Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/aTx5V4ozrRJK7raMGolWo11peNc.roa
File: aTx5V4ozrRJK7raMGolWo11peNc.roa (raw, json)
Hash identifier: FaMOH9PtpeBwnKm0KRMzWDTs86UoCIt6O7Or4F+n5H0=
Subject key identifier: 69:3C:79:57:8A:33:AD:12:4A:EE:B6:8C:1A:89:56:A3:5D:69:78:D7
Certificate issuer: /CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Certificate serial: 01149AAC
Authority key identifier: DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/aTx5V4ozrRJK7raMGolWo11peNc.roa
Signing time: Wed 09 Feb 2022 11:18:44 +0000
ROA not before: Wed 09 Feb 2022 11:18:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 62.201.32.0/21 maxlen: 21
62.201.40.0/24 maxlen: 24
62.201.43.0/24 maxlen: 24
62.201.44.0/22 maxlen: 22
62.201.41.0/24 maxlen: 24
62.201.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18127532 (0x1149aac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Validity
Not Before: Feb 9 11:18:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=693c79578a33ad124aeeb68c1a8956a35d6978d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:45:06:cf:42:c0:69:a4:88:29:07:9f:15:f5:
e9:e7:7e:ae:fc:a6:f3:a9:74:9d:65:03:28:f1:82:
74:7b:67:6c:0d:c9:f9:16:ed:80:c4:15:17:19:8d:
da:7c:2d:86:d9:cd:6f:47:49:47:f8:22:10:7f:9d:
3f:d2:a7:78:91:e8:a4:5b:ff:bc:dc:86:dd:2c:cb:
94:fc:35:50:f8:54:6c:be:1b:63:9e:27:62:ba:f5:
65:7c:31:ec:c7:59:41:0d:f3:3f:2f:73:70:47:32:
0f:6b:1e:94:86:65:9f:65:65:c0:e8:f0:81:60:b0:
a8:3f:fb:04:27:dd:36:d1:ca:dc:a4:0f:8e:15:61:
56:f7:31:9e:eb:d3:73:91:fb:53:77:4b:0b:00:e4:
8d:3c:3f:a6:84:03:0c:50:a2:e2:d1:c2:96:f7:0a:
dd:09:8c:46:f6:6f:c9:89:93:15:34:6b:5d:04:b7:
72:18:39:32:60:b0:03:44:10:cd:6c:03:fb:27:18:
d1:b2:96:de:eb:76:d9:b3:94:8a:20:81:b7:c2:8b:
22:38:f5:5e:0f:43:c9:09:7e:18:95:c8:ca:c8:15:
10:53:a2:2c:50:09:b6:83:f9:b9:ef:23:49:a6:28:
53:cd:45:ed:71:70:61:ea:c3:52:93:c9:38:b4:99:
a2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3C:79:57:8A:33:AD:12:4A:EE:B6:8C:1A:89:56:A3:5D:69:78:D7
X509v3 Authority Key Identifier:
keyid:DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/aTx5V4ozrRJK7raMGolWo11peNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/35xk4XC38lXXyjADXWUyyJV-sWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.32.0-62.201.41.255
62.201.43.0-62.201.63.255
Signature Algorithm: sha256WithRSAEncryption
a0:f9:67:ec:d0:83:70:46:10:fb:3f:9d:ac:f6:f0:5f:45:3b:
8b:fd:74:c3:a6:46:ec:a8:b2:86:01:d3:f6:86:ad:d1:26:57:
eb:07:89:81:66:f0:fe:1e:ca:84:d9:90:74:18:96:00:38:6c:
52:8d:89:73:7a:0e:62:30:c1:68:73:08:f1:4d:bf:33:a5:05:
cd:12:41:9c:51:5b:11:f0:d6:0c:ae:de:a7:b8:ab:f0:84:37:
23:62:50:29:07:64:e1:8d:af:b6:7b:f8:29:03:46:d9:81:80:
8a:74:f8:bb:68:95:78:29:d8:23:ba:a0:07:f6:30:ba:57:ce:
2d:f4:45:86:0d:52:d1:31:11:21:09:6b:92:50:04:df:92:7b:
73:95:cf:c3:d9:3a:83:70:4a:fd:fd:35:44:29:a9:ea:ef:f8:
3a:33:c7:35:c4:40:3e:37:b2:e9:ab:8b:b7:59:03:79:e4:93:
56:18:0c:21:98:de:04:7e:70:05:cb:10:c8:d9:c1:35:7c:4d:
9f:2e:a6:f1:bf:83:63:c3:98:9a:db:66:36:ad:f6:0c:eb:23:
76:fc:f6:f8:a2:5b:29:27:5e:43:0a:2c:a8:80:b1:b5:b8:3c:
4a:24:50:18:60:3e:bb:e8:40:b7:08:6a:86:76:6a:a8:92:45:
a3:68:fb:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEARSarDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjljNjRlMTcwYjdmMjU1ZDdjYTMwMDM1ZDY1MzJjODk1N2ViMTY5MB4XDTIyMDIw
OTExMTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjkzYzc5NTc4YTMz
YWQxMjRhZWViNjhjMWE4OTU2YTM1ZDY5NzhkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1FBs9CwGmkiCkHnxX16ed+rvym86l0nWUDKPGCdHtnbA3J
+RbtgMQVFxmN2nwthtnNb0dJR/giEH+dP9KneJHopFv/vNyG3SzLlPw1UPhUbL4b
Y54nYrr1ZXwx7MdZQQ3zPy9zcEcyD2selIZln2VlwOjwgWCwqD/7BCfdNtHK3KQP
jhVhVvcxnuvTc5H7U3dLCwDkjTw/poQDDFCi4tHClvcK3QmMRvZvyYmTFTRrXQS3
chg5MmCwA0QQzWwD+ycY0bKW3ut22bOUiiCBt8KLIjj1Xg9DyQl+GJXIysgVEFOi
LFAJtoP5ue8jSaYoU81F7XFwYerDUpPJOLSZolkCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRpPHlXijOtEkrutowaiVajXWl41zAfBgNVHSMEGDAWgBTfnGThcLfyVdfK
MANdZTLIlX6xaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM1eGs0WEMzOGxYWHlqQURYV1V5eUpWLXNXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYWJkMTJmLTFkNjYtNDEyZi05YmUyLTI4Y2IzYmJmMDVhZS8x
L2FUeDVWNG96clJKSzdyYU1Hb2xXbzExcGVOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YWJkMTJmLTFkNjYtNDEyZi05YmUyLTI4Y2IzYmJmMDVhZS8xLzM1eGs0WEMzOGxY
WHlqQURYV1V5eUpWLXNXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQFPskgAwQBPskoMAwDBAA+ySsD
BAY+yQAwDQYJKoZIhvcNAQELBQADggEBAKD5Z+zQg3BGEPs/naz28F9FO4v9dMOm
RuyosoYB0/aGrdEmV+sHiYFm8P4eyoTZkHQYlgA4bFKNiXN6DmIwwWhzCPFNvzOl
Bc0SQZxRWxHw1gyu3qe4q/CENyNiUCkHZOGNr7Z7+CkDRtmBgIp0+LtolXgp2CO6
oAf2MLpXzi30RYYNUtExESEJa5JQBN+Se3OVz8PZOoNwSv39NUQpqerv+DozxzXE
QD43sumri7dZA3nkk1YYDCGY3gR+cAXLEMjZwTV8TZ8upvG/g2PDmJrbZjat9gzr
I3b89viiWyknXkMKLKiAsbW4PEokUBhgPrvoQLcIaoZ2aqiSRaNo+0A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:02 2023 by rpki-client on console-fra.rpki-client.org