Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/mjP5qdpcMkwGJR2OI8gbCu1zIlk.roa
File: mjP5qdpcMkwGJR2OI8gbCu1zIlk.roa (raw, json)
Hash identifier: Dl21CQ+STnMvMKm0zWBl60bHh2ZnjeMkiNhtv3M7KMI=
Subject key identifier: 9A:33:F9:A9:DA:5C:32:4C:06:25:1D:8E:23:C8:1B:0A:ED:73:22:59
Certificate issuer: /CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Certificate serial: 018BD23827A120452BA27D090329FC66975B
Authority key identifier: 6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/mjP5qdpcMkwGJR2OI8gbCu1zIlk.roa
Signing time: Wed 15 Nov 2023 09:02:57 +0000
ROA not before: Wed 15 Nov 2023 09:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51132
IP address blocks: 91.145.16.0/20 maxlen: 20
83.68.224.0/19 maxlen: 19
185.95.160.0/22 maxlen: 24
62.108.192.0/20 maxlen: 20
91.145.0.0/19 maxlen: 19
91.145.0.0/20 maxlen: 20
62.108.208.0/21 maxlen: 21
2a02:eb8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:38:27:a1:20:45:2b:a2:7d:09:03:29:fc:66:97:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Validity
Not Before: Nov 15 09:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a33f9a9da5c324c06251d8e23c81b0aed732259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:81:29:9d:b5:5d:d3:34:93:65:28:d7:8c:7e:
06:d5:35:9b:cb:f2:93:4f:35:af:75:8c:d8:ff:4c:
55:ff:a5:a3:27:a8:a1:14:62:35:24:6a:c4:1f:f7:
3e:b3:46:0a:31:a5:33:66:eb:2b:4e:6a:2d:40:6f:
8d:0d:77:bf:57:59:4a:0c:bc:f6:44:dd:13:21:0f:
97:46:84:64:61:1a:90:6a:14:2f:e7:8e:e6:23:3a:
71:6e:79:60:ca:87:fa:75:36:29:5b:f7:88:ca:d2:
a7:aa:70:19:14:e0:59:f7:b9:df:58:63:d2:d7:42:
d9:e1:7b:66:30:31:9f:73:88:91:a4:08:4b:9e:94:
f7:56:d3:99:03:ee:1e:c2:15:fb:98:b7:77:cc:73:
99:25:d3:a2:ee:69:00:cc:5e:54:8f:e6:fb:7e:d5:
31:51:b5:20:dd:1d:27:6e:74:8a:d0:ea:bb:d9:d5:
16:1b:fa:17:b2:bc:ed:a5:f5:14:cd:c9:89:34:83:
1c:8a:6c:4d:c7:05:91:8b:f2:e3:a3:a4:92:c5:19:
8a:b0:34:61:91:db:22:bd:01:82:21:18:cb:5a:6c:
ea:56:44:2e:2e:95:39:8c:f5:18:9c:09:c5:26:b8:
35:d4:13:03:ac:8b:6b:6c:f8:4a:04:f6:d9:15:ed:
dc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:33:F9:A9:DA:5C:32:4C:06:25:1D:8E:23:C8:1B:0A:ED:73:22:59
X509v3 Authority Key Identifier:
keyid:6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/mjP5qdpcMkwGJR2OI8gbCu1zIlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/b-3wt2FSkK76zF9qprQdnRhD8bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.192.0-62.108.215.255
83.68.224.0/19
91.145.0.0/19
185.95.160.0/22
