Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/sPLzDisQb4ESj5G0dW95CD7Y-4o.roa
File: sPLzDisQb4ESj5G0dW95CD7Y-4o.roa (raw, json)
Hash identifier: mLC1CuqR+Bl3cQMBqc1jthalqMj4QaC2YwAjNctCods=
Subject key identifier: B0:F2:F3:0E:2B:10:6F:81:12:8F:91:B4:75:6F:79:08:3E:D8:FB:8A
Certificate issuer: /CN=2e6d235bfd2bb77d9886b14cb10dc49c42082353
Certificate serial: 01856DC19A2971C38D42677A07AF2A039055
Authority key identifier: 2E:6D:23:5B:FD:2B:B7:7D:98:86:B1:4C:B1:0D:C4:9C:42:08:23:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lm0jW_0rt32YhrFMsQ3EnEIII1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/sPLzDisQb4ESj5G0dW95CD7Y-4o.roa
Signing time: Sun 01 Jan 2023 14:34:42 +0000
ROA not before: Sun 01 Jan 2023 14:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50157
IP address blocks: 62.76.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:9a:29:71:c3:8d:42:67:7a:07:af:2a:03:90:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6d235bfd2bb77d9886b14cb10dc49c42082353
Validity
Not Before: Jan 1 14:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f2f30e2b106f81128f91b4756f79083ed8fb8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:65:ca:dc:a4:18:15:eb:de:c6:16:91:a5:07:
76:6a:87:64:b9:f6:df:9c:45:8a:ed:93:23:3f:56:
8e:13:e3:c6:14:c7:c1:66:82:e4:65:4c:d9:89:27:
e4:df:5b:c9:fd:02:70:d9:40:f2:38:32:0b:bb:f8:
c8:fd:f4:85:24:0f:66:87:ff:0a:32:0d:21:59:56:
f0:f7:61:dc:83:97:eb:64:33:af:e3:15:b5:45:85:
bf:5a:68:a4:a6:25:8a:6b:b2:ef:a2:df:64:b6:b9:
e4:ea:ea:b9:fe:d0:15:c9:f2:06:f6:b1:72:ca:c4:
fd:6b:78:11:4f:17:8d:61:ce:47:c2:fa:6e:f1:dd:
bb:6e:3d:20:2e:0f:a1:4a:75:60:a8:22:eb:6d:3b:
a3:6c:2b:a6:e2:6f:a8:07:de:99:26:b3:e2:2a:96:
33:66:57:9a:2b:ce:4a:b3:aa:e9:a5:b2:6c:15:a8:
1b:2e:81:29:06:8d:07:ab:05:b8:a9:23:0c:77:29:
57:68:c7:36:cf:5b:dd:3d:c3:29:a6:17:c3:75:8b:
16:f2:14:6c:3a:f9:b6:a2:8b:7b:42:f2:c3:5f:9c:
23:59:e1:c9:4e:d1:e9:23:4f:a1:51:dc:c2:3e:04:
f3:8c:e2:dd:a9:8b:6d:b5:b5:df:7e:14:80:f4:3e:
0b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F2:F3:0E:2B:10:6F:81:12:8F:91:B4:75:6F:79:08:3E:D8:FB:8A
X509v3 Authority Key Identifier:
keyid:2E:6D:23:5B:FD:2B:B7:7D:98:86:B1:4C:B1:0D:C4:9C:42:08:23:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lm0jW_0rt32YhrFMsQ3EnEIII1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/sPLzDisQb4ESj5G0dW95CD7Y-4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/Lm0jW_0rt32YhrFMsQ3EnEIII1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b4:c3:69:2f:f9:59:da:b9:94:2b:e4:ab:0c:c4:ec:bf:58:
