Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/EPtSPMPm2s6M83O1uPrYebHJ658.roa
File: EPtSPMPm2s6M83O1uPrYebHJ658.roa (raw, json)
Hash identifier: a0lGyUv8IFIhYyCkYfRryYWPFpxtm0SRjo0Q888uWtc=
Subject key identifier: 10:FB:52:3C:C3:E6:DA:CE:8C:F3:73:B5:B8:FA:D8:79:B1:C9:EB:9F
Certificate issuer: /CN=659abae2b0cae86c4196b020765b823a203207fc
Certificate serial: 01857082D85580DDFBDC6FD82AD3AFD254DD
Authority key identifier: 65:9A:BA:E2:B0:CA:E8:6C:41:96:B0:20:76:5B:82:3A:20:32:07:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZq64rDK6GxBlrAgdluCOiAyB_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/EPtSPMPm2s6M83O1uPrYebHJ658.roa
Signing time: Mon 02 Jan 2023 03:25:01 +0000
ROA not before: Mon 02 Jan 2023 03:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196949
IP address blocks: 37.200.72.0/23 maxlen: 23
37.200.72.0/21 maxlen: 21
37.200.74.0/23 maxlen: 23
37.200.76.0/23 maxlen: 23
37.200.78.0/23 maxlen: 23
217.150.74.0/23 maxlen: 23
217.150.76.0/23 maxlen: 23
217.150.78.0/23 maxlen: 23
217.150.72.0/23 maxlen: 23
217.150.72.0/21 maxlen: 21
109.110.36.0/23 maxlen: 23
109.110.32.0/19 maxlen: 19
109.110.32.0/23 maxlen: 23
109.110.34.0/23 maxlen: 23
109.110.38.0/23 maxlen: 23
109.110.40.0/23 maxlen: 23
109.110.42.0/23 maxlen: 23
109.110.44.0/23 maxlen: 23
109.110.50.0/23 maxlen: 23
109.110.46.0/23 maxlen: 23
109.110.48.0/23 maxlen: 23
109.110.52.0/23 maxlen: 23
109.110.54.0/23 maxlen: 23
109.110.56.0/23 maxlen: 23
109.110.58.0/23 maxlen: 23
109.110.60.0/23 maxlen: 23
109.110.62.0/23 maxlen: 23
31.200.224.0/23 maxlen: 23
31.200.224.0/20 maxlen: 20
31.200.226.0/23 maxlen: 23
31.200.228.0/23 maxlen: 23
31.200.230.0/23 maxlen: 23
31.200.232.0/23 maxlen: 23
31.200.236.0/23 maxlen: 23
31.200.238.0/23 maxlen: 23
31.200.234.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:d8:55:80:dd:fb:dc:6f:d8:2a:d3:af:d2:54:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659abae2b0cae86c4196b020765b823a203207fc
Validity
Not Before: Jan 2 03:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10fb523cc3e6dace8cf373b5b8fad879b1c9eb9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:88:5c:1c:85:3a:3c:06:58:34:df:bf:af:40:
3a:a7:51:68:58:45:65:9d:38:23:0d:7d:73:1d:db:
19:ee:57:7c:4d:f7:b7:02:a1:7b:e4:95:cb:b6:b3:
1d:68:b3:db:33:14:1c:4f:62:e2:11:67:fa:4e:e0:
2d:3e:91:9c:c4:c2:b4:92:b0:e2:6e:de:3a:e4:e8:
1f:2d:87:17:f2:ca:94:ba:2d:94:03:10:4d:49:f6:
0c:03:41:3f:cc:89:96:86:0e:32:46:17:de:8b:3f:
cd:ff:b7:96:98:f9:45:16:cb:6c:e0:d9:d8:75:be:
3a:55:3c:ad:ef:5b:a7:be:55:f0:b5:c7:98:f2:26:
7c:56:c3:09:a6:82:b9:a0:1b:76:12:79:b2:e3:d2:
7b:22:02:96:a3:1d:fd:c3:89:44:10:4a:99:4c:7d:
9c:9b:dd:f5:6d:6a:8e:69:2f:76:d9:40:f6:62:cf:
10:5f:91:3a:75:98:80:13:97:e3:97:54:c9:14:97:
98:74:c3:bf:49:90:09:08:f2:fd:a8:a5:68:fd:97:
05:e9:14:03:a9:3e:0c:a3:4c:99:1f:60:c9:00:f7:
f3:0b:fd:67:32:79:c6:ea:76:45:bd:5f:42:16:32:
1e:70:5b:cb:75:6c:f4:1a:4a:1b:f1:90:3f:40:ae:
8f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:FB:52:3C:C3:E6:DA:CE:8C:F3:73:B5:B8:FA:D8:79:B1:C9:EB:9F
