Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/4XM2M1v7DP142jW7Q4uiNyeOAH8.roa
File: 4XM2M1v7DP142jW7Q4uiNyeOAH8.roa (raw, json)
Hash identifier: L00v8oc2PhdwgM7Ulj0REwKKQ1tjaWm5BFibZbkOiLg=
Subject key identifier: E1:73:36:33:5B:FB:0C:FD:78:DA:35:BB:43:8B:A2:37:27:8E:00:7F
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 0185712796C8B849DE10F2808F9E58539621
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/4XM2M1v7DP142jW7Q4uiNyeOAH8.roa
Signing time: Mon 02 Jan 2023 06:24:57 +0000
ROA not before: Mon 02 Jan 2023 06:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202756
IP address blocks: 62.4.112.0/24 maxlen: 24
62.4.109.0/24 maxlen: 24
62.4.110.0/24 maxlen: 24
62.4.111.0/24 maxlen: 24
62.4.113.0/24 maxlen: 24
62.4.114.0/24 maxlen: 24
62.4.115.0/24 maxlen: 24
62.4.117.0/24 maxlen: 24
62.4.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:96:c8:b8:49:de:10:f2:80:8f:9e:58:53:96:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Jan 2 06:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e17336335bfb0cfd78da35bb438ba237278e007f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9b:a6:0d:2c:2b:ae:7d:d7:b7:62:d6:cd:05:
62:87:0d:2c:ed:56:a2:34:17:89:52:87:5a:0c:80:
ae:61:e2:1d:b4:5d:21:67:d2:b4:d4:03:d1:58:69:
c8:96:cc:59:c4:45:b5:0f:90:a7:2a:8f:44:48:25:
2b:c4:b4:23:77:f7:bb:fa:63:24:1b:70:55:19:ac:
b7:d3:58:bc:92:36:df:01:3e:ec:a9:a2:83:6d:a4:
31:71:5d:7b:43:a6:ea:5a:c9:86:4b:1b:d9:ec:65:
dc:5f:91:bf:ee:d9:10:5e:58:9b:7b:cb:98:61:bd:
9f:19:b9:e6:9c:cd:bd:b1:34:db:0f:db:22:45:61:
2f:dc:b9:76:7f:80:98:11:cc:f2:0b:0b:ef:1a:eb:
6f:39:bc:b2:31:bd:29:5e:0b:dc:01:f9:ea:a0:0e:
55:67:ca:3e:d7:d0:89:71:db:9f:09:d3:d0:73:77:
4d:7d:3d:13:0a:2a:21:e9:a4:2d:6f:e5:a0:95:a7:
be:3f:70:fc:87:57:46:f2:68:c4:61:c0:b5:2c:69:
91:2f:8b:9a:83:a8:01:37:40:47:74:7b:bc:3b:97:
ea:87:49:f2:51:2f:33:ad:c1:02:49:3b:14:12:1b:
b7:6f:39:46:03:e0:9d:98:fa:f5:52:75:36:b5:8a:
f9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:73:36:33:5B:FB:0C:FD:78:DA:35:BB:43:8B:A2:37:27:8E:00:7F
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/4XM2M1v7DP142jW7Q4uiNyeOAH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.4.109.0-62.4.115.255
62.4.117.0/24
62.4.119.0/24
Signature Algorithm: sha256WithRSAEncryption
12:90:e8:f3:58:39:5d:c0:77:a6:9c:8b:0b:c9:63:c5:3c:ce:
e4:6d:18:3e:6f:6a:89:5c:ca:52:ad:46:73:84:ee:c4:dc:e6:
90:69:27:8a:c9:a4:0e:c2:4f:40:da:aa:9f:24:8f:2d:37:9d:
67:74:d5:5c:ff:f0:15:2b:44:9a:a1:44:b4:3b:79:52:cb:ee:
49:bb:09:ba:7e:42:03:20:8e:7e:0f:08:ca:d7:b0:53:cb:a3:
ce:b1:cf:a3:23:9d:06:51:f5:6d:64:f3:f6:ba:03:46:1f:8d:
92:95:a9:4c:49:8d:1f:29:b6:b3:d2:de:22:9f:88:e4:aa:9e:
a4:48:67:7f:dd:23:f1:53:e7:c4:fc:6f:79:7b:7c:25:a8:c4:
a2:66:aa:bc:61:5e:16:ac:94:22:03:dd:51:3c:28:da:55:94:
7a:08:f4:87:4c:53:eb:8f:4c:bd:ce:54:2e:6b:6c:20:57:d3:
c2:d7:e0:fe:28:85:b8:cc:b1:d3:51:0d:75:71:d3:79:b3:61:
ba:d7:2a:12:b6:4b:91:96:cf:42:64:5e:4d:93:d4:7a:d1:41:
da:b9:be:fe:89:58:6d:5a:40:fe:00:44:09:a6:20:ee:27:11:
13:b0:28:af:4e:90:d6:a2:cc:27:d3:61:e4:00:e4:13:23:f5:
d3:96:c1:e8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxJ5bIuEneEPKAj55YU5YhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjMwMTAyMDYyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTczMzYzMzViZmIwY2ZkNzhkYTM1YmI0MzhiYTIzNzI3OGUwMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5umDSwrrn3Xt2LWzQVihw0s7Vai
NBeJUodaDICuYeIdtF0hZ9K01APRWGnIlsxZxEW1D5CnKo9ESCUrxLQjd/e7+mMk
G3BVGay301i8kjbfAT7sqaKDbaQxcV17Q6bqWsmGSxvZ7GXcX5G/7tkQXlibe8uY
Yb2fGbnmnM29sTTbD9siRWEv3Ll2f4CYEczyCwvvGutvObyyMb0pXgvcAfnqoA5V
Z8o+19CJcdufCdPQc3dNfT0TCioh6aQtb+Wglae+P3D8h1dG8mjEYcC1LGmRL4ua
g6gBN0BHdHu8O5fqh0nyUS8zrcECSTsUEhu3bzlGA+CdmPr1UnU2tYr5bwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOFzNjNb+wz9eNo1u0OLojcnjgB/MB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvNFhNMk0xdjdEUDE0MmpXN1E0dWlOeWVPQUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAA+BG0D
BAI+BHADBAA+BHUDBAA+BHcwDQYJKoZIhvcNAQELBQADggEBABKQ6PNYOV3Ad6ac
iwvJY8U8zuRtGD5vaolcylKtRnOE7sTc5pBpJ4rJpA7CT0Daqp8kjy03nWd01Vz/
8BUrRJqhRLQ7eVLL7km7Cbp+QgMgjn4PCMrXsFPLo86xz6MjnQZR9W1k8/a6A0Yf
jZKVqUxJjR8ptrPS3iKfiOSqnqRIZ3/dI/FT58T8b3l7fCWoxKJmqrxhXhaslCID
3VE8KNpVlHoI9IdMU+uPTL3OVC5rbCBX08LX4P4ohbjMsdNRDXVx03mzYbrXKhK2
S5GWz0JkXk2T1HrRQdq5vv6JWG1aQP4ARAmmIO4nEROwKK9OkNaizCfTYeQA5BMj
9dOWweg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:39:34 2025 by rpki-client