Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/dUtzYi-9dBFnL-wBc89P38wGxwQ.roa
File: dUtzYi-9dBFnL-wBc89P38wGxwQ.roa (raw, json)
Hash identifier: Gz+YKg1/UAIqnOTI+9BiylT18MLHV16cgAi8Gx7IdBg=
Subject key identifier: 75:4B:73:62:2F:BD:74:11:67:2F:EC:01:73:CF:4F:DF:CC:06:C7:04
Certificate issuer: /CN=7d59659636089e32324697629c218da38a2b673d
Certificate serial: 01848CC29F8924075EA36E6E1CF0EDC719CB
Authority key identifier: 7D:59:65:96:36:08:9E:32:32:46:97:62:9C:21:8D:A3:8A:2B:67:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/dUtzYi-9dBFnL-wBc89P38wGxwQ.roa
Signing time: Fri 18 Nov 2022 22:01:15 +0000
ROA not before: Fri 18 Nov 2022 22:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197540
IP address blocks: 202.61.192.0/20 maxlen: 22
202.61.224.0/20 maxlen: 24
202.61.240.0/20 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8c:c2:9f:89:24:07:5e:a3:6e:6e:1c:f0:ed:c7:19:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d59659636089e32324697629c218da38a2b673d
Validity
Not Before: Nov 18 22:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=754b73622fbd7411672fec0173cf4fdfcc06c704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:35:08:11:e5:71:2d:cd:80:99:39:6f:74:05:
28:11:d5:aa:21:ed:0b:f4:14:bb:c2:67:d7:6e:50:
98:32:f6:97:4b:be:15:d4:a1:4c:6f:b4:82:e9:35:
a9:96:c6:e1:ec:cb:f9:2c:34:20:d7:2a:62:2d:f9:
4a:98:0b:fe:d0:05:48:ab:89:81:ac:a6:69:0a:3e:
9b:db:37:da:73:7d:a8:70:0a:48:01:fb:6b:59:a4:
a1:9b:02:bf:3a:fa:39:73:06:cb:aa:c3:8f:86:ae:
6d:7b:dd:2c:04:cd:35:be:dc:4b:3b:49:96:59:0d:
41:c5:b2:ab:2d:a8:65:9f:8e:38:1c:fe:4e:e0:97:
be:27:8d:e6:9b:c3:43:6b:47:3f:2c:06:ee:fa:cd:
61:11:eb:92:2d:00:40:82:38:67:68:e9:8a:cd:15:
52:96:6e:bc:68:39:96:18:c6:a3:2b:49:fd:f1:ca:
4b:0b:59:06:f6:69:c6:69:b6:c5:3f:a9:f9:f9:4f:
36:07:5a:7f:3e:dc:cb:3e:14:5e:06:d0:f7:20:5a:
27:6b:ca:ac:c1:a2:82:ed:c5:3e:9b:0c:ea:9c:da:
ac:5a:ba:64:2d:0e:84:3e:15:e4:17:5f:2a:ba:6b:
6f:c8:bd:0d:c3:a9:74:13:85:e7:cc:af:85:96:cc:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4B:73:62:2F:BD:74:11:67:2F:EC:01:73:CF:4F:DF:CC:06:C7:04
X509v3 Authority Key Identifier:
keyid:7D:59:65:96:36:08:9E:32:32:46:97:62:9C:21:8D:A3:8A:2B:67:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVllljYInjIyRpdinCGNo4orZz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/dUtzYi-9dBFnL-wBc89P38wGxwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/652ef0-ae30-45ba-9970-6c1cf725d8f7/1/fVllljYInjIyRpdinCGNo4orZz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.61.192.0/20
202.61.224.0/19
