Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/bFD78KZJl213gTVX1YM40jwAhkg.roa
File: bFD78KZJl213gTVX1YM40jwAhkg.roa (raw, json)
Hash identifier: UlM4ddx8GPsgxiQw0qtMnX8FA5HI6qT0QtkQdNWXHvw=
Subject key identifier: 6C:50:FB:F0:A6:49:97:6D:77:81:35:57:D5:83:38:D2:3C:00:86:48
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018C32C6D8D907B20E8E5E72AC42503A4D4C
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/bFD78KZJl213gTVX1YM40jwAhkg.roa
Signing time: Mon 04 Dec 2023 03:02:21 +0000
ROA not before: Mon 04 Dec 2023 03:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62419
IP address blocks: 62.201.237.0/24 maxlen: 24
185.90.104.0/22 maxlen: 24
185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:32:c6:d8:d9:07:b2:0e:8e:5e:72:ac:42:50:3a:4d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Dec 4 03:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c50fbf0a649976d77813557d58338d23c008648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:58:e9:80:c5:29:bd:5f:35:3d:ae:e1:02:6e:
30:0b:e1:7b:a7:d5:17:93:12:73:f9:86:d6:11:b9:
2c:0e:fa:3b:be:f1:28:15:2f:fc:ae:df:20:4c:5a:
51:f7:d5:0c:22:fd:4e:2c:3e:99:69:35:ce:ff:43:
8d:a5:1e:b4:bb:5f:54:e8:d2:13:8c:b9:0f:c8:dd:
1b:7f:9a:27:60:fc:5c:8e:4b:7a:4c:b3:8d:f1:b8:
6a:75:1e:ff:a7:32:c6:7f:3e:66:c8:70:cd:47:4d:
03:14:f4:c1:99:ed:62:02:48:24:5b:58:6d:4e:2a:
8e:4d:50:22:a7:34:34:2e:9f:4f:97:44:4a:62:c7:
43:80:c0:f4:5f:92:35:1e:57:50:9f:6b:a0:1e:98:
43:b5:be:80:ff:8a:d3:6f:d4:b7:b2:f9:ac:a8:98:
8a:0d:23:84:0e:84:6e:5e:c8:4e:ed:f8:31:8f:6a:
20:0b:dc:22:92:96:36:12:c9:57:7c:9a:80:19:02:
59:ee:2c:72:e0:db:ab:fc:93:ae:dd:cd:ac:b8:4b:
47:6b:81:29:d3:e5:bb:a3:70:75:eb:2e:2a:6a:52:
ba:03:d0:14:49:5a:27:ce:09:f7:d7:a1:b4:88:de:
b2:fe:31:75:6a:0e:e1:71:a8:73:bf:06:44:45:c9:
e7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:50:FB:F0:A6:49:97:6D:77:81:35:57:D5:83:38:D2:3C:00:86:48
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/bFD78KZJl213gTVX1YM40jwAhkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.206.0/24
62.201.237.0/24
62.201.248.0/24
185.90.104.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:66:c3:13:81:8f:44:37:8e:7e:5f:ce:e2:93:25:ea:c7:6e:
95:a4:ba:a7:0e:07:32:e0:23:8f:66:df:52:18:7a:b1:9c:e8:
5d:93:2c:65:ae:71:87:42:b9:03:42:47:0f:ba:c8:6e:59:29:
5c:47:38:1e:e2:0a:c9:8c:b6:d6:46:b3:04:65:d6:00:6f:03:
49:dc:a3:ff:90:0d:93:91:22:66:89:0f:df:3e:f9:4e:6d:d9:
9e:ee:18:be:32:09:64:ba:61:44:dc:47:2c:ee:ce:94:df:19:
ee:77:c6:fd:db:01:d7:83:08:34:92:b7:75:b9:f2:9d:c2:7c:
94:61:fa:8b:73:ad:0d:99:d5:b2:03:f2:90:eb:fb:33:51:25:
5c:76:f6:1b:e3:6b:8b:2b:42:ea:28:e3:a5:07:cd:67:df:cf:
0e:98:cb:5c:08:e4:75:ef:65:ac:bc:7a:80:7a:af:4c:f4:88:
36:8e:dd:58:cb:dc:50:a3:a1:85:21:ad:15:3b:37:bc:d2:cc:
b6:af:b2:df:1d:3d:38:73:e5:75:9f:63:a2:1a:19:0d:d4:b2:
f5:8d:80:54:71:c7:9b:f2:6f:f5:f6:8c:a1:f6:4c:f6:7f:64:
9d:66:dc:06:ed:62:f9:82:d9:49:f1:17:3c:a1:87:8c:3b:6e:
00:8a:a0:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwyxtjZB7IOjl5yrEJQOk1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMxMjA0MDMwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzUwZmJmMGE2NDk5NzZkNzc4MTM1NTdkNTgzMzhkMjNjMDA4NjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VjpgMUpvV81Pa7hAm4wC+F7p9UX
kxJz+YbWEbksDvo7vvEoFS/8rt8gTFpR99UMIv1OLD6ZaTXO/0ONpR60u19U6NIT
jLkPyN0bf5onYPxcjkt6TLON8bhqdR7/pzLGfz5myHDNR00DFPTBme1iAkgkW1ht
TiqOTVAipzQ0Lp9Pl0RKYsdDgMD0X5I1HldQn2ugHphDtb6A/4rTb9S3svmsqJiK
DSOEDoRuXshO7fgxj2ogC9wikpY2EslXfJqAGQJZ7ixy4Nur/JOu3c2suEtHa4Ep
0+W7o3B16y4qalK6A9AUSVonzgn316G0iN6y/jF1ag7hcahzvwZERcnnvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGxQ+/CmSZdtd4E1V9WDONI8AIZIMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvYkZENzhLWkpsMjEzZ1RWWDFZTTQwandBaGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPsnAAwQA
PsnOAwQAPsntAwQAPsn4AwQCuVpoMA0GCSqGSIb3DQEBCwUAA4IBAQC6ZsMTgY9E
N45+X87ikyXqx26VpLqnDgcy4COPZt9SGHqxnOhdkyxlrnGHQrkDQkcPushuWSlc
Rzge4grJjLbWRrMEZdYAbwNJ3KP/kA2TkSJmiQ/fPvlObdme7hi+MglkumFE3Ecs
7s6U3xnud8b92wHXgwg0krd1ufKdwnyUYfqLc60NmdWyA/KQ6/szUSVcdvYb42uL
K0LqKOOlB81n388OmMtcCOR172WsvHqAeq9M9Ig2jt1Yy9xQo6GFIa0VOze80sy2
r7LfHT04c+V1n2OiGhkN1LL1jYBUcceb8m/19oyh9kz2f2SdZtwG7WL5gtlJ8Rc8
oYeMO24AiqCX
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:15:48 2025 by rpki-client