Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/mZ10ELyDDS1QeLmpysXL607M_Nk.roa
File: mZ10ELyDDS1QeLmpysXL607M_Nk.roa (raw, json)
Hash identifier: oPiqXsBTqXPvYxSFIFWfGBT9OkV7y3DBVJv7q9w/Wt4=
Subject key identifier: 99:9D:74:10:BC:83:0D:2D:50:78:B9:A9:CA:C5:CB:EB:4E:CC:FC:D9
Certificate issuer: /CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Certificate serial: CF8349
Authority key identifier: 40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/mZ10ELyDDS1QeLmpysXL607M_Nk.roa
Signing time: Thu 21 Apr 2022 05:42:12 +0000
ROA not before: Thu 21 Apr 2022 05:42:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56488
IP address blocks: 217.28.136.0/24 maxlen: 24
2a12:2540::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13599561 (0xcf8349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40662733bc873d13e1f9f66e8dff75c820d5d2f7
Validity
Not Before: Apr 21 05:42:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=999d7410bc830d2d5078b9a9cac5cbeb4eccfcd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:4f:aa:63:d5:4c:19:11:d8:38:dd:05:bb:
2f:ce:7c:17:ec:cc:4d:7f:49:72:17:aa:bd:6a:44:
7d:54:c6:73:85:6a:be:5b:7c:d0:78:da:5e:73:43:
74:9e:31:5e:94:b7:8e:1d:2d:bf:d0:b3:7b:b3:07:
32:09:90:8d:1e:35:de:7f:14:56:9f:e5:7a:ab:6b:
99:3c:bd:82:a1:cf:9d:79:0f:b4:2a:68:3e:25:70:
c3:07:26:e2:4f:8c:93:77:9e:fc:e8:b2:cd:61:35:
e6:84:cc:4f:10:42:dc:1f:0a:60:24:f3:35:80:41:
03:57:69:72:cd:62:20:2c:cc:56:70:87:3c:c1:77:
aa:f7:30:d9:3b:25:3e:a0:39:f3:75:d8:95:bd:2f:
73:6e:db:8a:48:a3:9d:2c:6a:67:d6:78:08:f6:64:
78:4f:c3:14:b1:b6:5a:52:97:00:3c:ef:cc:83:9e:
0c:46:ab:8f:f0:f9:92:b2:14:c0:f4:80:f6:ae:3e:
a7:4d:6c:cf:7a:cc:a2:e3:86:40:d7:36:ce:6b:a4:
19:c8:97:17:1b:59:9d:43:78:f0:0b:13:af:fa:8e:
d2:e0:1b:51:9e:03:2d:34:6f:d2:2c:3c:3e:1f:9c:
e6:0e:54:a7:74:66:a2:1f:7a:96:a6:60:14:37:13:
f0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9D:74:10:BC:83:0D:2D:50:78:B9:A9:CA:C5:CB:EB:4E:CC:FC:D9
X509v3 Authority Key Identifier:
keyid:40:66:27:33:BC:87:3D:13:E1:F9:F6:6E:8D:FF:75:C8:20:D5:D2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGYnM7yHPRPh-fZujf91yCDV0vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/mZ10ELyDDS1QeLmpysXL607M_Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/d910d1-94c6-4412-8506-9cb51e51ff77/1/QGYnM7yHPRPh-fZujf91yCDV0vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.136.0/24
IPv6:
2a12:2540::/32
Signature Algorithm: sha256WithRSAEncryption
28:61:22:27:85:6b:04:61:c9:45:7b:aa:e0:fe:42:5a:4b:43:
c5:96:d1:06:d7:55:56:92:ee:63:1b:a7:fa:14:63:6e:f1:e4:
a0:46:f3:68:ee:46:b0:e6:68:cd:0a:c6:c1:a1:1e:f2:f2:73:
62:e7:89:db:74:9f:46:b4:0e:7c:50:7b:c5:55:c4:59:e7:e1:
ea:18:2b:32:1d:b2:89:ca:b3:ef:06:3d:76:12:a4:04:61:c0:
c1:ac:c4:b5:4a:24:ee:0a:83:13:e9:15:ec:3d:d9:f4:5c:59:
95:3f:dc:4d:40:ae:72:c7:14:d2:8d:f3:cb:d0:7c:aa:ec:a5:
71:27:7a:99:09:82:5d:2b:0e:3e:b1:17:05:53:c9:29:66:d3:
bd:90:84:e0:98:34:da:1c:ba:f7:13:23:dd:aa:2a:f5:ff:54:
39:ce:9d:29:91:57:2f:08:6a:b3:c7:68:75:fb:0e:c1:b7:ec:
7b:7d:5d:81:ed:e1:a0:31:03:dd:26:45:dc:0e:96:10:b7:f4:
55:54:67:98:0e:42:76:6f:57:36:62:a2:b8:1a:d7:64:03:9e:
21:52:3d:d4:67:e6:f6:e5:0a:05:5b:d5:98:f8:6d:59:09:55:
e8:88:0b:f6:59:99:92:e6:30:9b:c2:f5:3b:c3:e0:b1:2a:b3:
34:a9:d7:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAM+DSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDY2MjczM2JjODczZDEzZTFmOWY2NmU4ZGZmNzVjODIwZDVkMmY3MB4XDTIyMDQy
MTA1NDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTk5ZDc0MTBiYzgz
MGQyZDUwNzhiOWE5Y2FjNWNiZWI0ZWNjZmNkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6cT6pj1UwZEdg43QW7L858F+zMTX9JcheqvWpEfVTGc4Vq
vlt80HjaXnNDdJ4xXpS3jh0tv9Cze7MHMgmQjR413n8UVp/leqtrmTy9gqHPnXkP
tCpoPiVwwwcm4k+Mk3ee/OiyzWE15oTMTxBC3B8KYCTzNYBBA1dpcs1iICzMVnCH
PMF3qvcw2TslPqA583XYlb0vc27bikijnSxqZ9Z4CPZkeE/DFLG2WlKXADzvzIOe
DEarj/D5krIUwPSA9q4+p01sz3rMouOGQNc2zmukGciXFxtZnUN48AsTr/qO0uAb
UZ4DLTRv0iw8Ph+c5g5Up3Rmoh96lqZgFDcT8EECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSZnXQQvIMNLVB4uanKxcvrTsz82TAfBgNVHSMEGDAWgBRAZiczvIc9E+H5
9m6N/3XIINXS9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FHWW5NN3lIUFJQaC1mWnVqZjkxeUNEVjB2Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvZDkxMGQxLTk0YzYtNDQxMi04NTA2LTljYjUxZTUxZmY3Ny8x
L21aMTBFTHlERFMxUWVMbXB5c1hMNjA3TV9Oay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ZDkxMGQxLTk0YzYtNDQxMi04NTA2LTljYjUxZTUxZmY3Ny8xL1FHWW5NN3lIUFJQ
aC1mWnVqZjkxeUNEVjB2Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEANkciDANBAIAAjAHAwUAKhIlQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKGEiJ4VrBGHJRXuq4P5CWktDxZbRBtdVVpLuYxun
+hRjbvHkoEbzaO5GsOZozQrGwaEe8vJzYueJ23SfRrQOfFB7xVXEWefh6hgrMh2y
icqz7wY9dhKkBGHAwazEtUok7gqDE+kV7D3Z9FxZlT/cTUCucscU0o3zy9B8quyl
cSd6mQmCXSsOPrEXBVPJKWbTvZCE4Jg02hy69xMj3aoq9f9UOc6dKZFXLwhqs8do
dfsOwbfse31dge3hoDED3SZF3A6WELf0VVRnmA5Cdm9XNmKiuBrXZAOeIVI91Gfm
9uUKBVvVmPhtWQlV6IgL9lmZkuYwm8L1O8PgsSqzNKnX+g==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:11:13 2025 by rpki-client