Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/cdSmDbQEzN0i39KVAFvTz93liQ8.roa
File: cdSmDbQEzN0i39KVAFvTz93liQ8.roa (raw, json)
Hash identifier: x4N5AMAUywH7k0g8aAcwJtdgMPs88ke1XeBlAaxk8X8=
Subject key identifier: 71:D4:A6:0D:B4:04:CC:DD:22:DF:D2:95:00:5B:D3:CF:DD:E5:89:0F
Certificate issuer: /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial: 0184AE5B05E0A20F3B4197AFDB5F275CDD0B
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/cdSmDbQEzN0i39KVAFvTz93liQ8.roa
Signing time: Fri 25 Nov 2022 10:35:11 +0000
ROA not before: Fri 25 Nov 2022 10:35:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 62.202.152.0/21 maxlen: 24
62.202.168.0/21 maxlen: 24
2a02:1215:ffff::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:5b:05:e0:a2:0f:3b:41:97:af:db:5f:27:5c:dd:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
Validity
Not Before: Nov 25 10:35:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71d4a60db404ccdd22dfd295005bd3cfdde5890f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:28:96:99:64:62:ac:c7:7a:fa:eb:7c:70:64:
e7:81:02:6b:c4:b7:04:3c:17:d5:90:c9:6f:53:96:
dc:cc:4d:76:78:3a:3d:9a:a6:b4:90:dd:18:b5:51:
a5:e6:ac:b0:ef:3a:3b:25:4f:a2:7b:37:25:56:19:
b9:d8:0e:5a:4a:12:d5:76:87:b5:a0:ba:3c:ea:5f:
37:06:18:6c:8e:f4:75:7f:a4:25:be:b5:e1:e2:9c:
07:41:dd:8c:48:9a:29:43:d5:1c:8d:6c:5b:e8:01:
28:1f:b2:ff:d8:65:39:cd:9d:0f:74:ca:5d:d8:00:
50:38:7b:c9:b3:a9:7e:b7:2e:43:ff:c4:9d:36:34:
ad:d8:49:f6:96:25:c3:83:aa:8d:0e:12:60:10:85:
27:a3:e1:e8:54:b1:fe:62:68:56:0f:16:d5:18:bd:
a6:7b:5e:2b:76:2b:ff:04:d3:c7:7a:bb:b5:03:59:
f6:a6:96:6e:4b:55:ec:de:76:85:18:96:34:c6:33:
fd:e1:6a:24:2c:bb:fc:fd:47:9c:40:5c:d0:4c:23:
68:f5:13:c9:0d:00:3b:d4:15:ee:a4:70:69:1e:68:
94:9d:fe:bb:db:a2:0e:2d:5d:90:e6:ea:d3:00:68:
ad:b6:36:75:cf:27:0f:b4:8c:30:7c:70:a0:73:47:
cb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D4:A6:0D:B4:04:CC:DD:22:DF:D2:95:00:5B:D3:CF:DD:E5:89:0F
X509v3 Authority Key Identifier:
keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/cdSmDbQEzN0i39KVAFvTz93liQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.202.152.0/21
62.202.168.0/21
IPv6:
2a02:1215:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
87:95:ef:86:a0:8c:91:a3:7e:13:f7:35:9d:aa:b7:7e:b1:a1:
47:45:5d:07:13:a1:8e:31:74:cf:55:70:b0:3b:c1:1c:ae:19:
e0:be:bb:38:f6:20:77:da:33:47:2b:26:bc:a6:af:9c:10:64:
7b:5c:5e:26:2e:e1:61:3f:9d:70:db:4b:47:a1:dc:28:d2:44:
bf:d3:2e:51:47:93:e2:90:d0:b0:91:39:a5:d5:0d:59:ba:2a:
c5:9f:1f:56:87:c9:46:fb:a6:08:4f:5f:0e:0c:a6:c9:10:05:
04:ef:41:41:eb:25:e2:7b:d9:5a:26:56:5d:0f:9a:7f:b6:4e:
3c:16:32:32:66:a6:b2:53:6e:95:14:51:bc:87:78:ca:6f:e8:
ce:c6:78:80:62:c9:25:ac:01:89:ec:09:44:c0:48:9b:2b:d3:
a5:fa:04:d6:30:60:df:c0:50:3f:b9:16:b1:ef:5c:d8:72:49:
de:cb:06:23:68:8a:cd:34:a4:d7:bd:fa:02:5b:f6:14:58:b0:
27:94:e9:a5:eb:b7:43:31:e3:7b:e5:2d:dd:a3:c0:66:91:36:
1b:60:40:2e:a8:58:64:0e:8b:b8:6f:dc:bc:4a:e2:3c:84:98:
3e:88:ea:b7:95:47:5c:32:d9:52:d7:67:3e:9d:e3:f3:ed:ff:
34:68:62:ce
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYSuWwXgog87QZev218nXN0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjIxMTI1MTAzNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ0YTYwZGI0MDRjY2RkMjJkZmQyOTUwMDViZDNjZmRkZTU4OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCiWmWRirMd6+ut8cGTngQJrxLcE
PBfVkMlvU5bczE12eDo9mqa0kN0YtVGl5qyw7zo7JU+iezclVhm52A5aShLVdoe1
oLo86l83BhhsjvR1f6QlvrXh4pwHQd2MSJopQ9UcjWxb6AEoH7L/2GU5zZ0PdMpd
2ABQOHvJs6l+ty5D/8SdNjSt2En2liXDg6qNDhJgEIUno+HoVLH+YmhWDxbVGL2m
e14rdiv/BNPHeru1A1n2ppZuS1Xs3naFGJY0xjP94WokLLv8/UecQFzQTCNo9RPJ
DQA71BXupHBpHmiUnf6726IOLV2Q5urTAGittjZ1zycPtIwwfHCgc0fLdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHHUpg20BMzdIt/SlQBb08/d5YkPMB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvY2RTbURiUUV6TjBpMzlLVkFGdlR6OTNsaVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYtMDI1M2QwNGZiOGZm
LzEvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDPsqYAwQD
PsqoMA8EAgACMAkDBwAqAhIV//8wDQYJKoZIhvcNAQELBQADggEBAIeV74agjJGj
fhP3NZ2qt36xoUdFXQcToY4xdM9VcLA7wRyuGeC+uzj2IHfaM0crJrymr5wQZHtc
XiYu4WE/nXDbS0eh3CjSRL/TLlFHk+KQ0LCROaXVDVm6KsWfH1aHyUb7pghPXw4M
pskQBQTvQUHrJeJ72VomVl0Pmn+2TjwWMjJmprJTbpUUUbyHeMpv6M7GeIBiySWs
AYnsCUTASJsr06X6BNYwYN/AUD+5FrHvXNhySd7LBiNois00pNe9+gJb9hRYsCeU
6aXrt0Mx43vlLd2jwGaRNhtgQC6oWGQOi7hv3LxK4jyEmD6I6reVR1wy2VLXZz6d
4/Pt/zRoYs4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:32 2023 by rpki-client on console-fra.rpki-client.org