Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/ax2vz3kRnceP60cQcXODac5TgFI.roa
File: ax2vz3kRnceP60cQcXODac5TgFI.roa (raw, json)
Hash identifier: iLs13nGjzlo1ic5bgSL3Eamh9QJYH7j9oKZlcV9v0W0=
Subject key identifier: 6B:1D:AF:CF:79:11:9D:C7:8F:EB:47:10:71:73:83:69:CE:53:80:52
Certificate issuer: /CN=b172c8d4fc986deb9fceb1f0d0cae27c1c3135c3
Certificate serial: 018708E82E594F5979044F2DA66DB1401B9B
Authority key identifier: B1:72:C8:D4:FC:98:6D:EB:9F:CE:B1:F0:D0:CA:E2:7C:1C:31:35:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/ax2vz3kRnceP60cQcXODac5TgFI.roa
Signing time: Wed 22 Mar 2023 10:40:46 +0000
ROA not before: Wed 22 Mar 2023 10:40:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61310
IP address blocks: 5.63.177.0/24 maxlen: 24
5.63.176.0/23 maxlen: 23
5.63.176.0/24 maxlen: 24
5.63.176.0/22 maxlen: 22
5.63.176.0/21 maxlen: 21
5.63.182.0/23 maxlen: 23
5.63.182.0/24 maxlen: 24
5.63.181.0/24 maxlen: 24
5.63.180.0/22 maxlen: 22
5.63.180.0/24 maxlen: 24
5.63.180.0/23 maxlen: 23
2a04:5d80::/30 maxlen: 30
2a04:5d84::/30 maxlen: 30
2a04:5d80::/31 maxlen: 31
2a04:5d84::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:e8:2e:59:4f:59:79:04:4f:2d:a6:6d:b1:40:1b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b172c8d4fc986deb9fceb1f0d0cae27c1c3135c3
Validity
Not Before: Mar 22 10:40:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b1dafcf79119dc78feb471071738369ce538052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c0:65:77:9a:a5:55:15:5c:f9:ed:03:6e:a3:
40:a0:72:43:d8:a4:92:da:2b:73:d1:7f:7d:39:21:
c7:a5:a3:41:18:e2:9d:42:54:55:92:bf:a5:00:97:
3a:98:f9:7a:df:69:5b:5a:c2:df:c0:75:08:56:97:
a1:e7:c1:06:dd:04:05:3d:bd:3c:6d:a6:b5:60:a6:
ba:23:d0:2a:02:83:05:5b:77:9f:e2:ee:6e:26:de:
99:db:88:e3:35:2a:44:65:0c:d6:f7:96:b5:46:2a:
e5:2f:10:20:21:69:aa:e8:ac:06:5e:aa:82:d6:c6:
ee:97:8f:04:32:c0:66:01:9b:c0:4e:77:e9:13:ef:
7c:64:b5:0f:77:59:e1:17:68:51:d4:d0:c9:92:52:
0d:dc:76:e5:d9:32:d9:74:6c:6f:fa:7c:a8:f6:84:
66:ca:99:8d:c2:e0:cd:47:9a:83:b4:e4:84:ea:ee:
db:70:19:96:f9:ee:ce:a3:0b:2b:8e:18:98:f2:28:
bd:6d:45:d2:b4:0e:7f:f6:55:2f:58:df:f1:48:b3:
c6:dc:39:9f:b2:22:3a:5a:c3:4c:ea:26:6a:8a:27:
00:3a:0c:70:57:b0:e2:25:c9:76:ac:ac:0e:60:14:
b9:f2:f5:71:de:5f:23:49:cd:f5:80:9a:43:be:d8:
75:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1D:AF:CF:79:11:9D:C7:8F:EB:47:10:71:73:83:69:CE:53:80:52
X509v3 Authority Key Identifier:
keyid:B1:72:C8:D4:FC:98:6D:EB:9F:CE:B1:F0:D0:CA:E2:7C:1C:31:35:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXLI1PyYbeufzrHw0MrifBwxNcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/ax2vz3kRnceP60cQcXODac5TgFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/bb3b62-3302-45aa-968a-ecbb3fc0a725/1/sXLI1PyYbeufzrHw0MrifBwxNcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.176.0/21
