Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/62IwHDDisxBVPSCU9OWpE5uuF4o.roa
File: 62IwHDDisxBVPSCU9OWpE5uuF4o.roa (raw, json)
Hash identifier: gj+kjMR2fhn3Rx7M1ClGx8CIhOCCWdf3gJZ42j02r7U=
Subject key identifier: EB:62:30:1C:30:E2:B3:10:55:3D:20:94:F4:E5:A9:13:9B:AE:17:8A
Certificate issuer: /CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Certificate serial: 0188D3078122D57E681E836FA6AA933F1AB2
Authority key identifier: 72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/62IwHDDisxBVPSCU9OWpE5uuF4o.roa
Signing time: Mon 19 Jun 2023 09:41:04 +0000
ROA not before: Mon 19 Jun 2023 09:41:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2593
IP address blocks: 95.140.128.0/21 maxlen: 21
185.213.112.0/24 maxlen: 24
185.213.114.0/24 maxlen: 24
185.213.113.0/24 maxlen: 24
2a09:8d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:07:81:22:d5:7e:68:1e:83:6f:a6:aa:93:3f:1a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Validity
Not Before: Jun 19 09:41:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb62301c30e2b310553d2094f4e5a9139bae178a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:a6:5e:62:67:29:b4:4a:d5:23:4b:0c:c3:
75:8c:37:d4:c8:35:c2:f3:72:2c:88:4c:57:9a:f0:
a9:38:53:18:be:d2:a3:a0:9f:44:c3:49:22:4f:ef:
2c:7d:17:22:30:b8:5d:9b:fe:88:dc:24:e0:0c:e9:
ec:11:fe:39:a0:ab:51:6f:61:fe:a6:93:16:7f:5e:
37:19:1e:a9:23:31:23:83:86:0d:ed:30:36:0f:f7:
c6:57:a0:4b:2b:28:28:bc:01:f0:5f:eb:01:e9:26:
03:7d:28:55:b3:1c:19:7c:47:44:3f:8b:b6:0a:e4:
a8:50:d5:a4:55:e4:24:6c:2c:a8:87:13:e9:db:87:
ed:de:3a:8c:8d:15:fa:bf:0c:5b:0a:0a:a2:97:d4:
50:99:ea:2e:37:97:bb:21:2a:c9:fe:16:75:df:c3:
1a:cb:42:ce:2b:8b:ef:df:7e:3e:e7:2f:bd:8e:0d:
26:54:c5:5f:4f:d6:a6:4c:60:7f:44:e8:b5:14:e8:
9b:e2:2b:18:1a:6d:3e:8e:fd:f4:72:4f:2f:d3:74:
43:bb:e7:e9:76:20:ad:98:4d:46:3e:95:2b:ab:ee:
91:16:13:de:4d:65:50:f1:44:37:c7:0e:92:41:8b:
83:49:e6:5a:99:7c:f9:f4:8a:89:1d:a4:69:f4:83:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:62:30:1C:30:E2:B3:10:55:3D:20:94:F4:E5:A9:13:9B:AE:17:8A
X509v3 Authority Key Identifier:
keyid:72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/62IwHDDisxBVPSCU9OWpE5uuF4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/cgmO-q6AY8rOzE8cGgtkSDu2lQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.128.0/21
185.213.112.0-185.213.114.255
IPv6:
2a09:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
7c:20:c5:55:48:f0:35:ab:2e:11:6b:b6:8f:51:7e:50:63:53:
