Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RLhkeR22_499kkUS4CUK-F_POKA.roa
File: RLhkeR22_499kkUS4CUK-F_POKA.roa (raw, json)
Hash identifier: chiqI/XuHskAzXDK0y5/x2P+DeF5zWWvChxprAy03s8=
Subject key identifier: 44:B8:64:79:1D:B6:FF:8F:7D:92:45:12:E0:25:0A:F8:5F:CF:38:A0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189746BC3D160D346E2EC95FC812417D5FA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RLhkeR22_499kkUS4CUK-F_POKA.roa
Signing time: Thu 20 Jul 2023 17:49:26 +0000
ROA not before: Thu 20 Jul 2023 17:49:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 62.76.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:6b:c3:d1:60:d3:46:e2:ec:95:fc:81:24:17:d5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 20 17:49:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44b864791db6ff8f7d924512e0250af85fcf38a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ec:47:a5:12:d8:08:d9:22:8e:c3:50:9d:01:
f7:ba:10:24:cb:d7:8c:39:e0:5a:eb:11:96:1d:04:
67:91:16:c0:49:45:6f:49:5a:d8:69:7f:c7:28:39:
fc:ba:91:1a:ae:b6:c9:7f:9f:51:4a:32:35:49:c0:
06:a1:fc:c3:d1:56:a6:c3:db:b8:77:8e:83:27:fa:
6c:d0:00:e5:ed:f1:31:98:f3:d0:92:ba:bd:ae:68:
65:ab:70:2b:8f:5c:9e:8e:47:3d:4d:4a:c7:b2:ff:
e6:9c:5b:b8:1b:5c:0a:2a:f3:e0:12:84:d5:41:41:
57:17:e2:7e:45:a7:6b:b9:84:6c:de:1e:70:93:6c:
77:3a:e7:54:69:f9:8c:31:ac:7b:bf:7f:20:ba:5b:
37:c0:8f:74:37:fa:f9:3c:1c:f3:f2:24:c9:8c:5a:
a1:34:34:b7:0a:0e:52:43:08:1e:a5:84:03:f2:f3:
7d:6b:28:38:9e:d7:eb:99:40:b1:47:30:79:06:2e:
b4:11:b8:c6:17:9c:b2:e3:25:68:21:09:e2:e9:99:
88:07:1e:a1:6c:3f:d7:85:60:51:3b:74:2c:08:72:
06:e3:7a:72:eb:c2:ce:01:44:7a:7f:68:29:99:34:
01:ce:04:eb:6a:b2:f5:cf:92:ce:09:c8:fc:c2:82:
a8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B8:64:79:1D:B6:FF:8F:7D:92:45:12:E0:25:0A:F8:5F:CF:38:A0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RLhkeR22_499kkUS4CUK-F_POKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:b4:5d:5c:2b:32:fc:cc:8e:be:b4:f4:3b:9e:75:53:11:58:
79:72:6e:b8:23:4c:83:75:a3:b8:57:ec:00:82:fd:5b:ef:ea:
3b:25:b2:55:3e:96:20:1a:59:6c:c8:dd:bd:6c:64:76:f7:c5:
0e:d0:4d:fb:d6:72:d8:5b:da:03:c7:2d:e4:9a:31:42:3c:00:
60:91:dd:d4:ba:87:d5:a4:66:a0:d2:3d:f4:71:7c:37:37:25:
89:c3:30:98:97:8f:84:84:be:cd:7a:3d:f1:7d:8c:7b:f8:1d:
e4:94:12:fb:dc:f7:33:dd:b3:90:cc:e4:05:c5:db:bb:14:9f:
21:ce:db:50:5c:86:62:ca:fc:56:1b:7a:15:7b:97:d2:76:9c:
35:4e:aa:24:03:95:24:13:09:a4:56:d8:e8:cf:c2:3a:6f:bb:
9b:9c:9a:0a:05:d0:6a:29:3e:f2:64:50:9b:3f:8d:d8:52:85:
ef:ae:46:29:f3:55:a4:f1:61:f3:c3:4c:df:18:b8:5f:dd:30:
7a:3d:93:84:bf:1f:55:a3:5c:34:c4:10:ba:6d:21:d5:58:f2:
3a:1b:52:58:aa:81:43:14:56:e6:da:78:3c:0a:02:d3:c9:3c:
8c:9e:2f:b6:e2:33:36:02:e1:29:c1:b5:dd:6e:cd:08:8d:01:
a4:f3:71:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0a8PRYNNG4uyV/IEkF9X6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzIwMTc0OTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGI4NjQ3OTFkYjZmZjhmN2Q5MjQ1MTJlMDI1MGFmODVmY2YzOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+xHpRLYCNkijsNQnQH3uhAky9eM
OeBa6xGWHQRnkRbASUVvSVrYaX/HKDn8upEarrbJf59RSjI1ScAGofzD0Vamw9u4
d46DJ/ps0ADl7fExmPPQkrq9rmhlq3Arj1yejkc9TUrHsv/mnFu4G1wKKvPgEoTV
QUFXF+J+RadruYRs3h5wk2x3OudUafmMMax7v38guls3wI90N/r5PBzz8iTJjFqh
NDS3Cg5SQwgepYQD8vN9ayg4ntfrmUCxRzB5Bi60EbjGF5yy4yVoIQni6ZmIBx6h
bD/XhWBRO3QsCHIG43py68LOAUR6f2gpmTQBzgTrarL1z5LOCcj8woKoewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFES4ZHkdtv+PfZJFEuAlCvhfzzigMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUkxoa2VSMjJfNDk5a2tVUzRDVUstRl9QT0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkzmMA0G
CSqGSIb3DQEBCwUAA4IBAQBttF1cKzL8zI6+tPQ7nnVTEVh5cm64I0yDdaO4V+wA
gv1b7+o7JbJVPpYgGllsyN29bGR298UO0E371nLYW9oDxy3kmjFCPABgkd3UuofV
pGag0j30cXw3NyWJwzCYl4+EhL7Nej3xfYx7+B3klBL73Pcz3bOQzOQFxdu7FJ8h
zttQXIZiyvxWG3oVe5fSdpw1TqokA5UkEwmkVtjoz8I6b7ubnJoKBdBqKT7yZFCb
P43YUoXvrkYp81Wk8WHzw0zfGLhf3TB6PZOEvx9Vo1w0xBC6bSHVWPI6G1JYqoFD
FFbm2ng8CgLTyTyMni+24jM2AuEpwbXdbs0IjQGk83Gk
-----END CERTIFICATE-----
Generated at Wed Jun 18 01:47:16 2025 by rpki-client