Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/aGIYa09t11PpQ0-U8KVTBeEV-hg.roa
File: aGIYa09t11PpQ0-U8KVTBeEV-hg.roa (raw, json)
Hash identifier: Bq2n3VOHvTpXadAKYNlQx3BwNty5YLCx79I7B282v0Y=
Subject key identifier: 68:62:18:6B:4F:6D:D7:53:E9:43:4F:94:F0:A5:53:05:E1:15:FA:18
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 065DFCD1
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/aGIYa09t11PpQ0-U8KVTBeEV-hg.roa
Signing time: Sat 01 Jan 2022 07:58:15 +0000
ROA not before: Sat 01 Jan 2022 07:58:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28968
IP address blocks: 212.59.96.0/20 maxlen: 20
62.181.34.0/23 maxlen: 23
62.181.36.0/22 maxlen: 22
77.232.32.0/23 maxlen: 23
62.181.48.0/23 maxlen: 23
77.232.35.0/24 maxlen: 24
62.181.46.0/23 maxlen: 23
62.181.56.0/21 maxlen: 21
62.181.56.0/22 maxlen: 22
77.232.48.0/23 maxlen: 23
2a00:f460::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106822865 (0x65dfcd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jan 1 07:58:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6862186b4f6dd753e9434f94f0a55305e115fa18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b0:4d:1f:cd:d4:83:cc:8c:2c:0d:d8:a8:a3:
ea:5f:ff:d2:da:fd:55:9d:e4:a2:6b:40:fe:5f:ec:
59:f0:67:b2:5a:94:7a:f4:11:fd:b5:89:5b:3e:3e:
c3:a6:20:f4:62:74:4e:17:9b:8d:cd:7d:94:6e:2c:
b0:66:57:d2:41:5d:35:7e:a0:67:c0:b6:03:6d:02:
51:7a:ce:42:94:ef:43:7b:d3:d9:44:b0:fc:90:ba:
c6:a1:cb:d6:3d:d8:d5:2d:73:32:d4:ae:09:a8:2d:
a7:3f:f2:0a:58:3e:a2:23:71:5d:76:75:6a:07:eb:
bd:3c:48:0c:02:50:cf:09:f6:8d:0f:a8:21:39:5d:
8c:d3:c2:af:71:4d:c6:6c:35:ac:3b:ad:1c:3a:53:
1c:be:39:64:12:ac:92:2d:69:97:d5:eb:7a:65:51:
f3:e2:a0:88:72:ac:35:22:4d:ff:9a:b3:28:90:33:
6d:a2:7d:61:e2:6e:72:9d:0a:62:15:7d:ea:94:7f:
cb:c2:8a:03:69:f4:dd:bc:a7:3f:94:06:b7:6d:6c:
9f:8a:c0:09:c7:79:95:ba:de:3b:6b:90:bf:36:6c:
ec:c3:0d:b9:58:7f:7f:c7:ae:77:46:b3:73:3c:a0:
2b:40:33:ab:1b:ad:06:7b:f8:cc:dc:a9:4d:6d:df:
9a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:62:18:6B:4F:6D:D7:53:E9:43:4F:94:F0:A5:53:05:E1:15:FA:18
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/aGIYa09t11PpQ0-U8KVTBeEV-hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.34.0-62.181.39.255
62.181.46.0-62.181.49.255
62.181.56.0/21
77.232.32.0/23
77.232.35.0/24
77.232.48.0/23
212.59.96.0/20
IPv6:
2a00:f460::/32
Signature Algorithm: sha256WithRSAEncryption
49:d9:e2:3b:d4:cb:d9:f4:b7:c9:d2:47:fb:a4:25:cf:cd:24:
2f:56:23:11:0b:b1:9e:9c:0e:84:3d:d7:46:b5:20:94:28:5c:
