Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/485305-4c23-4f37-854b-a9d3eef06c67/1/WVz1bN1QWHGYHE8_4a51I3EA-so.roa
File: WVz1bN1QWHGYHE8_4a51I3EA-so.roa (raw, json)
Hash identifier: GSq6ZB2SMWTOg/qwDLAbb3d5zld2m1eLZXJYcRthbAg=
Subject key identifier: 59:5C:F5:6C:DD:50:58:71:98:1C:4F:3F:E1:AE:75:23:71:00:FA:CA
Certificate issuer: /CN=58a26c2bc503a7c68128d2ae1ab4cd37deb99325
Certificate serial: 01856D78642724BE4C9BD28614C36D7C1631
Authority key identifier: 58:A2:6C:2B:C5:03:A7:C6:81:28:D2:AE:1A:B4:CD:37:DE:B9:93:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKJsK8UDp8aBKNKuGrTNN965kyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/485305-4c23-4f37-854b-a9d3eef06c67/1/WVz1bN1QWHGYHE8_4a51I3EA-so.roa
Signing time: Sun 01 Jan 2023 13:14:44 +0000
ROA not before: Sun 01 Jan 2023 13:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44517
IP address blocks: 62.68.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:64:27:24:be:4c:9b:d2:86:14:c3:6d:7c:16:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58a26c2bc503a7c68128d2ae1ab4cd37deb99325
Validity
Not Before: Jan 1 13:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=595cf56cdd505871981c4f3fe1ae75237100faca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a0:c3:9a:c6:56:c3:2e:56:d8:a2:a2:10:de:
0a:51:ca:01:8a:8a:a3:14:23:98:d4:78:ea:ce:a1:
de:59:1a:ad:47:03:bd:28:e1:0a:7c:8a:fc:1d:9e:
39:c2:54:0c:ba:63:45:cd:48:5c:db:aa:30:de:33:
b9:bc:7b:e9:5b:8f:b1:f6:4a:21:2c:84:ce:af:f1:
2d:9b:8c:5d:e4:a7:06:80:60:c6:a5:05:62:fe:2b:
b9:ca:de:3a:1c:e1:26:e8:39:3f:fd:98:24:9d:a4:
97:a5:f0:a5:40:2c:46:47:41:f8:44:9e:10:cb:20:
d3:74:89:f6:b6:d3:23:3b:1e:d5:98:82:05:de:49:
2c:8f:0a:e0:32:81:aa:c4:97:21:b2:87:6a:71:58:
42:a6:1f:80:26:30:e0:8a:42:a1:9f:ff:86:9b:0e:
d9:b6:96:32:46:1e:62:3e:ea:13:9a:e5:4d:31:77:
bc:9b:f3:bc:fc:14:8b:5c:d4:d2:6f:0b:f8:17:26:
5a:a5:ef:fd:cb:6d:0e:a8:38:1a:75:32:f8:f2:e6:
7d:2a:d8:f9:2b:51:95:53:29:4b:47:1e:b0:d9:e5:
c0:d1:7e:af:7a:4f:17:94:60:ca:bf:1d:11:86:b0:
bf:b3:62:f4:9f:20:03:e9:c1:e8:24:d3:dc:97:d4:
f3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5C:F5:6C:DD:50:58:71:98:1C:4F:3F:E1:AE:75:23:71:00:FA:CA
X509v3 Authority Key Identifier:
keyid:58:A2:6C:2B:C5:03:A7:C6:81:28:D2:AE:1A:B4:CD:37:DE:B9:93:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKJsK8UDp8aBKNKuGrTNN965kyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/485305-4c23-4f37-854b-a9d3eef06c67/1/WVz1bN1QWHGYHE8_4a51I3EA-so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/485305-4c23-4f37-854b-a9d3eef06c67/1/WKJsK8UDp8aBKNKuGrTNN965kyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.67.0/24
