Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/Z5X1Cy65IFdFD9FnKcg6ZFu-k8U.roa
File: Z5X1Cy65IFdFD9FnKcg6ZFu-k8U.roa (raw, json)
Hash identifier: 9L2vNjvIRy/Eu1El+tBiQXluZ0ncsC4wekO8NyxTJhk=
Subject key identifier: 67:95:F5:0B:2E:B9:20:57:45:0F:D1:67:29:C8:3A:64:5B:BE:93:C5
Certificate issuer: /CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Certificate serial: 018595B05F4489CA43A7654C7875A4ED683F
Authority key identifier: BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/Z5X1Cy65IFdFD9FnKcg6ZFu-k8U.roa
Signing time: Mon 09 Jan 2023 08:40:42 +0000
ROA not before: Mon 09 Jan 2023 08:40:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47589
IP address blocks: 62.150.244.0/22 maxlen: 22
62.150.164.0/22 maxlen: 22
62.150.204.0/22 maxlen: 22
62.150.224.0/22 maxlen: 22
62.150.228.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:b0:5f:44:89:ca:43:a7:65:4c:78:75:a4:ed:68:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Validity
Not Before: Jan 9 08:40:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6795f50b2eb92057450fd16729c83a645bbe93c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:55:08:ac:89:24:a3:cb:b2:e1:9f:56:76:
c0:c6:75:a2:41:6b:fa:6f:f6:71:89:78:19:c2:b6:
bd:06:9d:d8:f3:2b:3f:de:3e:af:03:af:69:84:ce:
12:5a:ff:6d:6f:b1:db:05:1a:cb:a8:06:a5:40:a1:
f5:90:b6:ed:d2:b6:29:e5:c3:51:64:a0:2d:97:1b:
c0:92:e2:f6:b9:85:f6:e7:06:43:e0:65:19:1f:7a:
50:8f:a1:85:1c:6f:a6:eb:70:07:a3:62:eb:45:54:
c4:8a:0d:5d:e2:f1:6b:ee:c5:8d:38:bd:df:e1:e5:
32:7a:9c:e9:94:aa:80:0a:a0:99:e2:1c:f9:00:d8:
eb:10:37:bf:2a:ae:90:16:dd:f7:5e:16:6b:da:c4:
cf:0d:8a:af:4f:a2:06:9c:2e:ff:4e:68:f8:b4:19:
14:af:46:d1:40:9a:56:68:57:8c:c6:b0:80:ee:24:
cc:6d:e4:12:5c:7d:68:82:9e:67:f2:60:0e:d3:1a:
bc:c9:b1:f9:99:3a:17:81:7f:fa:52:e0:45:2a:5e:
f7:75:0d:c4:45:fd:bd:b3:c9:8a:2b:6e:8f:f4:0b:
4f:02:87:74:07:ba:9e:4c:2a:9c:09:ed:57:31:4f:
7c:49:b4:29:40:04:f7:2a:a0:fd:c8:81:f4:bb:7f:
46:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:95:F5:0B:2E:B9:20:57:45:0F:D1:67:29:C8:3A:64:5B:BE:93:C5
X509v3 Authority Key Identifier:
keyid:BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/Z5X1Cy65IFdFD9FnKcg6ZFu-k8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.150.164.0/22
62.150.204.0/22
62.150.224.0/21
62.150.244.0/22
Signature Algorithm: sha256WithRSAEncryption
80:f4:cb:33:98:f4:b8:78:87:c4:38:d2:77:b6:6b:7b:cc:3c:
6f:eb:69:1e:5c:7c:61:a8:1f:ee:68:06:5e:15:1a:fb:30:fb:
2d:c4:84:8e:ac:75:cc:27:97:2e:3c:fc:21:4a:a7:3d:16:ca:
d0:c7:83:d8:f9:35:32:ce:2b:ef:62:d8:12:6f:06:a1:99:12:
53:64:ef:f2:b2:32:53:16:a5:5c:6c:85:70:80:56:bb:03:7c:
d2:17:4e:36:e1:e6:2e:2c:fc:ab:c0:75:c4:c2:29:70:21:96:
7f:6d:70:64:18:43:1f:37:eb:3e:83:5e:80:e8:cb:58:ab:3b:
44:23:1a:9a:4f:12:10:a2:d6:2a:4b:4f:53:e5:55:15:25:ac:
59:8e:5b:ae:4e:a7:85:c9:44:10:62:28:07:68:a9:4b:6e:96:
ec:9b:85:ae:ec:70:52:23:96:f3:1c:e9:d5:9a:ad:2b:86:c3:
ba:06:39:8a:27:38:68:97:19:d9:29:25:3e:a8:f2:ef:68:54:
26:69:1f:ff:de:e3:0a:fe:8c:f7:5a:5e:77:1a:4d:23:fa:6f:
95:3e:29:6a:1a:af:16:a5:24:be:9b:d0:62:1c:6e:47:78:17:
12:35:ba:9e:e6:bf:6f:fc:d6:eb:c2:37:66:ba:ad:9a:ee:1f:
08:c2:e7:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWVsF9EicpDp2VMeHWk7Wg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDQzZjdhYWU0N2UwYWIzOGJjZjhkNTM2Y2NhNjAzNTBk
MTcyNzAwHhcNMjMwMTA5MDg0MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk1ZjUwYjJlYjkyMDU3NDUwZmQxNjcyOWM4M2E2NDViYmU5M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTBVCKyJJKPLsuGfVnbAxnWiQWv6
b/ZxiXgZwra9Bp3Y8ys/3j6vA69phM4SWv9tb7HbBRrLqAalQKH1kLbt0rYp5cNR
ZKAtlxvAkuL2uYX25wZD4GUZH3pQj6GFHG+m63AHo2LrRVTEig1d4vFr7sWNOL3f
4eUyepzplKqACqCZ4hz5ANjrEDe/Kq6QFt33XhZr2sTPDYqvT6IGnC7/Tmj4tBkU
r0bRQJpWaFeMxrCA7iTMbeQSXH1ogp5n8mAO0xq8ybH5mToXgX/6UuBFKl73dQ3E
Rf29s8mKK26P9AtPAod0B7qeTCqcCe1XMU98SbQpQAT3KqD9yIH0u39GdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGeV9QsuuSBXRQ/RZynIOmRbvpPFMB8GA1UdIwQY
MBaAFLxEP3quR+CrOLz41TbMpgNQ0XJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEt
NTAzNGYxOTk1M2EzLzEvWjVYMUN5NjVJRmRGRDlGbktjZzZaRnUtazhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEtNTAzNGYxOTk1M2Ez
LzEvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPpakAwQC
PpbMAwQDPpbgAwQCPpb0MA0GCSqGSIb3DQEBCwUAA4IBAQCA9MszmPS4eIfEONJ3
tmt7zDxv62keXHxhqB/uaAZeFRr7MPstxISOrHXMJ5cuPPwhSqc9FsrQx4PY+TUy
zivvYtgSbwahmRJTZO/ysjJTFqVcbIVwgFa7A3zSF0424eYuLPyrwHXEwilwIZZ/
bXBkGEMfN+s+g16A6MtYqztEIxqaTxIQotYqS09T5VUVJaxZjluuTqeFyUQQYigH
aKlLbpbsm4Wu7HBSI5bzHOnVmq0rhsO6BjmKJzholxnZKSU+qPLvaFQmaR//3uMK
/oz3Wl53Gk0j+m+VPilqGq8WpSS+m9BiHG5HeBcSNbqe5r9v/Nbrwjdmuq2a7h8I
wue6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:58 2025 by rpki-client