IPv6:
2a04:5d80::/29
Signature Algorithm: sha256WithRSAEncryption
79:4f:76:60:5d:0c:3a:6f:b1:5a:d7:9a:df:b9:d7:ea:e5:cd:
71:e9:01:a2:72:ad:1c:2f:a0:ed:bb:05:8e:17:67:e4:ec:12:
20:38:0f:46:1d:6b:6d:78:92:6c:7c:bd:a4:66:72:5c:0b:a7:
b5:bf:ee:9a:b4:c2:67:80:3e:b6:50:78:da:36:47:8f:55:08:
db:61:a8:1b:c6:13:f8:60:6e:84:70:80:70:7e:94:89:09:97:
9f:3f:c7:1a:1b:ed:03:30:46:a2:2d:df:67:43:f7:e8:a5:6c:
a8:1d:07:af:03:98:78:7d:c2:b8:fb:73:43:52:cf:e2:0f:6a:
e4:04:25:d6:10:0e:9a:a9:ba:fe:30:ca:24:d5:bb:f4:60:cc:
25:fd:74:58:35:18:d9:95:a0:e2:2c:e8:08:5d:d4:df:50:42:
60:22:9a:23:5c:07:a4:87:60:d4:00:99:ee:7e:8f:f2:49:82:
7e:04:54:2d:53:35:01:cc:53:85:72:52:6c:89:35:b7:91:be:
39:d6:90:04:2d:23:fe:2a:ec:54:a7:eb:63:cc:a2:1e:7d:0f:
c3:3f:7e:4e:4b:fe:ab:f5:f6:e6:d3:55:b7:81:40:95:b0:59:
b1:6e:45:e4:d5:5a:7c:28:c6:72:e6:e8:e9:57:9d:be:de:ea:
ce:15:2d:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcI6C5ZT1l5BE8tpm2xQBubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJjOGQ0ZmM5ODZkZWI5ZmNlYjFmMGQwY2FlMjdjMWMz
MTM1YzMwHhcNMjMwMzIyMTA0MDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjFkYWZjZjc5MTE5ZGM3OGZlYjQ3MTA3MTczODM2OWNlNTM4MDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcBld5qlVRVc+e0DbqNAoHJD2KSS
2itz0X99OSHHpaNBGOKdQlRVkr+lAJc6mPl632lbWsLfwHUIVpeh58EG3QQFPb08
baa1YKa6I9AqAoMFW3ef4u5uJt6Z24jjNSpEZQzW95a1RirlLxAgIWmq6KwGXqqC
1sbul48EMsBmAZvATnfpE+98ZLUPd1nhF2hR1NDJklIN3Hbl2TLZdGxv+nyo9oRm
ypmNwuDNR5qDtOSE6u7bcBmW+e7OowsrjhiY8ii9bUXStA5/9lUvWN/xSLPG3Dmf
siI6WsNM6iZqiicAOgxwV7DiJcl2rKwOYBS58vVx3l8jSc31gJpDvth1vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGsdr895EZ3Hj+tHEHFzg2nOU4BSMB8GA1UdIwQY
MBaAFLFyyNT8mG3rn86x8NDK4nwcMTXDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iYjNiNjItMzMwMi00NWFhLTk2OGEt
ZWNiYjNmYzBhNzI1LzEvYXgydnoza1JuY2VQNjBjUWNYT0RhYzVUZ0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9iYjNiNjItMzMwMi00NWFhLTk2OGEtZWNiYjNmYzBhNzI1
LzEvc1hMSTFQeVliZXVmenJIdzBNcmlmQnd4TmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT+wMA0E
AgACMAcDBQMqBF2AMA0GCSqGSIb3DQEBCwUAA4IBAQB5T3ZgXQw6b7Fa15rfudfq
5c1x6QGicq0cL6DtuwWOF2fk7BIgOA9GHWtteJJsfL2kZnJcC6e1v+6atMJngD62
UHjaNkePVQjbYagbxhP4YG6EcIBwfpSJCZefP8caG+0DMEaiLd9nQ/fopWyoHQev
A5h4fcK4+3NDUs/iD2rkBCXWEA6aqbr+MMok1bv0YMwl/XRYNRjZlaDiLOgIXdTf
UEJgIpojXAekh2DUAJnufo/ySYJ+BFQtUzUBzFOFclJsiTW3kb451pAELSP+KuxU
p+tjzKIefQ/DP35OS/6r9fbm01W3gUCVsFmxbkXk1Vp8KMZy5ujpV52+3urOFS1v
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:14 2025 by rpki-client