Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/994fa5-627e-4312-adc9-aecbdad80f27/1/rkm2BENxCp_9tis91RczPvW9jew.roa
File: rkm2BENxCp_9tis91RczPvW9jew.roa (raw, json)
Hash identifier: gc9Vcp0Xv18A0y+kaHU7Oqei0usvgzcLdhlMM2SUJRw=
Subject key identifier: AE:49:B6:04:43:71:0A:9F:FD:B6:2B:3D:D5:17:33:3E:F5:BD:8D:EC
Certificate issuer: /CN=1b4d5c7b33d6669a30ac2b9a4de2ffcf64c711ab
Certificate serial: C1004C
Authority key identifier: 1B:4D:5C:7B:33:D6:66:9A:30:AC:2B:9A:4D:E2:FF:CF:64:C7:11:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G01cezPWZpowrCuaTeL_z2THEas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/994fa5-627e-4312-adc9-aecbdad80f27/1/rkm2BENxCp_9tis91RczPvW9jew.roa
Signing time: Sat 01 Jan 2022 01:58:46 +0000
ROA not before: Sat 01 Jan 2022 01:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 62.204.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12648524 (0xc1004c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b4d5c7b33d6669a30ac2b9a4de2ffcf64c711ab
Validity
Not Before: Jan 1 01:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae49b60443710a9ffdb62b3dd517333ef5bd8dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:aa:c5:b2:26:bf:87:3b:7d:db:ef:8d:11:08:
49:70:4c:1a:a9:95:3e:dc:9c:94:68:9c:7d:68:a5:
16:c1:41:28:fd:6e:b1:44:33:9a:c9:4d:54:d1:d4:
c1:65:65:e7:3f:88:cd:4b:36:39:46:48:20:e6:86:
93:5a:f9:59:9a:cc:17:77:42:cf:41:d8:9e:5f:95:
b0:01:c2:20:c9:77:bb:87:0d:90:3b:a8:2d:b6:67:
7a:67:df:c5:e0:b6:05:e1:f4:3f:87:be:87:87:2f:
75:51:8b:3c:58:fb:00:87:87:3d:11:a8:51:6d:36:
76:6d:ef:aa:f7:7d:fe:3d:bf:f2:0d:d8:34:d3:71:
36:f5:9a:08:bb:df:91:77:3e:ed:32:3c:be:2c:ba:
e0:9f:fc:34:05:60:c3:df:e5:0b:17:27:1e:36:83:
76:f1:2a:d1:7a:89:b8:35:d3:e0:1e:aa:48:d4:99:
d2:9b:a4:90:db:54:aa:79:66:98:5f:fc:77:57:22:
d8:6c:60:90:90:de:34:91:94:76:11:9b:c6:7e:97:
ae:80:90:e4:47:66:e4:68:43:bb:fb:22:9a:60:80:
0d:cc:93:a3:2e:87:3e:f2:a4:bc:d1:44:de:eb:4a:
ec:db:e8:64:ba:f7:00:d1:fb:ba:34:dd:49:ae:10:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:49:B6:04:43:71:0A:9F:FD:B6:2B:3D:D5:17:33:3E:F5:BD:8D:EC
X509v3 Authority Key Identifier:
keyid:1B:4D:5C:7B:33:D6:66:9A:30:AC:2B:9A:4D:E2:FF:CF:64:C7:11:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G01cezPWZpowrCuaTeL_z2THEas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/994fa5-627e-4312-adc9-aecbdad80f27/1/rkm2BENxCp_9tis91RczPvW9jew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/994fa5-627e-4312-adc9-aecbdad80f27/1/G01cezPWZpowrCuaTeL_z2THEas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.38.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:01:e8:b6:2a:99:99:5e:ae:36:7e:e8:42:75:29:22:11:d0:
37:f7:4a:5b:b8:0b:8c:2b:4c:81:4b:8a:1d:61:93:8a:35:7a:
f7:61:63:d6:c4:ce:28:85:8e:4e:fc:75:a5:e1:3c:90:8f:ca:
eb:dc:75:83:86:c8:b8:76:64:77:1f:be:64:ea:34:08:99:fd:
16:6a:7e:6b:ef:22:af:95:83:2f:49:71:df:84:e7:d7:40:6b:
7d:22:b6:eb:08:e7:2f:9d:ea:1f:69:0f:41:53:c4:58:17:3a:
c0:4e:7d:05:7c:96:7f:31:ad:ae:f8:9f:c6:dd:1b:f2:86:ce:
50:6f:fa:f2:e1:39:9b:88:9b:01:a3:c2:63:7b:84:a2:84:c0:
4a:b0:13:7a:06:69:64:28:f2:d4:bd:a5:67:bd:84:75:30:c5:
a9:d7:50:34:ee:d1:12:4a:f0:af:87:45:7a:41:69:d9:2d:6c:
5f:01:ae:4c:28:6a:9e:cb:f5:ff:c6:19:fb:b8:a9:f1:5f:77:
68:fb:ba:30:79:b9:fe:65:9e:7e:4e:aa:b9:cb:8c:df:18:45:
3e:74:a7:cb:00:5d:6d:44:a6:f6:34:34:8c:d2:08:fb:b9:ae:
d8:2f:eb:11:62:21:43:a1:46:01:4c:7a:d0:7d:ca:43:13:aa:
4f:ef:63:d7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAMEATDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjRkNWM3YjMzZDY2NjlhMzBhYzJiOWE0ZGUyZmZjZjY0YzcxMWFiMB4XDTIyMDEw
MTAxNTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU0OWI2MDQ0Mzcx
MGE5ZmZkYjYyYjNkZDUxNzMzM2VmNWJkOGRlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuqxbImv4c7fdvvjREISXBMGqmVPtyclGicfWilFsFBKP1u
sUQzmslNVNHUwWVl5z+IzUs2OUZIIOaGk1r5WZrMF3dCz0HYnl+VsAHCIMl3u4cN
kDuoLbZnemffxeC2BeH0P4e+h4cvdVGLPFj7AIeHPRGoUW02dm3vqvd9/j2/8g3Y
NNNxNvWaCLvfkXc+7TI8viy64J/8NAVgw9/lCxcnHjaDdvEq0XqJuDXT4B6qSNSZ
0pukkNtUqnlmmF/8d1ci2GxgkJDeNJGUdhGbxn6XroCQ5Edm5GhDu/simmCADcyT
oy6HPvKkvNFE3utK7NvoZLr3ANH7ujTdSa4QKu0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSuSbYEQ3EKn/22Kz3VFzM+9b2N7DAfBgNVHSMEGDAWgBQbTVx7M9ZmmjCs
K5pN4v/PZMcRqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0cwMWNlelBXWnBvd3JDdWFUZUxfejJUSEVhcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvOTk0ZmE1LTYyN2UtNDMxMi1hZGM5LWFlY2JkYWQ4MGYyNy8x
L3JrbTJCRU54Q3BfOXRpczkxUmN6UHZXOWpldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
OTk0ZmE1LTYyN2UtNDMxMi1hZGM5LWFlY2JkYWQ4MGYyNy8xL0cwMWNlelBXWnBv
d3JDdWFUZUxfejJUSEVhcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7MJjANBgkqhkiG9w0BAQsFAAOC
AQEAfgHotiqZmV6uNn7oQnUpIhHQN/dKW7gLjCtMgUuKHWGTijV692Fj1sTOKIWO
Tvx1peE8kI/K69x1g4bIuHZkdx++ZOo0CJn9Fmp+a+8ir5WDL0lx34Tn10BrfSK2
6wjnL53qH2kPQVPEWBc6wE59BXyWfzGtrvifxt0b8obOUG/68uE5m4ibAaPCY3uE
ooTASrATegZpZCjy1L2lZ72EdTDFqddQNO7REkrwr4dFekFp2S1sXwGuTChqnsv1
/8YZ+7ip8V93aPu6MHm5/mWefk6qucuM3xhFPnSnywBdbUSm9jQ0jNII+7mu2C/r
EWIhQ6FGAUx60H3KQxOqT+9j1w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:00 2023 by rpki-client on console-ams.rpki-client.org