Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/Ix1Mkefc3lYmQ0q2PGW9C7gnxF8.roa
File: Ix1Mkefc3lYmQ0q2PGW9C7gnxF8.roa (raw, json)
Hash identifier: IJ6ODXm8dSEmOt2F2KAZQlvsQUwiMksyw+XblhyJN0g=
Subject key identifier: 23:1D:4C:91:E7:DC:DE:56:26:43:4A:B6:3C:65:BD:0B:B8:27:C4:5F
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 01856EEFFA73A6B656A00C157E15E50BDE09
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/Ix1Mkefc3lYmQ0q2PGW9C7gnxF8.roa
Signing time: Sun 01 Jan 2023 20:04:59 +0000
ROA not before: Sun 01 Jan 2023 20:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202012
IP address blocks: 62.40.101.0/24 maxlen: 24
62.40.105.0/24 maxlen: 24
62.40.111.0/24 maxlen: 24
62.40.112.0/24 maxlen: 24
2001:799::/32 maxlen: 32
2001:798:dd:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:fa:73:a6:b6:56:a0:0c:15:7e:15:e5:0b:de:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jan 1 20:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=231d4c91e7dcde5626434ab63c65bd0bb827c45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:97:7a:5a:38:ee:0a:f5:53:57:4c:ba:84:3a:
6a:4b:b0:91:0d:bc:bf:d1:05:4c:1b:b0:42:4e:6e:
c7:01:97:e9:cb:0a:83:3b:89:8a:ea:60:f4:bd:4b:
5e:5e:0e:53:0d:6c:69:35:6f:3a:6c:66:13:72:38:
f0:08:8b:fc:60:74:04:f2:a5:49:13:6a:f3:e5:c0:
34:2a:65:ec:08:b6:99:2c:91:25:b7:d2:6b:c1:b4:
90:56:b9:42:0b:c0:1a:d3:6e:b4:c4:87:2f:4e:54:
56:c5:94:59:6f:c2:2a:99:a1:cd:43:d4:ee:58:8b:
29:b1:c1:6f:3e:91:82:ac:2f:66:3a:b1:f7:80:73:
37:6f:5b:a5:3a:aa:2f:f0:b7:da:9a:bb:e9:20:38:
2e:d8:cd:fb:4d:c8:58:9b:f4:bb:55:77:e2:c5:93:
bf:36:22:23:d2:ed:4f:7b:ee:ed:7d:31:93:75:4f:
d9:9e:47:01:f0:84:05:f1:a8:30:63:d7:4d:a3:4b:
e9:81:0f:6f:07:95:bc:51:ed:c9:81:3f:79:74:46:
c0:f3:f2:35:d2:41:eb:78:e7:7c:8a:af:2a:d9:83:
11:00:19:f9:8c:10:41:91:d4:ad:ef:c8:51:d4:de:
ba:d2:c1:d1:57:ea:2d:de:ee:66:35:bc:6e:25:b4:
da:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1D:4C:91:E7:DC:DE:56:26:43:4A:B6:3C:65:BD:0B:B8:27:C4:5F
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/Ix1Mkefc3lYmQ0q2PGW9C7gnxF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.101.0/24
62.40.105.0/24
62.40.111.0-62.40.112.255
IPv6:
2001:798:dd:1::/64
2001:799::/32
Signature Algorithm: sha256WithRSAEncryption
27:fe:33:0b:4b:c5:44:1a:ec:25:b1:b6:b8:46:d1:7c:63:9b:
82:7c:2d:89:b6:b1:de:e4:44:89:8f:fe:93:0b:6b:12:da:5c:
b5:69:0e:d3:9e:a6:ee:f8:4a:1d:cc:4e:b2:62:3c:51:b0:3a:
46:9b:08:6c:fe:af:ee:3a:e1:7a:7a:c1:d7:50:32:5c:f3:0a:
0f:57:8f:c2:f0:94:be:6a:23:2f:fc:f4:a5:dd:e8:86:76:4e:
8b:ab:f0:27:72:2f:f5:b9:26:32:f6:ad:65:7a:dc:87:38:ec:
e5:0f:70:07:37:a7:41:6b:17:f9:9b:64:e3:e4:2a:52:57:c1:
0a:50:bd:fb:78:2a:2a:c5:63:12:a4:0c:8e:b6:63:3b:24:89:
e1:05:e7:5a:47:a8:14:f1:74:dc:73:6c:a7:af:b3:dc:eb:43:
89:91:d0:8f:f6:72:14:1b:d4:ae:ec:ef:95:99:b8:5d:42:6b:
eb:0a:71:08:d6:d5:3c:54:dc:44:e5:1e:96:00:21:7d:4a:f3:
be:ba:07:51:73:34:10:5d:6c:5a:a8:a6:70:d3:a1:38:66:c9:
3d:f0:91:03:71:a9:54:eb:10:63:4c:c1:c4:2b:c0:c8:47:9d:
32:9d:cf:1f:c5:e4:c3:11:b2:b1:c3:02:f7:76:97:b1:40:a2:
3f:40:62:c1
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVu7/pzprZWoAwVfhXlC94JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDc1NTczM2U5MTIwM2ExN2MzMDkzY2E1ZDljYjAzOTJk
OTRmNjEwHhcNMjMwMTAxMjAwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFkNGM5MWU3ZGNkZTU2MjY0MzRhYjYzYzY1YmQwYmI4MjdjNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJd6WjjuCvVTV0y6hDpqS7CRDby/
0QVMG7BCTm7HAZfpywqDO4mK6mD0vUteXg5TDWxpNW86bGYTcjjwCIv8YHQE8qVJ
E2rz5cA0KmXsCLaZLJElt9JrwbSQVrlCC8Aa0260xIcvTlRWxZRZb8IqmaHNQ9Tu
WIspscFvPpGCrC9mOrH3gHM3b1ulOqov8LfamrvpIDgu2M37TchYm/S7VXfixZO/
NiIj0u1Pe+7tfTGTdU/ZnkcB8IQF8agwY9dNo0vpgQ9vB5W8Ue3JgT95dEbA8/I1
0kHreOd8iq8q2YMRABn5jBBBkdSt78hR1N660sHRV+ot3u5mNbxuJbTacwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCMdTJHn3N5WJkNKtjxlvQu4J8RfMB8GA1UdIwQY
MBaAFM7XVXM+kSA6F8MJPKXZywOS2U9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUt
ZWY0YjY1OWVmZjhkLzEvSXgxTWtlZmMzbFltUTBxMlBHVzlDN2dueEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUtZWY0YjY1OWVmZjhk
LzEvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQAPihlAwQA
PihpMAwDBAA+KG8DBAA+KHAwGAQCAAIwEgMJACABB5gA3QABAwUAIAEHmTANBgkq
hkiG9w0BAQsFAAOCAQEAJ/4zC0vFRBrsJbG2uEbRfGObgnwtibax3uREiY/+kwtr
EtpctWkO056m7vhKHcxOsmI8UbA6RpsIbP6v7jrhenrB11AyXPMKD1ePwvCUvmoj
L/z0pd3ohnZOi6vwJ3Iv9bkmMvatZXrchzjs5Q9wBzenQWsX+Ztk4+QqUlfBClC9
+3gqKsVjEqQMjrZjOySJ4QXnWkeoFPF03HNsp6+z3OtDiZHQj/ZyFBvUruzvlZm4
XUJr6wpxCNbVPFTcROUelgAhfUrzvroHUXM0EF1sWqimcNOhOGbJPfCRA3GpVOsQ
Y0zBxCvAyEedMp3PH8XkwxGyscMC93aXsUCiP0BiwQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:25 2025 by rpki-client