:D0:1D:8D:26:15:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VV4Ncw4aVtV_gn4uVEbQHY0mFY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/96ce99-7ebe-4e8a-94bd-0a1ca5490afd/1/3qikU1G7ZlSAIaFthPFJ_-BOBGs.roa
Signing time: Sun 01 Jan 2023 13:54:53 +0000
ROA not before: Sun 01 Jan 2023 13:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210584
IP address blocks: 62.204.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:25:d3:fb:5f:4c:c5:ae:7a:ac:50:91:39:3c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=555e0d730e1a56d57f827e2e5446d01d8d26158e
Validity
Not Before: Jan 1 13:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea8a45351bb66548021a16d84f149ffe04e046b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d5:1d:b7:51:b7:52:5d:1e:7b:2b:bd:07:bf:
83:b6:41:48:f9:80:c5:d0:6d:6b:b6:a8:3c:45:85:
f1:00:ce:80:86:65:ce:ef:92:60:ce:12:dd:17:cf:
06:7d:6b:88:d0:2d:99:63:3c:6e:25:eb:fb:21:b5:
29:00:a7:85:bc:c9:99:05:a5:18:d0:31:84:41:ef:
48:a3:61:65:74:ad:a9:cf:93:ee:56:cd:9a:19:f5:
91:83:6e:e0:7c:0f:66:fc:89:4e:6a:9e:8a:a9:12:
88:1d:12:c7:74:4d:7d:7e:4c:b6:61:79:c5:86:4d:
1c:10:7e:fb:c7:71:82:44:14:31:5f:bb:c4:0a:89:
2e:a0:c6:2b:28:f0:c5:4f:dc:0e:fc:bb:27:f1:1e:
cd:9b:6f:80:7d:d9:be:d1:e7:41:3e:33:dd:9a:de:
96:ae:c4:7d:ad:e3:80:63:7a:78:b9:91:56:50:05:
94:3f:7e:57:56:92:fa:a1:64:a7:fb:e8:3a:58:38:
ba:91:88:7e:ae:73:04:dd:88:bd:b4:92:62:e9:37:
c3:fb:34:ea:68:8a:85:d7:09:a7:de:27:a7:16:36:
39:58:f1:4c:a1:c2:27:d3:9f:25:f6:27:1d:c6:ea:
da:7e:e2:73:88:3e:bc:2d:1c:13:50:2b:3c:1b:0a:
05:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A8:A4:53:51:BB:66:54:80:21:A1:6D:84:F1:49:FF:E0:4E:04:6B
X509v3 Authority Key Identifier:
keyid:55:5E:0D:73:0E:1A:56:D5:7F:82:7E:2E:54:46:D0:1D:8D:26:15:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VV4Ncw4aVtV_gn4uVEbQHY0mFY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/96ce99-7ebe-4e8a-94bd-0a1ca5490afd/1/3qikU1G7ZlSAIaFthPFJ_-BOBGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/96ce99-7ebe-4e8a-94bd-0a1ca5490afd/1/VV4Ncw4aVtV_gn4uVEbQHY0mFY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.63.0/24
Signature Algorithm: sha256WithRSAEncryption
f7:03:c0:1b:42:5a:f3:18:82:4f:f9:48:6b:a3:40:b5:f7:c7:
03:5a:a6:2d:29:d3:e3:4d:1d:86:60:4b:4e:d3:f6:9d:38:c3:
9f:df:b5:f6:0f:2e:9e:41:4b:39:0f:79:5e:c0:21:27:bd:73:
19:6a:1e:e5:72:49:d5:f7:bd:83:54:d4:72:51:ba:25:fd:4f:
ef:fd:d2:a0:90:bb:c4:df:7a:45:b8:4e:ac:6e:3a:38:52:62:
7a:d5:a7:64:55:1e:ad:ef:8a:5b:08:2d:65:87:31:68:17:6a:
f2:b9:bc:e6:5e:f9:07:52:86:99:64:da:e3:49:a5:83:8e:29:
59:46:be:8f:15:61:81:2d:81:fc:09:04:98:f2:a3:0b:b8:87:
d5:ba:8e:a6:fa:6e:9b:d0:7f:1d:fd:eb:bf:a0:8d:70:ca:4e:
75:95:16:27:19:ef:f5:82:4d:04:c9:70:0e:35:57:b9:08:9c:
d6:83:af:c7:08:03:3f:fd:6d:46:21:c3:89:52:44:ae:b3:e7:
75:4e:e5:e6:4e:2c:13:e1:dd:c8:e5:73:4a:38:29:70:b2:1d:
e4:c7:56:f6:be:cc:49:dc:46:e5:0c:11:4e:b3:c3:9d:f2:ec:
b7:31:e6:69:58:03:20:da:49:fe:3f:b5:7e:2e:2d:2d:11:26:
76:24:4e:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnSXT+19Mxa56rFCROTz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NWUwZDczMGUxYTU2ZDU3ZjgyN2UyZTU0NDZkMDFkOGQy
NjE1OGUwHhcNMjMwMTAxMTM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE4YTQ1MzUxYmI2NjU0ODAyMWExNmQ4NGYxNDlmZmUwNGUwNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtUdt1G3Ul0eeyu9B7+DtkFI+YDF
0G1rtqg8RYXxAM6AhmXO75JgzhLdF88GfWuI0C2ZYzxuJev7IbUpAKeFvMmZBaUY
0DGEQe9Io2FldK2pz5PuVs2aGfWRg27gfA9m/IlOap6KqRKIHRLHdE19fky2YXnF
hk0cEH77x3GCRBQxX7vECokuoMYrKPDFT9wO/Lsn8R7Nm2+Afdm+0edBPjPdmt6W
rsR9reOAY3p4uZFWUAWUP35XVpL6oWSn++g6WDi6kYh+rnME3Yi9tJJi6TfD+zTq
aIqF1wmn3ienFjY5WPFMocIn058l9icdxurafuJziD68LRwTUCs8GwoFRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6opFNRu2ZUgCGhbYTxSf/gTgRrMB8GA1UdIwQY
MBaAFFVeDXMOGlbVf4J+LlRG0B2NJhWOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlY0TmN3NGFWdFZfZ240dVZFYlFIWTBtRlk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi85NmNlOTktN2ViZS00ZThhLTk0YmQt
MGExY2E1NDkwYWZkLzEvM3Fpa1UxRzdabFNBSWFGdGhQRkpfLUJPQkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi85NmNlOTktN2ViZS00ZThhLTk0YmQtMGExY2E1NDkwYWZk
LzEvVlY0TmN3NGFWdFZfZ240dVZFYlFIWTBtRlk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPsw/MA0G
CSqGSIb3DQEBCwUAA4IBAQD3A8AbQlrzGIJP+Uhro0C198cDWqYtKdPjTR2GYEtO
0/adOMOf37X2Dy6eQUs5D3lewCEnvXMZah7lcknV972DVNRyUbol/U/v/dKgkLvE
33pFuE6sbjo4UmJ61adkVR6t74pbCC1lhzFoF2ryubzmXvkHUoaZZNrjSaWDjilZ
Rr6PFWGBLYH8CQSY8qMLuIfVuo6m+m6b0H8d/eu/oI1wyk51lRYnGe/1gk0EyXAO
NVe5CJzWg6/HCAM//W1GIcOJUkSus+d1TuXmTiwT4d3I5XNKOClwsh3kx1b2vsxJ
3EblDBFOs8Od8uy3MeZpWAMg2kn+P7V+Li0tESZ2JE6e
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:49 2025 by rpki-client