Signature Algorithm: sha256WithRSAEncryption
00:07:93:96:0b:e8:34:a8:6b:0c:53:da:64:1d:7b:78:57:d6:
a4:24:b7:96:88:9c:c8:2f:b5:cb:ff:4b:fb:a4:13:13:d4:cf:
b3:20:13:72:e9:0c:06:79:aa:6d:22:56:d8:93:ea:eb:7e:16:
42:c9:9d:c9:6b:94:54:e6:ab:a2:0d:78:11:3e:7f:ca:c0:0e:
3d:39:60:ad:2c:22:d6:58:80:b7:d0:4c:b8:28:7b:f4:8f:70:
f5:28:a0:7e:38:b2:46:39:77:4e:8b:09:87:bf:a3:d5:36:e1:
5b:36:56:91:31:35:3f:26:3c:ac:50:f1:77:92:4a:72:4f:63:
b5:f2:6a:e9:fd:58:30:99:a4:c6:e4:04:2d:00:18:3e:3b:a9:
8a:96:ce:e3:e1:30:a9:bc:40:0e:7c:48:54:4d:47:cc:9d:d8:
89:fc:95:9b:5d:ec:f4:9b:4f:fd:2a:7e:49:61:7f:50:ee:af:
1c:9e:26:e6:7f:09:3f:ca:35:c3:2f:74:df:98:1d:86:e9:9c:
9f:58:a2:85:91:90:00:57:57:60:02:0b:78:e8:a6:c6:26:e4:
66:9a:6a:ee:3b:19:0e:b1:8e:1a:2e:38:14:89:09:50:37:de:
38:a2:4a:e5:8f:ad:96:26:5b:ab:01:68:da:a6:65:a5:f7:52:
03:1a:38:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteGQnJL5Mm9KGFMNtfBYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTI2YzJiYzUwM2E3YzY4MTI4ZDJhZTFhYjRjZDM3ZGVi
OTkzMjUwHhcNMjMwMTAxMTMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTVjZjU2Y2RkNTA1ODcxOTgxYzRmM2ZlMWFlNzUyMzcxMDBmYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqDDmsZWwy5W2KKiEN4KUcoBioqj
FCOY1HjqzqHeWRqtRwO9KOEKfIr8HZ45wlQMumNFzUhc26ow3jO5vHvpW4+x9koh
LITOr/Etm4xd5KcGgGDGpQVi/iu5yt46HOEm6Dk//ZgknaSXpfClQCxGR0H4RJ4Q
yyDTdIn2ttMjOx7VmIIF3kksjwrgMoGqxJchsodqcVhCph+AJjDgikKhn/+Gmw7Z
tpYyRh5iPuoTmuVNMXe8m/O8/BSLXNTSbwv4FyZape/9y20OqDgadTL48uZ9Ktj5
K1GVUylLRx6w2eXA0X6vek8XlGDKvx0RhrC/s2L0nyAD6cHoJNPcl9Tz2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlc9WzdUFhxmBxPP+GudSNxAPrKMB8GA1UdIwQY
MBaAFFiibCvFA6fGgSjSrhq0zTfeuZMlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tKc0s4VURwOGFCS05LdUdyVE5OOTY1a3lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80ODUzMDUtNGMyMy00ZjM3LTg1NGIt
YTlkM2VlZjA2YzY3LzEvV1Z6MWJOMVFXSEdZSEU4XzRhNTFJM0VBLXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80ODUzMDUtNGMyMy00ZjM3LTg1NGItYTlkM2VlZjA2YzY3
LzEvV0tKc0s4VURwOGFCS05LdUdyVE5OOTY1a3lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRDMA0G
CSqGSIb3DQEBCwUAA4IBAQAAB5OWC+g0qGsMU9pkHXt4V9akJLeWiJzIL7XL/0v7
pBMT1M+zIBNy6QwGeaptIlbYk+rrfhZCyZ3Ja5RU5quiDXgRPn/KwA49OWCtLCLW
WIC30Ey4KHv0j3D1KKB+OLJGOXdOiwmHv6PVNuFbNlaRMTU/JjysUPF3kkpyT2O1
8mrp/VgwmaTG5AQtABg+O6mKls7j4TCpvEAOfEhUTUfMndiJ/JWbXez0m0/9Kn5J
YX9Q7q8cnibmfwk/yjXDL3TfmB2G6ZyfWKKFkZAAV1dgAgt46KbGJuRmmmruOxkO
sY4aLjgUiQlQN944okrlj62WJlurAWjapmWl91IDGjj9
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:39 2025 by rpki-client