IPv6:
2a02:eb8::/29
Signature Algorithm: sha256WithRSAEncryption
67:9f:d3:50:e5:80:05:55:c2:1f:2f:8f:bc:5a:a5:a3:d9:4c:
27:c4:00:f3:53:95:f0:e4:52:77:02:bc:1e:3d:94:57:7d:f3:
64:d1:8c:c6:f0:5d:d0:36:92:e9:fb:c3:15:60:c5:e7:c4:a3:
fc:51:00:e3:a7:b9:04:c3:a8:3e:c5:0b:bb:72:cd:c0:ef:ac:
56:a4:ab:20:2b:82:50:8d:ab:90:0a:7f:1f:85:5a:d5:08:78:
34:a0:aa:c3:53:f2:6d:af:99:3b:32:0d:ff:1d:99:b0:a7:00:
d1:0b:89:1c:0f:5c:7b:7e:a1:f9:3d:68:d4:7e:07:f5:1d:1b:
e2:e4:95:54:7a:5b:9b:66:3c:8d:76:c8:73:b6:01:38:47:f4:
e2:80:f2:f0:b8:7e:af:ba:55:d7:b1:e1:ff:9b:cd:b4:c8:8c:
ab:18:1b:cd:6a:c8:17:65:6b:59:af:3b:e5:6b:02:75:51:e5:
d5:22:22:30:e5:54:66:63:bc:e4:22:9b:45:0e:2d:bc:81:37:
00:7e:54:e2:ec:26:6e:26:f5:af:51:5b:f3:3e:ee:3a:f3:41:
a1:ce:8e:af:3d:48:7f:15:95:44:1c:76:ce:0f:0c:21:2b:4b:
61:82:3f:45:74:00:30:38:db:46:99:3f:88:84:27:d2:36:cc:
2a:1b:3f:ff
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYvSOCehIEUron0JAyn8ZpdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZWRmMGI3NjE1MjkwYWVmYWNjNWY2YWE2YjQxZDlkMTg0
M2YxYjYwHhcNMjMxMTE1MDkwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTMzZjlhOWRhNWMzMjRjMDYyNTFkOGUyM2M4MWIwYWVkNzMyMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4EpnbVd0zSTZSjXjH4G1TWby/KT
TzWvdYzY/0xV/6WjJ6ihFGI1JGrEH/c+s0YKMaUzZusrTmotQG+NDXe/V1lKDLz2
RN0TIQ+XRoRkYRqQahQv547mIzpxbnlgyof6dTYpW/eIytKnqnAZFOBZ97nfWGPS
10LZ4XtmMDGfc4iRpAhLnpT3VtOZA+4ewhX7mLd3zHOZJdOi7mkAzF5Uj+b7ftUx
UbUg3R0nbnSK0Oq72dUWG/oXsrztpfUUzcmJNIMcimxNxwWRi/Ljo6SSxRmKsDRh
kdsivQGCIRjLWmzqVkQuLpU5jPUYnAnFJrg11BMDrItrbPhKBPbZFe3cWQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJoz+anaXDJMBiUdjiPIGwrtcyJZMB8GA1UdIwQY
MBaAFG/t8LdhUpCu+sxfaqa0HZ0YQ/G2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEt
Nzg0ZGI5YjFkYTJiLzEvbWpQNXFkcGNNa3dHSlIyT0k4Z2JDdTF6SWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEtNzg0ZGI5YjFkYTJi
LzEvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAY+bMAD
BAM+bNADBAVTROADBAVbkQADBAK5X6AwDQQCAAIwBwMFAyoCDrgwDQYJKoZIhvcN
AQELBQADggEBAGef01DlgAVVwh8vj7xapaPZTCfEAPNTlfDkUncCvB49lFd982TR
jMbwXdA2kun7wxVgxefEo/xRAOOnuQTDqD7FC7tyzcDvrFakqyArglCNq5AKfx+F
WtUIeDSgqsNT8m2vmTsyDf8dmbCnANELiRwPXHt+ofk9aNR+B/UdG+LklVR6W5tm
PI12yHO2AThH9OKA8vC4fq+6Vdex4f+bzbTIjKsYG81qyBdla1mvO+VrAnVR5dUi
IjDlVGZjvOQim0UOLbyBNwB+VOLsJm4m9a9RW/M+7jrzQaHOjq89SH8VlUQcds4P
DCErS2GCP0V0ADA420aZP4iEJ9I2zCobP/8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:00 2025 by rpki-client