Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/mnAaUBbGw1hSFKTUVJNIsefD5KE.roa
File: mnAaUBbGw1hSFKTUVJNIsefD5KE.roa (raw, json)
Hash identifier: c5MLTQd0NHDDfjPyfbM54nnZk1WaJqoEP7n8KAIChUY=
Subject key identifier: 9A:70:1A:50:16:C6:C3:58:52:14:A4:D4:54:93:48:B1:E7:C3:E4:A1
Certificate issuer: /CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Certificate serial: 01D13D21
Authority key identifier: 1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/mnAaUBbGw1hSFKTUVJNIsefD5KE.roa
Signing time: Sat 01 Jan 2022 04:01:12 +0000
ROA not before: Sat 01 Jan 2022 04:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49289
IP address blocks: 62.100.74.0/24 maxlen: 24
62.100.75.0/24 maxlen: 24
62.100.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30489889 (0x1d13d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc4927ab194ae1237fde2d3bef69038893f0dc5
Validity
Not Before: Jan 1 04:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a701a5016c6c3585214a4d4549348b1e7c3e4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f2:5b:cb:54:5e:ca:09:c6:df:7b:0d:f0:75:
f6:94:95:53:79:ae:94:06:64:21:13:8b:97:20:e5:
a4:8f:7e:b5:45:de:9b:ac:42:08:db:b7:64:24:da:
5c:8c:08:1f:bd:29:4a:d5:ad:8d:4c:a0:e5:3a:a9:
5c:86:f3:ef:19:b5:3d:53:d8:ed:d1:5b:3a:fa:d6:
a4:2c:51:1f:fb:e5:1a:89:77:12:7a:14:5c:64:4d:
34:dd:6b:b3:3b:64:cb:2b:8f:5a:ce:13:57:4d:86:
c1:98:5b:97:51:a1:98:8c:27:9e:70:13:ca:81:b2:
37:cf:79:a4:1f:4a:d3:6a:eb:30:2b:9b:4f:9e:4f:
40:3b:6b:e4:35:2f:73:0f:dc:b9:5d:74:75:d5:71:
95:7d:b4:46:61:bc:fe:cf:66:9b:b3:79:a8:a7:29:
7f:23:78:f7:d7:2c:4e:2f:7b:e0:35:76:c9:b9:33:
5b:0b:4b:dd:ef:50:9e:5e:38:84:7f:eb:80:5b:49:
6e:a6:eb:e2:2b:71:c7:91:b8:43:e2:2c:65:e4:a3:
22:a8:6b:82:ad:af:63:40:85:13:8a:4f:1d:8c:14:
41:7b:60:39:ee:cc:b7:03:96:2b:04:64:72:15:a7:
24:6a:0c:5b:34:17:63:ab:39:9a:e0:2a:3c:7b:71:
bc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:70:1A:50:16:C6:C3:58:52:14:A4:D4:54:93:48:B1:E7:C3:E4:A1
X509v3 Authority Key Identifier:
keyid:1F:C4:92:7A:B1:94:AE:12:37:FD:E2:D3:BE:F6:90:38:89:3F:0D:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8SSerGUrhI3_eLTvvaQOIk_DcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/mnAaUBbGw1hSFKTUVJNIsefD5KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/943d5d-560c-4314-af82-8b8a01bd7414/1/H8SSerGUrhI3_eLTvvaQOIk_DcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.74.0/23
62.100.81.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b4:3a:36:d5:ed:94:4e:59:21:74:4c:a1:0d:e7:f4:36:d8:
