Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/nXy4RRRPUf-cLGfFCj8lkZwBrpQ.roa
File: nXy4RRRPUf-cLGfFCj8lkZwBrpQ.roa (raw, json)
Hash identifier: gHJMiR2bXneGU4WgMVZlLstjnKoALkEYWSk1Wd3axM8=
Subject key identifier: 9D:7C:B8:45:14:4F:51:FF:9C:2C:67:C5:0A:3F:25:91:9C:01:AE:94
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 2759369E
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/nXy4RRRPUf-cLGfFCj8lkZwBrpQ.roa
Signing time: Sat 01 Jan 2022 14:02:22 +0000
ROA not before: Sat 01 Jan 2022 14:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16322
IP address blocks: 5.63.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 660158110 (0x2759369e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 1 14:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d7cb845144f51ff9c2c67c50a3f25919c01ae94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:63:72:9d:60:53:a8:10:bc:4c:52:18:8f:
a5:3c:9e:d7:5f:0d:8b:1c:d9:30:d0:06:04:ce:df:
a1:64:28:5a:5c:2e:81:e1:6b:b7:f6:e4:2c:12:ca:
9d:08:ec:0e:4d:c4:37:cb:2d:9f:cf:86:cd:4b:c3:
e6:8f:32:47:8a:e4:86:8c:9d:75:0a:b1:f2:43:99:
7f:98:b2:01:5d:9d:ed:d4:a2:56:0f:bc:08:75:f5:
a0:40:48:da:df:ba:69:42:06:f5:86:35:7a:10:eb:
23:2e:b8:55:b4:22:c0:ac:aa:68:c4:14:29:a4:fd:
e1:a5:4e:6b:b7:61:b8:f6:73:ba:bb:d4:17:5f:88:
82:4f:41:59:b2:aa:74:8f:10:31:bc:f9:1d:68:ec:
45:63:37:0a:7f:55:44:84:34:71:83:1c:a4:46:f8:
8f:df:3a:63:00:3b:d5:cb:2e:63:da:c0:d5:2c:b6:
dc:ad:53:58:a4:63:d9:05:8c:80:63:4f:71:9a:81:
bf:5c:0b:75:fe:e6:e7:6d:16:f9:fc:28:5c:f3:13:
b0:8b:cb:77:68:d4:09:4f:33:8d:c0:37:43:d3:5b:
68:d6:7a:7a:77:f2:69:cf:0d:7d:99:5c:61:d1:49:
90:e7:3a:44:92:b1:23:f2:0d:be:78:a4:e3:eb:04:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7C:B8:45:14:4F:51:FF:9C:2C:67:C5:0A:3F:25:91:9C:01:AE:94
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/nXy4RRRPUf-cLGfFCj8lkZwBrpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.12.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:64:c4:fb:1c:6a:8f:05:eb:fe:2b:4d:dc:dc:cc:c2:be:16:
55:a4:b7:40:ab:fe:9d:70:70:a6:ad:ad:2d:f3:31:9e:6f:b6:
27:ae:ea:36:c2:ad:ff:ad:25:b8:1f:52:03:2c:ab:65:27:f5:
f0:f6:34:05:80:ee:71:ff:e7:47:1b:6f:07:73:61:97:52:b0:
22:d9:69:41:da:cf:e8:70:20:1b:b6:d8:8b:c8:89:8b:bc:5a:
c6:41:80:90:2e:b4:56:d0:aa:fc:b3:76:01:62:02:b6:25:6d:
cc:b4:95:ad:5e:d2:01:9e:61:d5:9b:87:fe:59:e3:4e:03:1a:
87:25:54:b3:0a:ae:bb:bf:54:eb:af:4a:f9:be:e5:77:1b:4d:
7a:0e:52:c4:85:9e:8e:b8:3f:20:28:0d:f9:5b:28:e2:a9:86:
57:73:5e:f3:d3:2c:44:46:ad:6b:20:e5:d1:fc:8c:5a:4d:21:
09:1b:da:44:47:19:14:be:71:53:51:14:2d:59:9b:b0:2b:c9:
c0:27:de:16:82:5c:fc:e6:6f:f1:f0:2d:3e:cd:e3:61:f3:b0:
ac:24:63:37:68:8a:16:a5:2e:0e:92:19:56:84:38:57:9a:a6:
96:f9:8a:3b:e1:33:2b:2e:54:f5:6d:35:14:a8:e5:ee:f2:64:
50:63:1c:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ1k2njANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmMxNjdkZmE5ODgyYjJhYThmODQ1OTVmNThhOTdjMzA1Y2E0M2M1MB4XDTIyMDEw
MTE0MDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ3Y2I4NDUxNDRm
NTFmZjljMmM2N2M1MGEzZjI1OTE5YzAxYWU5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSfY3KdYFOoELxMUhiPpTye118NixzZMNAGBM7foWQoWlwu
geFrt/bkLBLKnQjsDk3EN8stn8+GzUvD5o8yR4rkhoyddQqx8kOZf5iyAV2d7dSi
Vg+8CHX1oEBI2t+6aUIG9YY1ehDrIy64VbQiwKyqaMQUKaT94aVOa7dhuPZzurvU
F1+Igk9BWbKqdI8QMbz5HWjsRWM3Cn9VRIQ0cYMcpEb4j986YwA71csuY9rA1Sy2
3K1TWKRj2QWMgGNPcZqBv1wLdf7m520W+fwoXPMTsIvLd2jUCU8zjcA3Q9NbaNZ6
enfyac8NfZlcYdFJkOc6RJKxI/INvnik4+sE++cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSdfLhFFE9R/5wsZ8UKPyWRnAGulDAfBgNVHSMEGDAWgBS2wWffqYgrKqj4
RZX1ipfDBcpDxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RzRm4zNm1JS3lxby1FV1Y5WXFYd3dYS1E4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvNzNiZWViLTZhMDUtNGNjYS04NmJlLWFjZmMzZDJjMjUyMi8x
L25YeTRSUlJQVWYtY0xHZkZDajhsa1p3QnJwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
NzNiZWViLTZhMDUtNGNjYS04NmJlLWFjZmMzZDJjMjUyMi8xL3RzRm4zNm1JS3lx
by1FV1Y5WXFYd3dYS1E4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAU/DDANBgkqhkiG9w0BAQsFAAOC
AQEADGTE+xxqjwXr/itN3NzMwr4WVaS3QKv+nXBwpq2tLfMxnm+2J67qNsKt/60l
uB9SAyyrZSf18PY0BYDucf/nRxtvB3Nhl1KwItlpQdrP6HAgG7bYi8iJi7xaxkGA
kC60VtCq/LN2AWICtiVtzLSVrV7SAZ5h1ZuH/lnjTgMahyVUswquu79U669K+b7l
dxtNeg5SxIWejrg/ICgN+Vso4qmGV3Ne89MsREatayDl0fyMWk0hCRvaREcZFL5x
U1EULVmbsCvJwCfeFoJc/OZv8fAtPs3jYfOwrCRjN2iKFqUuDpIZVoQ4V5qmlvmK
O+EzKy5U9W01FKjl7vJkUGMcaA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:18 2025 by rpki-client