Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/sYcqgfkq5aKX172NyHyXzz3iWwg.roa
File: sYcqgfkq5aKX172NyHyXzz3iWwg.roa (raw, json)
Hash identifier: eqvF5eQiefAtS4ZV97dWF4VCbvUik2ZWeX1JNsP7vNw=
Subject key identifier: B1:87:2A:81:F9:2A:E5:A2:97:D7:BD:8D:C8:7C:97:CF:3D:E2:5B:08
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 17F6A6BB
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/sYcqgfkq5aKX172NyHyXzz3iWwg.roa
Signing time: Sat 01 Jan 2022 04:00:22 +0000
ROA not before: Sat 01 Jan 2022 04:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50302
IP address blocks: 212.5.134.0/23 maxlen: 23
62.73.102.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402040507 (0x17f6a6bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 04:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1872a81f92ae5a297d7bd8dc87c97cf3de25b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a9:b2:46:e0:a3:74:6f:d8:c5:3f:d1:31:8e:
ca:65:35:26:06:e7:0a:74:a8:2a:b8:37:c9:aa:ed:
4e:5f:4a:4f:fa:cf:85:e1:96:eb:87:b5:23:82:ea:
11:2e:dc:02:4a:29:63:ea:4f:c0:3b:6f:f8:5a:18:
b0:73:08:16:20:29:f4:18:2f:da:a5:32:7a:b8:a2:
ec:d1:59:1e:09:a9:d9:66:30:37:4e:7b:e9:19:9d:
48:c5:52:78:03:9c:2b:89:47:c4:ee:7c:44:29:46:
f4:99:90:66:26:43:ff:8c:7c:04:f7:9a:d8:0c:ec:
9e:df:34:f0:dd:bf:90:d7:f3:ca:73:1c:3e:ef:02:
23:2b:9e:66:26:a7:73:0b:b8:ef:ac:7e:09:90:d8:
5f:a9:79:63:3e:ea:79:6e:0d:88:7a:1f:d6:cb:61:
92:5d:80:96:24:c3:dc:ba:03:d5:53:f3:f9:34:19:
5c:bb:06:dc:de:8e:6e:a9:1e:e0:09:e3:85:9a:64:
cc:fd:41:1b:9d:b5:91:15:b3:7c:35:6b:57:7f:b0:
a7:fa:d4:f9:07:37:ef:c2:17:d6:72:ea:1e:ba:bd:
4c:c5:a9:17:a5:82:3b:2b:ad:06:73:7b:25:3f:10:
b8:aa:1c:6b:58:db:20:a6:5f:f9:e0:0f:bb:94:79:
3e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:87:2A:81:F9:2A:E5:A2:97:D7:BD:8D:C8:7C:97:CF:3D:E2:5B:08
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/sYcqgfkq5aKX172NyHyXzz3iWwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.73.102.0/23
212.5.134.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:36:61:7f:7a:ec:a6:2f:94:c3:23:be:ae:9d:61:fe:b2:00:
25:12:4a:72:84:32:cc:bb:dd:6a:4b:77:7f:ba:ae:1c:e5:d7:
c8:38:9f:9f:58:85:dd:95:ed:37:d7:5c:e2:23:d3:cf:61:aa:
f0:94:22:d4:aa:90:aa:50:a8:f1:39:bb:9a:b1:20:fa:c5:4d:
20:93:e3:26:76:ad:2f:d0:e1:fd:dd:e9:e9:70:bd:8b:1e:b0:
7b:e9:cc:a6:3a:63:18:82:d3:a9:4a:ee:6f:d4:51:1d:98:57:
e8:5f:96:94:96:f8:34:6c:86:07:80:34:f1:69:05:5b:3d:1a:
74:ff:ea:92:92:b2:20:a7:52:86:08:1c:54:53:5d:2b:2c:ca:
e8:ef:32:28:dd:f1:48:28:a1:4e:ad:03:a4:56:02:5b:cf:dd:
72:23:42:ff:ea:9b:e0:e1:97:47:27:1f:49:f3:ca:d6:5a:15:
93:c9:05:fe:07:c9:dd:ad:c3:29:12:f3:6d:42:c0:be:44:69:
f8:8d:58:37:ee:9e:cc:9f:2a:df:92:a2:26:d9:91:a3:b5:12:
56:0b:fb:5d:60:87:bb:bc:e0:a6:68:4d:b2:46:e6:83:cc:49:
5e:b2:2b:ee:ca:b7:83:9f:19:a6:0b:8e:64:47:01:f4:78:d7:
74:58:c6:0c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEF/amuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjE4NzJhODFmOTJh
ZTVhMjk3ZDdiZDhkYzg3Yzk3Y2YzZGUyNWIwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqpskbgo3Rv2MU/0TGOymU1JgbnCnSoKrg3yartTl9KT/rP
heGW64e1I4LqES7cAkopY+pPwDtv+FoYsHMIFiAp9Bgv2qUyerii7NFZHgmp2WYw
N0576RmdSMVSeAOcK4lHxO58RClG9JmQZiZD/4x8BPea2Azsnt808N2/kNfzynMc
Pu8CIyueZiancwu476x+CZDYX6l5Yz7qeW4NiHof1sthkl2AliTD3LoD1VPz+TQZ
XLsG3N6Obqke4AnjhZpkzP1BG521kRWzfDVrV3+wp/rU+Qc378IX1nLqHrq9TMWp
F6WCOyutBnN7JT8QuKoca1jbIKZf+eAPu5R5PlsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSxhyqB+SrlopfXvY3IfJfPPeJbCDAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L3NZY3FnZmtxNWFLWDE3Mk55SHlYenozaVd3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAT5JZgMEAdQFhjANBgkqhkiG9w0B
AQsFAAOCAQEAezZhf3rspi+UwyO+rp1h/rIAJRJKcoQyzLvdakt3f7quHOXXyDif
n1iF3ZXtN9dc4iPTz2Gq8JQi1KqQqlCo8Tm7mrEg+sVNIJPjJnatL9Dh/d3p6XC9
ix6we+nMpjpjGILTqUrub9RRHZhX6F+WlJb4NGyGB4A08WkFWz0adP/qkpKyIKdS
hggcVFNdKyzK6O8yKN3xSCihTq0DpFYCW8/dciNC/+qb4OGXRycfSfPK1loVk8kF
/gfJ3a3DKRLzbULAvkRp+I1YN+6ezJ8q35KiJtmRo7USVgv7XWCHu7zgpmhNskbm
g8xJXrIr7sq3g58ZpguOZEcB9HjXdFjGDA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:58 2025 by rpki-client