Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/bTSOYh3jjOv6zSd7K6MBJg0hhmQ.roa
File: bTSOYh3jjOv6zSd7K6MBJg0hhmQ.roa (raw, json)
Hash identifier: RLfLGABEzTlL+ToUVxq83TY0yrpSEGGToxbIUTPkUm4=
Subject key identifier: 6D:34:8E:62:1D:E3:8C:EB:FA:CD:27:7B:2B:A3:01:26:0D:21:86:64
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 1C9BFD57
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/bTSOYh3jjOv6zSd7K6MBJg0hhmQ.roa
Signing time: Sat 01 Jan 2022 13:56:04 +0000
ROA not before: Sat 01 Jan 2022 13:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21320
IP address blocks: 62.40.96.0/19 maxlen: 19
83.97.88.0/21 maxlen: 21
2001:799::/32 maxlen: 32
2001:798::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 479984983 (0x1c9bfd57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jan 1 13:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d348e621de38cebfacd277b2ba301260d218664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f4:4c:a9:01:12:e6:d6:8a:ff:54:3c:b6:39:
21:3c:ec:65:a0:1b:11:7a:df:34:6c:51:5c:a0:e8:
cb:fb:ad:00:c1:69:c0:ab:c1:a1:3a:c5:ab:ff:f5:
c3:9a:25:fd:6d:2f:1c:b2:ab:99:6d:a8:b8:0d:31:
47:c6:9e:0b:3e:80:a1:61:c9:75:2b:b1:75:e2:8d:
07:ee:f5:e5:1e:6a:59:c5:78:c1:c6:04:31:59:19:
da:df:9c:b7:59:47:69:63:30:62:a0:75:4d:1e:08:
01:d7:f2:c1:ef:2c:00:d5:af:68:a0:c3:21:b2:bc:
5d:dc:ea:4b:22:d4:0a:60:f1:67:9e:3e:59:56:68:
ad:c2:19:f1:6e:36:45:a3:68:56:22:f6:97:b1:f1:
53:01:0a:27:f4:49:a0:1f:95:b1:7f:0e:7b:e8:09:
9f:44:82:b9:e4:67:db:bb:44:f0:6a:92:c7:9e:3f:
f8:24:48:69:e8:4f:e7:21:20:14:68:8b:3b:66:aa:
06:11:73:48:65:c1:8c:ba:7d:7b:fe:4f:f0:68:64:
dd:fa:6a:e6:df:12:4b:83:b1:89:95:49:49:0a:c6:
10:58:08:8e:13:a9:81:f4:d5:81:41:43:95:4b:59:
99:74:be:6d:cf:a3:a1:1c:a4:3e:79:a3:fe:d2:82:
72:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:34:8E:62:1D:E3:8C:EB:FA:CD:27:7B:2B:A3:01:26:0D:21:86:64
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/bTSOYh3jjOv6zSd7K6MBJg0hhmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.96.0/19
83.97.88.0/21
IPv6:
2001:798::/31
Signature Algorithm: sha256WithRSAEncryption
75:8f:ff:82:bd:39:8a:be:bc:48:c0:af:51:58:f6:e9:22:22:
e6:52:13:12:04:a9:8a:62:2d:34:e1:77:65:c1:48:4c:41:06:
98:f5:86:0c:3c:10:e4:27:69:88:87:c2:ed:93:a3:07:a5:a3:
f9:67:b9:86:cb:df:e1:18:23:00:26:dc:49:18:f9:4a:e6:87:
e2:69:33:51:49:3d:38:cf:72:8d:b4:f1:62:e7:a4:12:58:7d:
3c:b9:f7:77:90:f9:62:cf:15:df:b6:c8:dd:39:44:7a:a4:0b:
a0:ff:3f:f2:1e:f9:1f:79:aa:26:1c:bd:99:80:3d:31:c8:5a:
44:6a:52:d7:1e:e8:a9:fb:60:5b:af:4f:c4:55:f3:22:39:12:
c0:62:0a:48:65:b7:f2:ad:ab:7d:aa:ae:30:74:f8:e6:d5:48:
bf:65:2e:32:8b:94:7c:fa:58:49:50:1a:3a:81:9e:c8:81:93:
ab:ce:ce:4a:ba:01:20:c4:87:5b:12:fa:b4:8f:14:07:c4:38:
14:e0:15:61:81:1b:bd:a0:81:c3:7b:7f:c2:d2:e3:06:b9:fc:
9a:9c:5f:94:97:95:68:0e:b4:dc:57:af:35:4a:97:ce:70:f7:
47:2f:0f:a7:12:24:cd:ae:d4:12:ad:02:a2:6c:12:df:47:11:
f6:fb:bd:13
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEHJv9VzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWQ3NTU3MzNlOTEyMDNhMTdjMzA5M2NhNWQ5Y2IwMzkyZDk0ZjYxMB4XDTIyMDEw
MTEzNTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQzNDhlNjIxZGUz
OGNlYmZhY2QyNzdiMmJhMzAxMjYwZDIxODY2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKX0TKkBEubWiv9UPLY5ITzsZaAbEXrfNGxRXKDoy/utAMFp
wKvBoTrFq//1w5ol/W0vHLKrmW2ouA0xR8aeCz6AoWHJdSuxdeKNB+715R5qWcV4
wcYEMVkZ2t+ct1lHaWMwYqB1TR4IAdfywe8sANWvaKDDIbK8XdzqSyLUCmDxZ54+
WVZorcIZ8W42RaNoViL2l7HxUwEKJ/RJoB+VsX8Oe+gJn0SCueRn27tE8GqSx54/
+CRIaehP5yEgFGiLO2aqBhFzSGXBjLp9e/5P8Ghk3fpq5t8SS4OxiZVJSQrGEFgI
jhOpgfTVgUFDlUtZmXS+bc+joRykPnmj/tKCcnsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRtNI5iHeOM6/rNJ3srowEmDSGGZDAfBgNVHSMEGDAWgBTO11VzPpEgOhfD
CTyl2csDktlPYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3p0ZFZjejZSSURvWHd3azhwZG5MQTVMWlQyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvYzJmNjFhLTE1ZjktNGM2Yi05MGU1LWVmNGI2NTllZmY4ZC8x
L2JUU09ZaDNqak92NnpTZDdLNk1CSmcwaGhtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
YzJmNjFhLTE1ZjktNGM2Yi05MGU1LWVmNGI2NTllZmY4ZC8xL3p0ZFZjejZSSURv
WHd3azhwZG5MQTVMWlQyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBT4oYAMEA1NhWDANBAIAAjAHAwUB
IAEHmDANBgkqhkiG9w0BAQsFAAOCAQEAdY//gr05ir68SMCvUVj26SIi5lITEgSp
imItNOF3ZcFITEEGmPWGDDwQ5CdpiIfC7ZOjB6Wj+We5hsvf4RgjACbcSRj5SuaH
4mkzUUk9OM9yjbTxYuekElh9PLn3d5D5Ys8V37bI3TlEeqQLoP8/8h75H3mqJhy9
mYA9MchaRGpS1x7oqftgW69PxFXzIjkSwGIKSGW38q2rfaquMHT45tVIv2UuMouU
fPpYSVAaOoGeyIGTq87OSroBIMSHWxL6tI8UB8Q4FOAVYYEbvaCBw3t/wtLjBrn8
mpxflJeVaA603FevNUqXznD3Ry8PpxIkza7UEq0ComwS30cR9vu9Ew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:11 2025 by rpki-client