Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/PjuCgylf4ve87w4wr8eZ5p5J0gY.roa
File: PjuCgylf4ve87w4wr8eZ5p5J0gY.roa (raw, json)
Hash identifier: IMLMFdzVIqMcW2fwie1GAkNKsmhNOXJIYBNTXTaIA4k=
Subject key identifier: 3E:3B:82:83:29:5F:E2:F7:BC:EF:0E:30:AF:C7:99:E6:9E:49:D2:06
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 01888AC9F734E4133E43FF2898472022A96C
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/PjuCgylf4ve87w4wr8eZ5p5J0gY.roa
Signing time: Mon 05 Jun 2023 09:01:11 +0000
ROA not before: Mon 05 Jun 2023 09:01:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202012
IP address blocks: 62.40.101.0/24 maxlen: 24
62.40.105.0/24 maxlen: 24
62.40.111.0/24 maxlen: 24
62.40.112.0/24 maxlen: 24
2001:799::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:c9:f7:34:e4:13:3e:43:ff:28:98:47:20:22:a9:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jun 5 09:01:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e3b8283295fe2f7bcef0e30afc799e69e49d206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:13:e0:7a:f5:1b:1a:b5:67:78:2a:0e:92:
fd:69:79:1b:98:ed:40:14:f2:5e:9e:bc:f4:1f:14:
15:9d:ed:a6:1d:6b:7a:55:76:a6:0b:89:e7:cd:93:
e7:b6:d6:27:22:29:a9:d8:05:70:11:a0:6d:cb:8f:
c7:9a:fc:32:40:1c:70:01:bf:c8:93:fd:c2:99:26:
2a:2d:d3:24:9b:f5:df:94:da:15:cf:81:2a:b9:3e:
f2:43:8b:a8:08:eb:5e:02:59:cb:d2:13:ff:8a:95:
fd:68:1d:f5:b1:84:63:93:af:f5:87:aa:ee:84:c5:
92:92:79:25:c3:2e:d9:16:7b:e8:c0:49:c9:d6:20:
4c:65:97:81:4b:c2:23:39:b2:e9:63:11:67:79:7e:
9a:7a:b6:30:f7:47:c4:26:85:74:89:b6:55:29:dc:
70:d8:82:00:23:44:7f:c1:b0:33:0b:1d:45:b7:e4:
04:c2:cb:a5:6e:e7:b5:6d:89:a5:46:51:c3:c8:2b:
5b:95:2f:31:b5:0d:07:37:ae:22:d7:36:07:d1:9c:
d5:a8:19:2b:20:08:41:e6:78:d9:33:79:42:ca:5d:
10:da:d3:f5:95:3f:79:1d:61:2d:e3:6c:a9:02:14:
90:2b:7f:be:54:29:13:36:25:b4:eb:a2:ef:17:46:
7c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:3B:82:83:29:5F:E2:F7:BC:EF:0E:30:AF:C7:99:E6:9E:49:D2:06
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/PjuCgylf4ve87w4wr8eZ5p5J0gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.101.0/24
62.40.105.0/24
62.40.111.0-62.40.112.255
IPv6:
2001:799::/32
Signature Algorithm: sha256WithRSAEncryption
a2:99:47:6d:38:cf:f4:0f:6f:24:8a:e5:33:34:1f:94:72:fa:
8f:11:3b:9d:2a:6e:22:2a:a8:99:fc:0a:97:6b:b4:4f:fe:02:
87:61:68:86:bb:8e:45:33:b8:f7:e8:f6:89:1c:e0:3f:af:4c:
90:1b:50:dd:2a:c6:15:5f:bf:32:a5:a3:18:e1:d8:35:d6:4e:
c1:3d:e2:c8:d8:90:37:56:44:c7:5d:fc:18:b0:db:55:00:a8:
e6:6d:b0:3b:13:2d:d7:9f:23:a3:80:da:cf:1a:ad:76:6e:ed:
0c:21:49:07:20:6b:dd:83:35:9a:1b:a0:c9:a1:64:f2:b1:93:
72:20:d0:13:7d:74:83:aa:26:fb:74:b0:dc:ad:cc:13:18:4a:
5f:d4:ac:c7:83:f4:f0:75:92:f8:83:a9:2d:3d:13:7d:82:ac:
2f:5e:7a:56:31:45:9e:16:d6:75:e4:60:f3:8b:b2:56:3f:ae:
41:b4:b5:01:4a:50:49:81:0e:1f:e6:27:6d:75:79:9d:ff:cb:
72:40:bf:aa:0d:88:d7:33:85:69:90:0d:91:77:9e:c1:3d:80:
dd:22:1e:5d:03:6a:3f:fa:d3:8b:7e:2a:2e:13:97:3d:69:39:
3d:76:eb:04:52:72:06:c2:e5:c0:db:1b:f8:13:d3:ac:9e:cd:
bc:7e:3d:6e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYiKyfc05BM+Q/8omEcgIqlsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDc1NTczM2U5MTIwM2ExN2MzMDkzY2E1ZDljYjAzOTJk
OTRmNjEwHhcNMjMwNjA1MDkwMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTNiODI4MzI5NWZlMmY3YmNlZjBlMzBhZmM3OTllNjllNDlkMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5cT4Hr1Gxq1Z3gqDpL9aXkbmO1A
FPJenrz0HxQVne2mHWt6VXamC4nnzZPnttYnIimp2AVwEaBty4/HmvwyQBxwAb/I
k/3CmSYqLdMkm/XflNoVz4EquT7yQ4uoCOteAlnL0hP/ipX9aB31sYRjk6/1h6ru
hMWSknklwy7ZFnvowEnJ1iBMZZeBS8IjObLpYxFneX6aerYw90fEJoV0ibZVKdxw
2IIAI0R/wbAzCx1Ft+QEwsulbue1bYmlRlHDyCtblS8xtQ0HN64i1zYH0ZzVqBkr
IAhB5njZM3lCyl0Q2tP1lT95HWEt42ypAhSQK3++VCkTNiW066LvF0Z8ZwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFD47goMpX+L3vO8OMK/HmeaeSdIGMB8GA1UdIwQY
MBaAFM7XVXM+kSA6F8MJPKXZywOS2U9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUt
ZWY0YjY1OWVmZjhkLzEvUGp1Q2d5bGY0dmU4N3c0d3I4ZVo1cDVKMGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUtZWY0YjY1OWVmZjhk
LzEvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAPihlAwQA
PihpMAwDBAA+KG8DBAA+KHAwDQQCAAIwBwMFACABB5kwDQYJKoZIhvcNAQELBQAD
ggEBAKKZR204z/QPbySK5TM0H5Ry+o8RO50qbiIqqJn8CpdrtE/+AodhaIa7jkUz
uPfo9okc4D+vTJAbUN0qxhVfvzKloxjh2DXWTsE94sjYkDdWRMdd/Biw21UAqOZt
sDsTLdefI6OA2s8arXZu7QwhSQcga92DNZoboMmhZPKxk3Ig0BN9dIOqJvt0sNyt
zBMYSl/UrMeD9PB1kviDqS09E32CrC9eelYxRZ4W1nXkYPOLslY/rkG0tQFKUEmB
Dh/mJ211eZ3/y3JAv6oNiNczhWmQDZF3nsE9gN0iHl0Daj/604t+Ki4Tlz1pOT12
6wRScgbC5cDbG/gT06yezbx+PW4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:43 2025 by rpki-client