Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/0hW5Me6k3W97yJ5Rvg-H-IeE-eo.roa
File: 0hW5Me6k3W97yJ5Rvg-H-IeE-eo.roa (raw, json)
Hash identifier: 13pDBjEkp5+zkzHtt7KqDU4cZsz5O/aiUHEtziapPcQ=
Subject key identifier: D2:15:B9:31:EE:A4:DD:6F:7B:C8:9E:51:BE:0F:87:F8:87:84:F9:EA
Certificate issuer: /CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Certificate serial: 0185704BCAD4D950105C2BB082BC63B98ABE
Authority key identifier: B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/0hW5Me6k3W97yJ5Rvg-H-IeE-eo.roa
Signing time: Mon 02 Jan 2023 02:24:53 +0000
ROA not before: Mon 02 Jan 2023 02:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60762
IP address blocks: 176.62.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:ca:d4:d9:50:10:5c:2b:b0:82:bc:63:b9:8a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Validity
Not Before: Jan 2 02:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d215b931eea4dd6f7bc89e51be0f87f88784f9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:95:d7:a4:64:1f:ac:5d:2d:39:59:2b:99:db:
02:be:f6:f0:0c:87:e1:59:b7:51:ea:16:a9:92:98:
bb:2a:d1:67:80:53:df:56:45:b6:49:15:a3:5b:8b:
8b:67:ec:e5:73:ab:82:f5:14:6d:ca:28:e7:78:9f:
fe:98:e9:55:b5:00:83:63:60:65:57:b2:0e:3b:46:
31:70:59:f4:8f:15:43:32:0b:1f:28:47:ef:d2:9c:
e4:ef:8f:d6:c0:a5:ec:e0:b1:70:9d:8a:d4:73:96:
73:b6:f9:12:2e:61:f6:70:9c:1b:2a:52:ad:4f:6c:
b6:a5:cd:d0:07:63:5a:d0:4c:fa:e3:77:86:44:05:
72:20:db:3a:75:9a:2d:f4:91:f4:3b:eb:bd:55:e4:
0b:71:ac:b3:e6:f3:d2:69:27:6f:09:c5:08:c2:33:
e8:4e:3a:c7:75:d4:4f:f1:4e:14:ed:65:6a:e4:24:
0c:e6:76:59:54:17:c6:3c:57:81:93:28:e4:88:81:
71:f3:9e:7b:b8:4c:d0:8a:c9:c3:d3:4b:a4:17:0e:
ff:c4:3d:0f:80:7d:55:10:7a:14:55:50:2d:60:b2:
19:55:07:4f:0c:68:fb:02:6f:51:20:3d:1f:20:52:
3f:97:cf:a0:7f:5c:05:7d:1d:20:bb:04:41:51:8e:
1a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:15:B9:31:EE:A4:DD:6F:7B:C8:9E:51:BE:0F:87:F8:87:84:F9:EA
X509v3 Authority Key Identifier:
keyid:B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/0hW5Me6k3W97yJ5Rvg-H-IeE-eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:db:51:49:83:76:d7:1f:b8:75:ef:55:ac:35:ed:9d:c5:34:
28:4a:2b:fc:3a:c4:3f:a9:60:41:84:0c:b2:ff:d2:38:17:85:
85:66:a9:44:af:f7:c2:0b:e9:62:cb:5e:1c:3d:24:1b:84:63:
03:51:b2:60:f1:b2:16:41:28:6b:4f:77:65:ec:bf:43:96:ba:
cf:0d:cd:e2:9e:eb:1e:0c:92:d1:fb:2c:b0:a6:44:99:d1:41:
ad:34:ac:9e:cf:9d:62:9e:a1:1e:76:41:73:2e:76:e7:7e:68:
ca:3d:06:05:8c:bd:d0:01:66:f9:b3:b2:58:c3:0b:28:0a:41:
79:f7:26:d8:ad:34:a0:69:23:b1:11:2a:5d:f3:fc:ed:65:0a:
18:65:92:82:32:45:76:e2:6d:4a:e5:e7:c4:96:4d:5e:5d:36:
9d:4f:9d:15:3b:24:27:16:3d:a1:8f:9c:02:d0:c5:96:81:6c:
95:a2:37:7e:43:4f:e0:3a:06:c5:f5:93:86:26:a7:bd:0b:a0:
6d:4c:03:fe:08:93:c1:08:39:e0:3a:8f:39:a8:f6:19:ad:94:
ab:e6:59:4c:90:e1:97:63:d8:ba:a1:86:c2:67:2c:8d:e2:b9:
99:2d:18:f2:ec:a9:ef:50:07:97:29:cd:05:34:73:55:3d:63:
65:1e:bb:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS8rU2VAQXCuwgrxjuYq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ODYwMjhjOWZlYjZmMTQyYjNmZWNiNjQ2NjdmNDg4NzRi
YTljMzcwHhcNMjMwMTAyMDIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE1YjkzMWVlYTRkZDZmN2JjODllNTFiZTBmODdmODg3ODRmOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJXXpGQfrF0tOVkrmdsCvvbwDIfh
WbdR6hapkpi7KtFngFPfVkW2SRWjW4uLZ+zlc6uC9RRtyijneJ/+mOlVtQCDY2Bl
V7IOO0YxcFn0jxVDMgsfKEfv0pzk74/WwKXs4LFwnYrUc5ZztvkSLmH2cJwbKlKt
T2y2pc3QB2Na0Ez643eGRAVyINs6dZot9JH0O+u9VeQLcayz5vPSaSdvCcUIwjPo
TjrHddRP8U4U7WVq5CQM5nZZVBfGPFeBkyjkiIFx8557uEzQisnD00ukFw7/xD0P
gH1VEHoUVVAtYLIZVQdPDGj7Am9RID0fIFI/l8+gf1wFfR0guwRBUY4aDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIVuTHupN1ve8ieUb4Ph/iHhPnqMB8GA1UdIwQY
MBaAFLmGAoyf628UKz/stkZn9Ih0upw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYt
M2E0NDY4YzRkZmRmLzEvMGhXNU1lNmszVzk3eUo1UnZnLUgtSWVFLWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYtM2E0NDY4YzRkZmRm
LzEvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsD4fMA0G
CSqGSIb3DQEBCwUAA4IBAQAP21FJg3bXH7h171WsNe2dxTQoSiv8OsQ/qWBBhAyy
/9I4F4WFZqlEr/fCC+liy14cPSQbhGMDUbJg8bIWQShrT3dl7L9DlrrPDc3inuse
DJLR+yywpkSZ0UGtNKyez51inqEedkFzLnbnfmjKPQYFjL3QAWb5s7JYwwsoCkF5
9ybYrTSgaSOxESpd8/ztZQoYZZKCMkV24m1K5efElk1eXTadT50VOyQnFj2hj5wC
0MWWgWyVojd+Q0/gOgbF9ZOGJqe9C6BtTAP+CJPBCDngOo85qPYZrZSr5llMkOGX
Y9i6oYbCZyyN4rmZLRjy7KnvUAeXKc0FNHNVPWNlHrvT
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:54 2025 by rpki-client