Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/BK2wSYP733K3fqMJuLzyYXmPp3c.roa
File: BK2wSYP733K3fqMJuLzyYXmPp3c.roa (raw, json)
Hash identifier: ZhIlTB0taToxGnjvBxr7j+VPJooKAwYl55+OCJC+BIs=
Subject key identifier: 04:AD:B0:49:83:FB:DF:72:B7:7E:A3:09:B8:BC:F2:61:79:8F:A7:77
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C3F9E1963BACC552B64FCCDBFAE2200E3
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/BK2wSYP733K3fqMJuLzyYXmPp3c.roa
Signing time: Wed 06 Dec 2023 14:52:54 +0000
ROA not before: Wed 06 Dec 2023 14:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207579
IP address blocks: 62.122.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:9e:19:63:ba:cc:55:2b:64:fc:cd:bf:ae:22:00:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 6 14:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04adb04983fbdf72b77ea309b8bcf261798fa777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7c:93:6d:42:b5:ce:14:24:c8:dd:12:ab:ad:
65:28:0e:90:9a:26:43:c1:17:0a:4a:b0:36:05:aa:
fd:29:8f:c3:1d:16:25:bf:b3:08:8f:0e:14:6c:4d:
cf:eb:d9:61:3b:3f:55:d0:78:60:ad:c5:de:47:fa:
55:d1:bc:71:da:9c:8a:4c:d8:6a:b4:d1:e3:f6:e1:
6c:33:31:5f:e5:6b:66:40:34:66:c6:e3:43:24:44:
64:31:8a:c0:42:1a:67:8a:34:9d:08:cd:12:68:17:
cf:fa:76:6e:b5:f5:b8:30:bf:48:eb:b0:69:a3:38:
2c:80:28:5a:9d:29:d3:5f:a5:e7:3c:5e:9e:77:03:
0a:0f:25:61:76:01:59:dd:c0:24:8c:0f:ce:3a:fa:
0f:91:64:aa:b2:9f:b4:24:6b:c5:51:f1:dd:f1:43:
0b:27:c8:4d:6b:6e:05:9b:6f:32:87:f5:8e:fd:1c:
8d:dc:98:cd:fd:96:e2:ce:c3:b1:75:7b:12:d2:95:
55:7d:56:a3:bf:40:ab:37:3a:21:b0:e0:15:f4:0a:
74:ce:8e:cd:a3:57:98:b6:46:ba:bf:5d:0c:ef:2f:
c9:76:1f:10:57:8e:5a:28:7a:cb:42:0f:7e:bf:6f:
a1:86:89:aa:f6:a9:37:bf:96:64:a4:51:48:b4:da:
e6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AD:B0:49:83:FB:DF:72:B7:7E:A3:09:B8:BC:F2:61:79:8F:A7:77
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/BK2wSYP733K3fqMJuLzyYXmPp3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.229.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:74:8b:27:d7:3c:b1:98:40:f6:1f:3a:ad:7b:62:93:53:1e:
1b:cd:7c:44:84:9c:07:3a:f1:86:33:3e:3c:17:9f:5f:49:37:
bf:54:4b:83:39:71:b2:ce:d9:43:2c:3a:6d:6a:77:9e:97:44:
2d:df:22:8e:db:77:f7:6f:c6:4b:5b:a3:91:7c:9a:5a:cc:81:
ae:f8:2d:a8:8d:b2:e8:f7:00:35:92:40:8d:6a:e1:22:a4:4e:
14:bd:bf:7f:e6:4b:a1:bf:eb:fd:a3:3c:96:b4:b7:d8:61:f6:
36:ea:10:71:98:5d:56:0b:b4:63:cf:2e:0e:16:67:41:c5:18:
a2:18:00:5b:c4:2b:3b:bd:6c:b0:11:51:ab:3c:9f:1c:ab:6c:
cc:7f:7f:28:08:c0:55:df:d1:75:e6:db:ab:ba:51:45:8a:01:
fa:98:a6:05:0f:74:3d:ab:aa:83:c9:c0:a2:fb:68:45:04:da:
13:28:a3:b2:d8:9c:bd:e0:2f:6a:1f:7f:01:3d:57:c5:92:4f:
42:56:fc:a5:19:c8:ed:80:de:42:00:20:7d:bc:34:a3:a0:01:
ea:44:b9:2e:63:70:dd:6e:7c:d7:cf:c1:cb:1b:11:8a:eb:57:
fa:9a:21:d0:37:93:01:99:55:61:25:45:e5:28:42:41:46:da:
1b:9a:ae:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw/nhljusxVK2T8zb+uIgDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjA2MTQ1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFkYjA0OTgzZmJkZjcyYjc3ZWEzMDliOGJjZjI2MTc5OGZhNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXyTbUK1zhQkyN0Sq61lKA6QmiZD
wRcKSrA2Bar9KY/DHRYlv7MIjw4UbE3P69lhOz9V0HhgrcXeR/pV0bxx2pyKTNhq
tNHj9uFsMzFf5WtmQDRmxuNDJERkMYrAQhpnijSdCM0SaBfP+nZutfW4ML9I67Bp
ozgsgChanSnTX6XnPF6edwMKDyVhdgFZ3cAkjA/OOvoPkWSqsp+0JGvFUfHd8UML
J8hNa24Fm28yh/WO/RyN3JjN/ZbizsOxdXsS0pVVfVajv0CrNzohsOAV9Ap0zo7N
o1eYtka6v10M7y/Jdh8QV45aKHrLQg9+v2+hhomq9qk3v5ZkpFFItNrmpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAStsEmD+99yt36jCbi88mF5j6d3MB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvQksyd1NZUDczM0szZnFNSnVMenlZWG1QcDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPnrlMA0G
CSqGSIb3DQEBCwUAA4IBAQCpdIsn1zyxmED2Hzqte2KTUx4bzXxEhJwHOvGGMz48
F59fSTe/VEuDOXGyztlDLDptaneel0Qt3yKO23f3b8ZLW6ORfJpazIGu+C2ojbLo
9wA1kkCNauEipE4Uvb9/5kuhv+v9ozyWtLfYYfY26hBxmF1WC7Rjzy4OFmdBxRii
GABbxCs7vWywEVGrPJ8cq2zMf38oCMBV39F15turulFFigH6mKYFD3Q9q6qDycCi
+2hFBNoTKKOy2Jy94C9qH38BPVfFkk9CVvylGcjtgN5CACB9vDSjoAHqRLkuY3Dd
bnzXz8HLGxGK61f6miHQN5MBmVVhJUXlKEJBRtobmq6c
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:42:24 2025 by rpki-client