X509v3 Authority Key Identifier:
keyid:65:9A:BA:E2:B0:CA:E8:6C:41:96:B0:20:76:5B:82:3A:20:32:07:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZq64rDK6GxBlrAgdluCOiAyB_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/EPtSPMPm2s6M83O1uPrYebHJ658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/ZZq64rDK6GxBlrAgdluCOiAyB_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.224.0/20
37.200.72.0/21
109.110.32.0/19
217.150.72.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:01:5d:6f:5b:e0:08:cf:9f:2d:e2:76:df:17:65:d6:a2:15:
7c:79:80:c0:e2:44:99:2a:7c:2a:16:dc:ae:f8:08:d1:0b:51:
23:10:a2:21:aa:ac:c8:27:19:5b:ea:7d:4c:89:77:14:b5:da:
d5:e9:f3:f8:ef:04:d2:29:af:ed:b4:4d:f4:08:c9:e8:fe:a2:
0e:79:a0:83:ca:34:cc:07:da:b3:fe:01:da:0f:06:8f:42:b0:
5e:14:7b:9c:47:44:22:61:77:53:36:5c:5e:6f:7f:df:f2:3a:
0d:df:df:cb:ee:b9:a9:cd:0e:19:ea:49:80:c0:ae:55:49:79:
1f:b4:bc:49:e7:f0:b7:4c:7f:e9:1f:72:e1:3c:25:b2:04:68:
60:c9:e4:4c:d3:7a:32:88:bf:e5:53:20:91:39:77:e0:72:8c:
b6:05:ce:d0:fb:d1:3f:33:25:68:c2:44:47:8c:99:08:55:9a:
d4:eb:5e:16:22:cb:07:f9:b4:50:f5:b2:b1:a4:52:7b:43:d0:
0f:ee:e1:37:b1:4a:52:24:2b:da:7e:13:bd:c2:ed:6e:d5:60:
d4:ce:bd:2f:59:a3:14:b7:1a:f7:6e:28:ff:ae:b9:9c:3c:7f:
1d:0e:a9:a0:db:05:bc:b5:97:04:bf:bf:cd:83:af:2c:21:e0:
50:ac:f4:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwgthVgN373G/YKtOv0lTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWFiYWUyYjBjYWU4NmM0MTk2YjAyMDc2NWI4MjNhMjAz
MjA3ZmMwHhcNMjMwMTAyMDMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGZiNTIzY2MzZTZkYWNlOGNmMzczYjViOGZhZDg3OWIxYzllYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIhcHIU6PAZYNN+/r0A6p1FoWEVl
nTgjDX1zHdsZ7ld8Tfe3AqF75JXLtrMdaLPbMxQcT2LiEWf6TuAtPpGcxMK0krDi
bt465OgfLYcX8sqUui2UAxBNSfYMA0E/zImWhg4yRhfeiz/N/7eWmPlFFsts4NnY
db46VTyt71unvlXwtceY8iZ8VsMJpoK5oBt2Enmy49J7IgKWox39w4lEEEqZTH2c
m931bWqOaS922UD2Ys8QX5E6dZiAE5fjl1TJFJeYdMO/SZAJCPL9qKVo/ZcF6RQD
qT4Mo0yZH2DJAPfzC/1nMnnG6nZFvV9CFjIecFvLdWz0Gkob8ZA/QK6PCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBD7UjzD5trOjPNztbj62HmxyeufMB8GA1UdIwQY
MBaAFGWauuKwyuhsQZawIHZbgjogMgf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpxNjRyREs2R3hCbHJBZ2RsdUNPaUF5Ql93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni82OTRkOWItMGUxYy00M2FkLWFjOTgt
MDJhYWM4YjU5NmRjLzEvRVB0U1BNUG0yczZNODNPMXVQclllYkhKNjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni82OTRkOWItMGUxYy00M2FkLWFjOTgtMDJhYWM4YjU5NmRj
LzEvWlpxNjRyREs2R3hCbHJBZ2RsdUNPaUF5Ql93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH8jgAwQD
JchIAwQFbW4gAwQD2ZZIMA0GCSqGSIb3DQEBCwUAA4IBAQAcAV1vW+AIz58t4nbf
F2XWohV8eYDA4kSZKnwqFtyu+AjRC1EjEKIhqqzIJxlb6n1MiXcUtdrV6fP47wTS
Ka/ttE30CMno/qIOeaCDyjTMB9qz/gHaDwaPQrBeFHucR0QiYXdTNlxeb3/f8joN
39/L7rmpzQ4Z6kmAwK5VSXkftLxJ5/C3TH/pH3LhPCWyBGhgyeRM03oyiL/lUyCR
OXfgcoy2Bc7Q+9E/MyVowkRHjJkIVZrU614WIssH+bRQ9bKxpFJ7Q9AP7uE3sUpS
JCvafhO9wu1u1WDUzr0vWaMUtxr3bij/rrmcPH8dDqmg2wW8tZcEv7/Ng68sIeBQ
rPQ1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:19 2025 by rpki-client