1b:d9:74:e7:b8:dc:8a:29:87:48:1b:4b:83:24:e1:43:09:a4:
b6:43:12:44:bc:5c:a2:5d:41:aa:27:c4:25:75:71:8a:7c:c0:
8c:79:a4:26:82:31:9b:44:37:99:45:b6:52:bc:ed:14:4d:36:
64:9d:e9:c0:86:43:9d:5e:31:82:78:91:24:e3:32:c0:e1:11:
b6:dd:92:e2:b9:f1:73:38:1d:bf:f2:12:85:8f:66:9c:fd:55:
b3:ec:05:ac:ee:08:ed:fe:14:75:78:ad:5a:a8:f5:16:fd:cb:
8e:fc:dc:9a:a4:91:63:bd:ef:a1:f7:30:79:9b:ae:c1:f1:63:
2c:0f:c2:d2:31:a5:a0:d6:98:d2:e8:10:d0:29:70:35:2e:8e:
ed:f1:08:16:22:e6:04:27:fb:df:1f:91:22:01:12:d5:c7:81:
29:9c:3a:cf:63:25:a5:6e:0d:fb:a6:1a:04:ca:b3:d7:53:30:
37:d6:4f:bf:95:64:e7:52:9b:2e:03:d8:ea:50:26:96:7c:4e:
4f:ba:f2:7b:93:9d:b6:42:3c:76:6d:e3:35:14:7f:32:ef:72:
bb:b7:99:86:b4:69:74:3c:9a:46:f6:c5:c1:ca:b8:41:19:cb:
3f:c8:b8:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwZopccONQmd6B68qA5BVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmQyMzViZmQyYmI3N2Q5ODg2YjE0Y2IxMGRjNDljNDIw
ODIzNTMwHhcNMjMwMTAxMTQzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGYyZjMwZTJiMTA2ZjgxMTI4ZjkxYjQ3NTZmNzkwODNlZDhmYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWXK3KQYFevexhaRpQd2aodkufbf
nEWK7ZMjP1aOE+PGFMfBZoLkZUzZiSfk31vJ/QJw2UDyODILu/jI/fSFJA9mh/8K
Mg0hWVbw92Hcg5frZDOv4xW1RYW/WmikpiWKa7Lvot9ktrnk6uq5/tAVyfIG9rFy
ysT9a3gRTxeNYc5Hwvpu8d27bj0gLg+hSnVgqCLrbTujbCum4m+oB96ZJrPiKpYz
ZleaK85Ks6rppbJsFagbLoEpBo0HqwW4qSMMdylXaMc2z1vdPcMpphfDdYsW8hRs
Ovm2oot7QvLDX5wjWeHJTtHpI0+hUdzCPgTzjOLdqYtttbXffhSA9D4LcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDy8w4rEG+BEo+RtHVveQg+2PuKMB8GA1UdIwQY
MBaAFC5tI1v9K7d9mIaxTLENxJxCCCNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG0waldfMHJ0MzJZaHJGTXNRM0VuRUlJSTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zMjNhZGQtMWQ4Ny00MTZhLWJkMDUt
MWU5ODQ4Y2IxNzQ1LzEvc1BMekRpc1FiNEVTajVHMGRXOTVDRDdZLTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zMjNhZGQtMWQ4Ny00MTZhLWJkMDUtMWU5ODQ4Y2IxNzQ1
LzEvTG0waldfMHJ0MzJZaHJGTXNRM0VuRUlJSTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkx5MA0G
CSqGSIb3DQEBCwUAA4IBAQAKtMNpL/lZ2rmUK+SrDMTsv1gb2XTnuNyKKYdIG0uD
JOFDCaS2QxJEvFyiXUGqJ8QldXGKfMCMeaQmgjGbRDeZRbZSvO0UTTZknenAhkOd
XjGCeJEk4zLA4RG23ZLiufFzOB2/8hKFj2ac/VWz7AWs7gjt/hR1eK1aqPUW/cuO
/NyapJFjve+h9zB5m67B8WMsD8LSMaWg1pjS6BDQKXA1Lo7t8QgWIuYEJ/vfH5Ei
ARLVx4EpnDrPYyWlbg37phoEyrPXUzA31k+/lWTnUpsuA9jqUCaWfE5PuvJ7k522
Qjx2beM1FH8y73K7t5mGtGl0PJpG9sXByrhBGcs/yLgX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:08 2025 by rpki-client