Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/ZjEgvnHe42MAO1lWNRUV32R-_aA.roa
File: ZjEgvnHe42MAO1lWNRUV32R-_aA.roa (raw, json)
Hash identifier: BMN/sR2ega5we6pPWo5CdouO3rzz8t3hlhh4t6jcuGk=
Subject key identifier: 66:31:20:BE:71:DE:E3:63:00:3B:59:56:35:15:15:DF:64:7E:FD:A0
Certificate issuer: /CN=b172c8d4fc986deb9fceb1f0d0cae27c1c3135c3
Certificate serial: 01856D53F252453F67C0B37E2A19424AEEFA
Authority key identifier: B1:72:C8:D4:FC:98:6D:EB:9F:CE:B1:F0:D0:CA:E2:7C:1C:31:35:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/ZjEgvnHe42MAO1lWNRUV32R-_aA.roa
Signing time: Sun 01 Jan 2023 12:34:55 +0000
ROA not before: Sun 01 Jan 2023 12:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61310
IP address blocks: 5.63.176.0/23 maxlen: 23
5.63.176.0/22 maxlen: 22
5.63.176.0/21 maxlen: 21
5.63.182.0/23 maxlen: 23
5.63.182.0/24 maxlen: 24
5.63.180.0/22 maxlen: 22
5.63.180.0/23 maxlen: 23
2a04:5d80::/30 maxlen: 30
2a04:5d80::/31 maxlen: 31
2a04:5d84::/30 maxlen: 30
2a04:5d84::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f2:52:45:3f:67:c0:b3:7e:2a:19:42:4a:ee:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b172c8d4fc986deb9fceb1f0d0cae27c1c3135c3
Validity
Not Before: Jan 1 12:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=663120be71dee363003b5956351515df647efda0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3e:77:fd:d8:9b:bd:af:7a:ec:5e:4c:f3:7a:
81:bb:c8:c8:a7:9b:73:b2:76:57:ac:c6:14:75:f3:
14:50:6d:b2:e6:d8:ae:2d:17:fc:cf:c8:21:ad:8a:
0a:db:ec:99:cc:e8:64:07:ce:81:64:92:30:9e:90:
f1:d7:a0:19:e2:16:3c:6b:e8:d3:3e:8c:01:53:ec:
80:5d:94:32:95:eb:52:dd:2b:52:ec:e3:9a:d7:89:
b8:0b:ec:70:e8:73:c8:58:54:1c:d5:4b:89:7d:4b:
59:56:db:18:29:a8:22:71:d4:5a:b6:f9:84:b8:f5:
1a:a4:ce:ca:be:e7:25:02:e5:b4:68:a3:02:6f:62:
5b:ab:68:f6:d7:e1:07:0e:47:1c:17:10:1e:4e:a7:
10:19:2f:cb:fa:af:f6:9d:54:e0:41:a6:32:30:56:
9e:84:15:86:f1:53:04:2a:68:d3:a8:ef:5d:f4:a7:
4d:e9:78:3a:4b:34:c4:e6:ab:00:3c:50:6a:7e:79:
d8:e3:74:56:c0:b6:15:59:1f:1d:4a:29:fa:f7:1f:
35:c8:9f:e7:ee:ee:01:9c:91:b3:e3:82:b7:44:e3:
2b:ec:a9:4b:f5:f5:90:9d:f0:42:44:d3:db:48:6d:
3a:49:6b:f8:0b:e0:b7:38:4a:d3:0d:9f:e1:d9:ab:
1e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:31:20:BE:71:DE:E3:63:00:3B:59:56:35:15:15:DF:64:7E:FD:A0
X509v3 Authority Key Identifier:
keyid:B1:72:C8:D4:FC:98:6D:EB:9F:CE:B1:F0:D0:CA:E2:7C:1C:31:35:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/ZjEgvnHe42MAO1lWNRUV32R-_aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.176.0/21