8f:92:84:94:9d:9b:ae:ad:06:48:ec:0f:64:a0:16:c0:c7:04:
81:e8:f1:d6:6a:5a:7d:a3:ed:3b:fe:20:04:ad:b6:c0:0d:b6:
57:df:0c:66:a7:1a:97:b7:a9:56:67:ad:b7:5b:8b:fc:cd:86:
4c:ea:d8:58:95:a9:1b:ac:dc:77:f1:ad:83:8d:55:e8:89:30:
37:7a:1a:68:b6:f5:4e:40:c6:96:a9:dc:49:63:37:cc:c0:69:
30:f3:4d:0c:7f:a1:21:da:1f:31:83:10:33:28:24:97:f9:1e:
a1:3d:15:81:13:77:24:92:cc:3d:40:30:6a:4e:ad:a0:ef:ed:
06:a1:57:82:26:81:c6:1c:65:ca:c7:7c:94:61:c7:2a:eb:cc:
c4:84:b5:ba:42:98:cc:d5:b6:f4:db:95:ca:b6:38:79:53:3e:
d8:17:3f:08:64:b5:ce:ac:6b:58:38:f1:19:1e:1d:37:20:92:
fe:01:d9:9c:30:32:1f:51:38:5d:18:f5:63:ea:15:0c:67:10:
56:5f:5b:94:36:33:71:6b:7d:62:50:74:b1:b1:a4:9f:73:6a:
12:e0:93:6c:83:ff:a0:70:b6:59:65:ae:54:92:ca:1d:4a:06:
a9:e3:8b:fe
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAdE9ITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmM0OTI3YWIxOTRhZTEyMzdmZGUyZDNiZWY2OTAzODg5M2YwZGM1MB4XDTIyMDEw
MTA0MDExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE3MDFhNTAxNmM2
YzM1ODUyMTRhNGQ0NTQ5MzQ4YjFlN2MzZTRhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfyW8tUXsoJxt97DfB19pSVU3mulAZkIROLlyDlpI9+tUXe
m6xCCNu3ZCTaXIwIH70pStWtjUyg5TqpXIbz7xm1PVPY7dFbOvrWpCxRH/vlGol3
EnoUXGRNNN1rsztkyyuPWs4TV02GwZhbl1GhmIwnnnATyoGyN895pB9K02rrMCub
T55PQDtr5DUvcw/cuV10ddVxlX20RmG8/s9mm7N5qKcpfyN499csTi974DV2ybkz
WwtL3e9Qnl44hH/rgFtJbqbr4itxx5G4Q+IsZeSjIqhrgq2vY0CFE4pPHYwUQXtg
Oe7MtwOWKwRkchWnJGoMWzQXY6s5muAqPHtxvLECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSacBpQFsbDWFIUpNRUk0ix58PkoTAfBgNVHSMEGDAWgBQfxJJ6sZSuEjf9
4tO+9pA4iT8NxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g4U1NlckdVcmhJM19lTFR2dmFRT0lrX0RjVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvOTQzZDVkLTU2MGMtNDMxNC1hZjgyLThiOGEwMWJkNzQxNC8x
L21uQWFVQmJHdzFoU0ZLVFVWSk5Jc2VmRDVLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
OTQzZDVkLTU2MGMtNDMxNC1hZjgyLThiOGEwMWJkNzQxNC8xL0g4U1NlckdVcmhJ
M19lTFR2dmFRT0lrX0RjVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAT5kSgMEAD5kUTANBgkqhkiG9w0B
AQsFAAOCAQEAQ7Q6NtXtlE5ZIXRMoQ3n9DbYj5KElJ2brq0GSOwPZKAWwMcEgejx
1mpafaPtO/4gBK22wA22V98MZqcal7epVmett1uL/M2GTOrYWJWpG6zcd/Gtg41V
6IkwN3oaaLb1TkDGlqncSWM3zMBpMPNNDH+hIdofMYMQMygkl/keoT0VgRN3JJLM
PUAwak6toO/tBqFXgiaBxhxlysd8lGHHKuvMxIS1ukKYzNW29NuVyrY4eVM+2Bc/
CGS1zqxrWDjxGR4dNyCS/gHZnDAyH1E4XRj1Y+oVDGcQVl9blDYzcWt9YlB0sbGk
n3NqEuCTbIP/oHC2WWWuVJLKHUoGqeOL/g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:50 2025 by rpki-client