Signature Algorithm: sha256WithRSAEncryption
07:47:d7:c4:b3:4b:35:3b:e0:3b:a7:66:92:d3:f7:b3:d7:ec:
ad:d5:61:a6:1c:1a:cc:b1:3b:bb:1d:c1:08:a1:bb:b7:4b:1f:
e3:26:b3:01:3a:70:95:19:26:33:d0:d0:c7:b4:45:28:2e:c9:
23:e7:36:05:1b:12:0d:8b:1e:04:01:04:61:44:11:76:4f:16:
45:a4:f6:20:69:95:56:37:e1:4a:a2:84:14:8f:13:63:c7:9a:
5c:4c:89:e6:15:e8:99:0d:74:d2:ed:0c:55:02:be:fd:0f:cf:
90:6e:ab:ff:78:29:0e:bb:aa:1c:25:9a:c8:ec:fc:56:ec:6e:
ae:01:50:6a:2d:89:c3:45:15:e4:49:02:3d:e7:22:33:d6:03:
3b:1e:e0:1d:96:c7:f2:ab:b7:0d:cf:ef:a9:e6:f9:c9:6e:93:
65:7c:71:71:31:ef:ea:cc:36:7e:bc:ca:0e:1d:0b:ef:ec:b1:
af:81:ad:e9:fc:73:78:7e:f9:27:1b:83:5c:08:23:c0:6e:6a:
3e:8e:16:0f:da:dd:03:cf:0c:7a:5e:13:b5:ad:af:a0:0c:cc:
91:f1:8b:50:b8:91:ac:85:03:c8:d9:4c:b1:8f:4f:46:8c:ab:
e7:f8:83:d8:7c:7e:17:2b:09:da:87:26:65:a6:bc:9a:ca:3f:
e5:5c:8f:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSMwp+JJAdeo25uHPDtxxnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTk2NTk2MzYwODllMzIzMjQ2OTc2MjljMjE4ZGEzOGEy
YjY3M2QwHhcNMjIxMTE4MjIwMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRiNzM2MjJmYmQ3NDExNjcyZmVjMDE3M2NmNGZkZmNjMDZjNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTUIEeVxLc2AmTlvdAUoEdWqIe0L
9BS7wmfXblCYMvaXS74V1KFMb7SC6TWplsbh7Mv5LDQg1ypiLflKmAv+0AVIq4mB
rKZpCj6b2zfac32ocApIAftrWaShmwK/Ovo5cwbLqsOPhq5te90sBM01vtxLO0mW
WQ1BxbKrLahln444HP5O4Je+J43mm8NDa0c/LAbu+s1hEeuSLQBAgjhnaOmKzRVS
lm68aDmWGMajK0n98cpLC1kG9mnGabbFP6n5+U82B1p/PtzLPhReBtD3IFona8qs
waKC7cU+mwzqnNqsWrpkLQ6EPhXkF18qumtvyL0Nw6l0E4XnzK+FlsxgcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHVLc2IvvXQRZy/sAXPPT9/MBscEMB8GA1UdIwQY
MBaAFH1ZZZY2CJ4yMkaXYpwhjaOKK2c9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZsbGxqWUluakl5UnBkaW5DR05vNG9yWnowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82NTJlZjAtYWUzMC00NWJhLTk5NzAt
NmMxY2Y3MjVkOGY3LzEvZFV0ellpLTlkQkZuTC13QmM4OVAzOHdHeHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82NTJlZjAtYWUzMC00NWJhLTk5NzAtNmMxY2Y3MjVkOGY3
LzEvZlZsbGxqWUluakl5UnBkaW5DR05vNG9yWnowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEyj3AAwQF
yj3gMA0GCSqGSIb3DQEBCwUAA4IBAQAHR9fEs0s1O+A7p2aS0/ez1+yt1WGmHBrM
sTu7HcEIobu3Sx/jJrMBOnCVGSYz0NDHtEUoLskj5zYFGxINix4EAQRhRBF2TxZF
pPYgaZVWN+FKooQUjxNjx5pcTInmFeiZDXTS7QxVAr79D8+Qbqv/eCkOu6ocJZrI
7PxW7G6uAVBqLYnDRRXkSQI95yIz1gM7HuAdlsfyq7cNz++p5vnJbpNlfHFxMe/q
zDZ+vMoOHQvv7LGvga3p/HN4fvknG4NcCCPAbmo+jhYP2t0Dzwx6XhO1ra+gDMyR
8YtQuJGshQPI2Uyxj09GjKvn+IPYfH4XKwnahyZlpryayj/lXI9/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:58 2025 by rpki-client