a1:82:8f:10:c7:48:7a:89:cc:a7:3d:7b:7a:7c:93:59:ea:f9:
0d:0e:3b:fd:7a:d9:e0:18:fe:df:24:bd:b0:5c:c7:eb:e3:9e:
8b:87:a7:13:b4:8b:fe:84:7f:1c:8d:5a:ac:e1:4d:5a:49:3a:
98:79:4a:09:2b:e6:5c:a3:23:f6:08:ba:0b:75:0a:0a:fd:92:
f1:3d:92:0a:a3:53:fe:3e:06:fd:92:0d:3e:62:f3:2c:af:e2:
d2:be:cf:ad:6e:00:75:78:cb:aa:cb:bb:c4:47:c6:1c:3f:fd:
21:56:04:e5:d7:30:98:47:5a:f9:97:ad:e8:66:10:98:56:b9:
de:e7:e4:b7:45:61:f9:70:2c:5f:34:7f:79:e7:95:3b:18:35:
a2:dc:12:3a:37:47:07:50:69:e1:45:6d:53:27:cf:cc:6b:1e:
b8:99:63:dc:50:5f:9e:c1:c6:09:78:f0:58:39:c4:ff:12:41:
a3:8d:32:1a:46:71:98:78:ff:65:26:e3:95:fc:9d:8d:03:37:
74:00:7a:39:e1:a3:e6:3f:2e:b4:6b:ac:77:9b:65:70:3b:04:
da:53:c9:62:25:e6:3b:e2:33:d5:be:99:38:2d:3e:40:d7:9e:
1d:2b:fd:49
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYjTB4Ei1X5oHoNvpqqTPxqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDk4ZWZhYWU4MDYzY2FjZWNjNGYxYzFhMGI2NDQ4M2Ji
Njk1MDMwHhcNMjMwNjE5MDk0MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjYyMzAxYzMwZTJiMzEwNTUzZDIwOTRmNGU1YTkxMzliYWUxNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXymXmJnKbRK1SNLDMN1jDfUyDXC
83IsiExXmvCpOFMYvtKjoJ9Ew0kiT+8sfRciMLhdm/6I3CTgDOnsEf45oKtRb2H+
ppMWf143GR6pIzEjg4YN7TA2D/fGV6BLKygovAHwX+sB6SYDfShVsxwZfEdEP4u2
CuSoUNWkVeQkbCyohxPp24ft3jqMjRX6vwxbCgqil9RQmeouN5e7ISrJ/hZ138Ma
y0LOK4vv334+5y+9jg0mVMVfT9amTGB/ROi1FOib4isYGm0+jv30ck8v03RDu+fp
diCtmE1GPpUrq+6RFhPeTWVQ8UQ3xw6SQYuDSeZamXz59IqJHaRp9INRAQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOtiMBww4rMQVT0glPTlqRObrheKMB8GA1UdIwQY
MBaAFHIJjvqugGPKzsxPHBoLZEg7tpUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dtTy1xNkFZOHJPekU4Y0dndGtTRHUybFFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGRhZjYtNDQ4ZC00ZjNlLTk0NGEt
NTczY2E1YTYwOWMwLzEvNjJJd0hERGlzeEJWUFNDVTlPV3BFNXV1RjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGRhZjYtNDQ4ZC00ZjNlLTk0NGEtNTczY2E1YTYwOWMw
LzEvY2dtTy1xNkFZOHJPekU4Y0dndGtTRHUybFFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDX4yAMAwD
BAS51XADBAC51XIwDQQCAAIwBwMFAyoJjQAwDQYJKoZIhvcNAQELBQADggEBAHwg
xVVI8DWrLhFrto9RflBjU6GCjxDHSHqJzKc9e3p8k1nq+Q0OO/162eAY/t8kvbBc
x+vjnouHpxO0i/6EfxyNWqzhTVpJOph5Sgkr5lyjI/YIugt1Cgr9kvE9kgqjU/4+
Bv2SDT5i8yyv4tK+z61uAHV4y6rLu8RHxhw//SFWBOXXMJhHWvmXrehmEJhWud7n
5LdFYflwLF80f3nnlTsYNaLcEjo3RwdQaeFFbVMnz8xrHriZY9xQX57Bxgl48Fg5
xP8SQaONMhpGcZh4/2Um45X8nY0DN3QAejnho+Y/LrRrrHebZXA7BNpTyWIl5jvi
M9W+mTgtPkDXnh0r/Uk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:08:38 2025 by rpki-client