IPv6:
2a04:5d80::/29
Signature Algorithm: sha256WithRSAEncryption
4c:09:19:40:eb:ef:66:49:e3:57:c3:c9:cf:72:3d:fe:36:ac:
19:65:e8:08:c1:6b:21:1b:2f:77:8b:4e:74:a2:06:4f:e8:89:
c2:50:4f:28:88:90:5e:64:80:46:27:ef:8e:ec:b9:b0:e9:d2:
20:3f:87:f0:4e:a7:02:69:59:9e:42:1b:d9:7e:33:bc:ae:47:
08:d4:d2:6b:d9:e6:a7:7b:f3:9c:8f:e7:57:71:a2:89:16:b9:
d0:6c:fa:32:93:0b:5e:13:1a:29:b6:16:58:72:94:9b:4e:f2:
7c:5d:2a:72:54:78:fa:41:59:12:8f:91:48:b1:4d:28:b6:82:
18:b3:7d:7d:9b:1a:ca:d9:7d:13:5c:cd:80:d1:8d:88:39:0f:
25:8f:14:9b:8e:a0:c9:ef:ae:de:ce:7f:69:fe:98:85:7c:89:
7b:e3:43:30:f1:dd:82:6a:ed:53:fc:89:54:c0:de:bd:a3:4d:
48:c5:89:8c:ab:79:5d:f7:62:1e:62:52:04:8d:a5:d2:19:08:
af:89:d0:06:37:bf:69:aa:b9:5d:ae:ec:54:c6:5d:9a:2a:4a:
34:f2:a2:ae:9b:53:fa:ef:dd:e6:25:81:aa:50:be:07:b7:d3:
39:86:4e:fa:c8:a0:1b:e5:48:69:b5:2c:1b:6c:af:fd:52:41:
ce:59:c1:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU/JSRT9nwLN+KhlCSu76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJjOGQ0ZmM5ODZkZWI5ZmNlYjFmMGQwY2FlMjdjMWMz
MTM1YzMwHhcNMjMwMTAxMTIzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMxMjBiZTcxZGVlMzYzMDAzYjU5NTYzNTE1MTVkZjY0N2VmZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0z53/dibva967F5M83qBu8jIp5tz
snZXrMYUdfMUUG2y5tiuLRf8z8ghrYoK2+yZzOhkB86BZJIwnpDx16AZ4hY8a+jT
PowBU+yAXZQyletS3StS7OOa14m4C+xw6HPIWFQc1UuJfUtZVtsYKagicdRatvmE
uPUapM7KvuclAuW0aKMCb2Jbq2j21+EHDkccFxAeTqcQGS/L+q/2nVTgQaYyMFae
hBWG8VMEKmjTqO9d9KdN6Xg6SzTE5qsAPFBqfnnY43RWwLYVWR8dSin69x81yJ/n
7u4BnJGz44K3ROMr7KlL9fWQnfBCRNPbSG06SWv4C+C3OErTDZ/h2aseEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGYxIL5x3uNjADtZVjUVFd9kfv2gMB8GA1UdIwQY
MBaAFLFyyNT8mG3rn86x8NDK4nwcMTXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iYjNiNjItMzMwMi00NWFhLTk2OGEt
ZWNiYjNmYzBhNzI1LzEvWmpFZ3ZuSGU0Mk1BTzFsV05SVVYzMlItX2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9iYjNiNjItMzMwMi00NWFhLTk2OGEtZWNiYjNmYzBhNzI1
LzEvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT+wMA0E
AgACMAcDBQMqBF2AMA0GCSqGSIb3DQEBCwUAA4IBAQBMCRlA6+9mSeNXw8nPcj3+
NqwZZegIwWshGy93i050ogZP6InCUE8oiJBeZIBGJ++O7Lmw6dIgP4fwTqcCaVme
QhvZfjO8rkcI1NJr2eane/Ocj+dXcaKJFrnQbPoykwteExopthZYcpSbTvJ8XSpy
VHj6QVkSj5FIsU0otoIYs319mxrK2X0TXM2A0Y2IOQ8ljxSbjqDJ767ezn9p/piF
fIl740Mw8d2Cau1T/IlUwN69o01IxYmMq3ld92IeYlIEjaXSGQividAGN79pqrld
ruxUxl2aKko08qKum1P6793mJYGqUL4Ht9M5hk76yKAb5UhptSwbbK/9UkHOWcEH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:40 2025 by rpki-client