18:e2:f2:42:d3:ef:74:81:2f:9f:14:36:d4:77:b8:a5:9c:c0:
ac:8d:a3:b0:19:51:ee:bb:27:ae:5c:5f:4c:b9:1c:72:6a:96:
9b:b1:2f:0a:86:bb:98:ea:11:50:84:cb:18:2c:ab:06:10:b6:
7d:e1:31:a8:11:a8:5c:24:46:f2:d1:cd:c6:6a:6d:26:de:db:
1e:44:65:c0:b7:3e:78:90:09:4a:5d:56:7c:49:fc:dd:21:13:
72:fa:4f:89:c8:d6:4d:84:a5:8f:6b:7a:b6:18:c5:c0:8f:d9:
2b:63:d6:12:a3:ee:f7:e2:ed:c8:4e:e9:06:fa:da:29:94:30:
42:53:87:80:d0:00:86:d8:b7:ef:6b:a5:cc:89:55:72:50:d5:
cc:40:8c:a9:25:14:4f:ee:40:53:33:e5:e4:70:25:01:42:ea:
99:e2:63:3c:fc:26:e4:3e:51:69:90:16:44:44:38:fe:74:fe:
68:b7:20:61:5f:9f:f6:a4:2f:f8:32:4b:b6:2b:ec:84:54:c0:
94:88:27:7d:85:f8:71:60:a8:23:ca:ea:1e:63:c3:a5:f2:31:
69:21:44:2e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIEBl380TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2I1NjQ2YjM2MDM3OTkyNGNiNmQ5YzNkOTk2NjljZTdmM2IyY2EyMB4XDTIyMDEw
MTA3NTgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg2MjE4NmI0ZjZk
ZDc1M2U5NDM0Zjk0ZjBhNTUzMDVlMTE1ZmExODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALewTR/N1IPMjCwN2Kij6l//0tr9VZ3komtA/l/sWfBnslqU
evQR/bWJWz4+w6Yg9GJ0Thebjc19lG4ssGZX0kFdNX6gZ8C2A20CUXrOQpTvQ3vT
2USw/JC6xqHL1j3Y1S1zMtSuCagtpz/yClg+oiNxXXZ1agfrvTxIDAJQzwn2jQ+o
ITldjNPCr3FNxmw1rDutHDpTHL45ZBKski1pl9XremVR8+KgiHKsNSJN/5qzKJAz
baJ9YeJucp0KYhV96pR/y8KKA2n03bynP5QGt21sn4rACcd5lbreO2uQvzZs7MMN
uVh/f8eud0azczygK0AzqxutBnv4zNypTW3fmoECAwEAAaOCAkwwggJIMB0GA1Ud
DgQWBBRoYhhrT23XU+lDT5TwpVMF4RX6GDAfBgNVHSMEGDAWgBTztWRrNgN5kky2
2cPZlmnOfzssojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg3VmthellEZVpKTXR0bkQyWlpwem44N0xLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNTcyZWE2LTE0MzYtNGYyNi1hZjU3LTU5NzU5MTNmNTJjNS8x
L2FHSVlhMDl0MTFQcFEwLVU4S1ZUQmVFVi1oZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NTcyZWE2LTE0MzYtNGYyNi1hZjU3LTU5NzU5MTNmNTJjNS8xLzg3VmthellEZVpK
TXR0bkQyWlpwem44N0xLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBi
BggrBgEFBQcBBwEB/wRTMFEwQAQCAAEwOjAMAwQBPrUiAwQDPrUgMAwDBAE+tS4D
BAE+tTADBAM+tTgDBAFN6CADBABN6CMDBAFN6DADBATUO2AwDQQCAAIwBwMFACoA
9GAwDQYJKoZIhvcNAQELBQADggEBAEnZ4jvUy9n0t8nSR/ukJc/NJC9WIxELsZ6c
DoQ910a1IJQoXBji8kLT73SBL58UNtR3uKWcwKyNo7AZUe67J65cX0y5HHJqlpux
LwqGu5jqEVCEyxgsqwYQtn3hMagRqFwkRvLRzcZqbSbe2x5EZcC3PniQCUpdVnxJ
/N0hE3L6T4nI1k2EpY9rerYYxcCP2Stj1hKj7vfi7chO6Qb62imUMEJTh4DQAIbY
t+9rpcyJVXJQ1cxAjKklFE/uQFMz5eRwJQFC6pniYzz8JuQ+UWmQFkREOP50/mi3
IGFfn/akL/gyS7Yr7IRUwJSIJ32F+HFgqCPK6h5jw6XyMWkhRC4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:02 2025 by rpki-client