Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/xYtwhkkjpiu6ADTncPOzNAle1p0.roa
File: xYtwhkkjpiu6ADTncPOzNAle1p0.roa (raw, json)
Hash identifier: SFkzBhyLRkO2xXSPU/BOMfJ0jobjUz5jff20Otur/xk=
Subject key identifier: C5:8B:70:86:49:23:A6:2B:BA:00:34:E7:70:F3:B3:34:09:5E:D6:9D
Certificate issuer: /CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Certificate serial: 018572B42E5F5173335159056250977394A1
Authority key identifier: 86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/xYtwhkkjpiu6ADTncPOzNAle1p0.roa
Signing time: Mon 02 Jan 2023 13:38:08 +0000
ROA not before: Mon 02 Jan 2023 13:38:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15869
IP address blocks: 62.3.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:2e:5f:51:73:33:51:59:05:62:50:97:73:94:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Validity
Not Before: Jan 2 13:38:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c58b70864923a62bba0034e770f3b334095ed69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:10:d0:29:95:36:13:3f:0e:90:17:cb:b7:59:
f8:19:29:00:eb:a9:57:31:dd:97:5b:f9:7a:20:4c:
c6:88:15:0a:ab:52:34:43:70:2b:d4:f4:16:2e:0f:
2a:67:42:0d:5e:9f:67:bc:0b:49:69:82:ac:56:6e:
9d:4d:ff:94:24:20:eb:7d:42:bd:86:28:73:d6:e0:
18:ce:44:31:3a:8d:f2:12:8f:57:3b:30:b7:09:c7:
e6:88:99:1a:fd:7a:47:55:d8:d5:01:9b:7c:fb:bb:
0e:15:e4:af:fc:2f:d0:38:fd:16:63:07:8b:fe:32:
94:16:69:d9:a2:ca:9c:cd:67:80:8d:cb:c5:00:52:
aa:c4:0b:b4:69:79:06:e7:73:08:b5:1d:7b:40:79:
03:e3:7a:0e:1c:77:8f:eb:ca:34:d7:22:cb:e9:91:
0a:96:fb:42:68:67:39:3b:64:4b:51:40:e9:8c:da:
87:69:d6:39:28:2e:a6:8d:bd:1a:32:8d:76:de:0e:
41:28:8f:02:91:71:2b:dd:e1:e8:27:e2:b8:52:51:
f6:91:27:a6:c7:ea:5f:dd:87:f9:4f:e2:6e:4b:e8:
40:38:9c:d5:15:c6:f5:cf:64:88:74:99:93:17:06:
5b:d0:3e:34:52:64:1f:99:bc:86:fa:17:da:5b:77:
66:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8B:70:86:49:23:A6:2B:BA:00:34:E7:70:F3:B3:34:09:5E:D6:9D
X509v3 Authority Key Identifier:
keyid:86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/xYtwhkkjpiu6ADTncPOzNAle1p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.128.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:19:98:ad:20:23:f3:38:11:20:ed:ff:08:b6:b7:cb:3a:f5:
e6:d8:35:84:07:f0:57:73:a8:e8:d4:6f:16:b1:89:d6:14:d2:
20:6d:e5:d9:e7:27:12:9d:fb:fd:3b:e9:f1:db:37:bb:e0:51:
b6:20:0d:61:2f:78:33:d5:64:da:75:47:b7:52:6b:ff:66:e7:
0c:6b:b9:46:8a:a1:97:35:95:cf:f8:e7:78:cf:eb:33:5b:54:
04:df:a9:08:b0:d4:be:5f:26:37:5b:89:6f:cb:63:a9:4d:14:
01:d8:69:d2:e4:26:0a:9b:d3:4b:d6:b3:5f:e9:7c:16:d3:2e:
1e:82:29:97:f6:c4:2c:f8:d9:b2:7e:9e:4b:ba:39:9e:b6:a0:
6e:85:78:6a:c0:bb:f8:7b:5e:2e:45:e9:b8:46:97:bd:32:6e:
99:64:03:ec:89:bf:31:00:70:51:c5:96:77:f0:71:1f:1a:54:
af:14:5e:23:65:32:ea:34:b1:58:17:46:17:8f:b7:1d:37:86:
0a:b1:29:62:4e:70:b8:e6:df:e9:26:a6:4d:44:8b:62:27:df:
be:ff:1f:00:32:83:49:61:9a:c0:4e:f5:bf:4c:8e:39:4f:b5:
28:6c:aa:ef:d6:47:4a:88:3d:3b:68:2a:ec:59:37:98:96:10:
75:66:15:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytC5fUXMzUVkFYlCXc5ShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTM2NTUzMjZiMDQ3MmM4NjZjNWM5OTMwMmUyYjJkNzhj
YmRkZjcwHhcNMjMwMTAyMTMzODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNThiNzA4NjQ5MjNhNjJiYmEwMDM0ZTc3MGYzYjMzNDA5NWVkNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghDQKZU2Ez8OkBfLt1n4GSkA66lX
Md2XW/l6IEzGiBUKq1I0Q3Ar1PQWLg8qZ0INXp9nvAtJaYKsVm6dTf+UJCDrfUK9
hihz1uAYzkQxOo3yEo9XOzC3CcfmiJka/XpHVdjVAZt8+7sOFeSv/C/QOP0WYweL
/jKUFmnZosqczWeAjcvFAFKqxAu0aXkG53MItR17QHkD43oOHHeP68o01yLL6ZEK
lvtCaGc5O2RLUUDpjNqHadY5KC6mjb0aMo123g5BKI8CkXEr3eHoJ+K4UlH2kSem
x+pf3Yf5T+JuS+hAOJzVFcb1z2SIdJmTFwZb0D40UmQfmbyG+hfaW3dmrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWLcIZJI6YrugA053DzszQJXtadMB8GA1UdIwQY
MBaAFIaTZVMmsEcshmxcmTAuKy14y933MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9kYWMzMzctODA3OS00M2JmLTlmZTEt
OWU2NzcyZWQzOWE2LzEveFl0d2hra2pwaXU2QURUbmNQT3pOQWxlMXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9kYWMzMzctODA3OS00M2JmLTlmZTEtOWU2NzcyZWQzOWE2
LzEvaHBObFV5YXdSeXlHYkZ5Wk1DNHJMWGpMM2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPgOAMA0G
CSqGSIb3DQEBCwUAA4IBAQBvGZitICPzOBEg7f8ItrfLOvXm2DWEB/BXc6jo1G8W
sYnWFNIgbeXZ5ycSnfv9O+nx2ze74FG2IA1hL3gz1WTadUe3Umv/ZucMa7lGiqGX
NZXP+Od4z+szW1QE36kIsNS+XyY3W4lvy2OpTRQB2GnS5CYKm9NL1rNf6XwW0y4e
gimX9sQs+Nmyfp5LujmetqBuhXhqwLv4e14uRem4Rpe9Mm6ZZAPsib8xAHBRxZZ3
8HEfGlSvFF4jZTLqNLFYF0YXj7cdN4YKsSliTnC45t/pJqZNRItiJ9++/x8AMoNJ
YZrATvW/TI45T7UobKrv1kdKiD07aCrsWTeYlhB1ZhWE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:28 2025 by rpki-client