Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/LdYpDHbECoke5FqKl_r0JmTLDyE.roa
File: LdYpDHbECoke5FqKl_r0JmTLDyE.roa (raw, json)
Hash identifier: OCjmucALYR+063s85c8FTCOF5iMljtPNYFp4MKBfv64=
Subject key identifier: 2D:D6:29:0C:76:C4:0A:89:1E:E4:5A:8A:97:FA:F4:26:64:CB:0F:21
Certificate issuer: /CN=7d92b67475270755136a8a3ca802ca12c8ac7e77
Certificate serial: 01856F4B55EB6B83714F30957BB0DA671E72
Authority key identifier: 7D:92:B6:74:75:27:07:55:13:6A:8A:3C:A8:02:CA:12:C8:AC:7E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/LdYpDHbECoke5FqKl_r0JmTLDyE.roa
Signing time: Sun 01 Jan 2023 21:44:46 +0000
ROA not before: Sun 01 Jan 2023 21:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39719
IP address blocks: 62.177.24.0/21 maxlen: 21
62.177.24.0/24 maxlen: 24
62.177.30.0/24 maxlen: 24
62.177.29.0/24 maxlen: 24
62.177.25.0/24 maxlen: 24
62.177.31.0/24 maxlen: 24
62.177.26.0/24 maxlen: 24
62.177.28.0/24 maxlen: 24
62.177.27.0/24 maxlen: 24
81.23.92.0/22 maxlen: 22
81.23.80.0/20 maxlen: 22
81.23.84.0/22 maxlen: 22
81.23.84.0/23 maxlen: 23
81.23.88.0/22 maxlen: 22
2a12:1d40:1::/48 maxlen: 48
2a12:1d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:55:eb:6b:83:71:4f:30:95:7b:b0:da:67:1e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d92b67475270755136a8a3ca802ca12c8ac7e77
Validity
Not Before: Jan 1 21:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dd6290c76c40a891ee45a8a97faf42664cb0f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f8:4a:5c:7a:44:1f:93:80:ce:9c:4f:1b:40:
a5:c7:27:ba:4e:69:2b:51:93:e2:85:f8:7b:1b:93:
f8:f1:82:d2:0f:68:8b:e0:76:16:89:55:d0:5b:f7:
97:ce:71:4c:b3:0f:c2:02:fe:97:d6:5a:33:48:c0:
ec:a0:ad:2a:58:7d:b4:82:47:59:e6:71:50:42:87:
8d:19:fb:cd:a7:72:69:db:b5:d9:a2:ac:e5:6e:9e:
0c:b3:16:23:22:6a:76:37:c4:59:83:fb:cd:9d:0f:
35:39:90:36:24:f2:08:1c:ba:1f:d8:a9:d2:78:9d:
fa:71:ee:10:fc:68:2b:5a:a4:85:98:18:25:ea:e2:
cc:9a:86:6b:d5:28:73:2b:b0:c0:1c:f3:b8:9e:4f:
40:51:cd:1f:b7:c7:e1:db:72:fd:e7:f1:d6:65:0f:
31:c0:e3:ec:30:fe:a2:79:96:0f:81:36:f2:49:f0:
8f:f5:23:4c:63:6a:3b:0f:5d:12:93:b7:b0:ef:58:
fb:04:f0:ca:7f:35:e8:8f:b6:0c:82:36:47:be:a6:
5b:43:0b:0b:f5:ce:3e:0d:c6:70:31:fa:0c:2d:3b:
d4:73:b4:e6:83:8d:af:d8:06:2c:96:63:8f:c7:55:
84:de:e9:ff:f9:9f:1a:a6:05:6b:d5:87:8d:0f:37:
3a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D6:29:0C:76:C4:0A:89:1E:E4:5A:8A:97:FA:F4:26:64:CB:0F:21
X509v3 Authority Key Identifier:
keyid:7D:92:B6:74:75:27:07:55:13:6A:8A:3C:A8:02:CA:12:C8:AC:7E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZK2dHUnB1UTaoo8qALKEsisfnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/LdYpDHbECoke5FqKl_r0JmTLDyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/05e814-cac4-41a8-875e-410c671e7577/1/fZK2dHUnB1UTaoo8qALKEsisfnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.177.24.0/21
81.23.80.0/20
IPv6:
2a12:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
0c:4b:b8:f4:33:5e:e3:17:0a:1f:3c:55:22:76:6d:fe:f5:da:
34:26:ed:91:17:94:78:ba:87:21:a6:34:fa:1c:7f:5c:13:a2:
10:39:4e:e4:d0:d6:ae:0b:46:bc:08:db:2d:f9:20:e0:3a:ab:
fe:5e:da:e1:df:5a:5b:7b:29:2d:04:32:b5:06:6f:03:97:14:
3d:20:b7:62:52:ec:ae:47:14:5f:16:5a:5a:5e:21:16:d9:e3:
b5:e7:49:d1:a4:cd:69:1c:db:ae:9d:d3:a9:f9:c0:99:04:6f:
f3:a8:a7:ca:35:4a:5c:a0:62:e6:02:26:5e:e3:fe:61:90:e5:
56:b1:7f:9a:ad:38:57:0b:9e:45:41:9f:cb:47:7d:c6:1c:9b:
04:b9:e5:2b:53:ef:cf:a7:97:c8:e9:87:9d:1f:fa:33:06:2e:
f1:46:9f:f5:58:cc:05:92:db:45:83:b5:f6:8a:de:77:c6:0c:
b9:03:d4:4a:95:2b:d1:75:f3:75:17:9a:58:36:d9:4f:ea:0a:
48:06:13:3c:dc:9d:30:66:26:6a:d1:c9:48:6a:26:74:94:de:
56:94:6b:2b:f7:6c:b1:0d:b2:c6:c1:f0:1a:b6:ce:9d:ec:63:
3a:3d:6b:67:c6:ad:e2:db:f9:27:89:88:57:31:23:52:aa:92:
78:86:9b:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvS1Xra4NxTzCVe7DaZx5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTJiNjc0NzUyNzA3NTUxMzZhOGEzY2E4MDJjYTEyYzhh
YzdlNzcwHhcNMjMwMTAxMjE0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ2MjkwYzc2YzQwYTg5MWVlNDVhOGE5N2ZhZjQyNjY0Y2IwZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPhKXHpEH5OAzpxPG0Clxye6Tmkr
UZPihfh7G5P48YLSD2iL4HYWiVXQW/eXznFMsw/CAv6X1lozSMDsoK0qWH20gkdZ
5nFQQoeNGfvNp3Jp27XZoqzlbp4MsxYjImp2N8RZg/vNnQ81OZA2JPIIHLof2KnS
eJ36ce4Q/GgrWqSFmBgl6uLMmoZr1ShzK7DAHPO4nk9AUc0ft8fh23L95/HWZQ8x
wOPsMP6ieZYPgTbySfCP9SNMY2o7D10Sk7ew71j7BPDKfzXoj7YMgjZHvqZbQwsL
9c4+DcZwMfoMLTvUc7Tmg42v2AYslmOPx1WE3un/+Z8apgVr1YeNDzc60wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC3WKQx2xAqJHuRaipf69CZkyw8hMB8GA1UdIwQY
MBaAFH2StnR1JwdVE2qKPKgCyhLIrH53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpLMmRIVW5CMVVUYW9vOHFBTEtFc2lzZm5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8wNWU4MTQtY2FjNC00MWE4LTg3NWUt
NDEwYzY3MWU3NTc3LzEvTGRZcERIYkVDb2tlNUZxS2xfcjBKbVRMRHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8wNWU4MTQtY2FjNC00MWE4LTg3NWUtNDEwYzY3MWU3NTc3
LzEvZlpLMmRIVW5CMVVUYW9vOHFBTEtFc2lzZm5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDPrEYAwQE
URdQMA0EAgACMAcDBQMqEh1AMA0GCSqGSIb3DQEBCwUAA4IBAQAMS7j0M17jFwof
PFUidm3+9do0Ju2RF5R4uochpjT6HH9cE6IQOU7k0NauC0a8CNst+SDgOqv+Xtrh
31pbeyktBDK1Bm8DlxQ9ILdiUuyuRxRfFlpaXiEW2eO150nRpM1pHNuundOp+cCZ
BG/zqKfKNUpcoGLmAiZe4/5hkOVWsX+arThXC55FQZ/LR33GHJsEueUrU+/Pp5fI
6YedH/ozBi7xRp/1WMwFkttFg7X2it53xgy5A9RKlSvRdfN1F5pYNtlP6gpIBhM8
3J0wZiZq0clIaiZ0lN5WlGsr92yxDbLGwfAats6d7GM6PWtnxq3i2/kniYhXMSNS
qpJ4hps2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:54 2025 by rpki-client