Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/_X78cjo7XiMShuDbAeviph4ph1k.roa
File: _X78cjo7XiMShuDbAeviph4ph1k.roa (raw, json)
Hash identifier: 8roCaL35LFHfzUAATqdY32z/y6fPCq12pf6nQv9e8Aw=
Subject key identifier: FD:7E:FC:72:3A:3B:5E:23:12:86:E0:DB:01:EB:E2:A6:1E:29:87:59
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018C339881AEC59F64CBA36263E81AE1D687
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/_X78cjo7XiMShuDbAeviph4ph1k.roa
Signing time: Mon 04 Dec 2023 06:51:21 +0000
ROA not before: Mon 04 Dec 2023 06:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 62.72.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:33:98:81:ae:c5:9f:64:cb:a3:62:63:e8:1a:e1:d6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Dec 4 06:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd7efc723a3b5e231286e0db01ebe2a61e298759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fa:f1:24:55:c7:79:84:fc:c9:0b:9c:b1:1a:
67:dc:dc:b3:4c:73:7d:6b:74:cf:50:31:fb:b3:bc:
33:95:b9:cc:25:3f:78:aa:5b:04:b9:b4:69:f9:b7:
f4:ad:e5:4c:57:2b:09:49:a1:d6:88:cd:20:af:2f:
83:4c:8f:b6:70:35:98:97:77:88:61:b2:8f:bb:45:
82:85:45:48:a5:34:a4:23:66:ec:4a:09:2a:87:2f:
fb:32:20:9f:6a:6b:b2:67:d7:c4:af:e4:de:19:5c:
43:21:5f:55:40:2c:40:25:f7:84:42:fd:54:d5:a7:
53:c9:75:e1:e3:75:4f:60:be:a4:23:45:83:ae:c3:
af:61:af:f6:9e:95:d4:2b:ce:9f:f2:b2:90:13:c4:
f1:25:18:88:3a:cd:bc:64:e7:4b:89:01:b9:ee:44:
5e:5b:71:04:3e:18:79:05:10:fe:b9:06:48:57:fc:
39:6e:42:90:df:aa:15:9f:1a:09:b1:88:f8:4c:bc:
c5:e7:90:90:c1:39:ae:25:98:bb:95:c2:20:d2:ff:
29:bc:a3:b6:f2:8b:07:bc:71:2b:01:98:ba:15:ce:
d0:d8:fa:83:e6:f8:ee:57:ed:13:83:1c:a7:3b:08:
5c:54:ed:ea:26:04:24:71:7f:48:a6:ab:ff:25:ad:
1b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7E:FC:72:3A:3B:5E:23:12:86:E0:DB:01:EB:E2:A6:1E:29:87:59
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/_X78cjo7XiMShuDbAeviph4ph1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.182.0/24
Signature Algorithm: sha256WithRSAEncryption
24:16:ec:89:50:49:5c:aa:e3:ec:a0:89:ba:72:83:9e:36:86:
2a:7b:68:b9:19:2c:54:24:c1:ec:9f:48:63:30:7e:8e:b3:66:
53:b5:ca:93:29:09:4e:2f:ee:69:67:c9:3f:2b:9c:2e:01:64:
23:f9:82:f8:1e:e9:e3:ad:0b:fd:45:15:3b:40:35:78:9d:63:
c3:ed:f8:b0:f1:88:e8:25:0b:18:23:00:90:5b:95:dc:d7:df:
01:b9:2f:bf:55:11:b4:64:61:36:f9:b4:8d:8a:5f:04:b2:e7:
72:34:99:ba:b6:b9:5a:86:81:33:a1:1d:0f:04:43:de:4a:c1:
39:b7:c6:a0:a0:8d:a1:29:d1:a5:59:0b:8d:ec:26:40:95:e0:
a0:34:a0:d3:07:77:4d:26:0d:47:85:1c:2f:2d:88:f2:12:6c:
6d:cc:ce:ef:e3:89:b3:d2:1b:da:04:19:30:d2:9f:42:dd:ed:
fe:40:92:89:1c:bf:53:ec:8d:6e:e8:44:fb:80:f8:3f:2a:52:
97:46:60:6d:c7:ab:75:72:04:4f:74:4e:f6:0a:6b:77:b4:68:
be:88:c0:8f:86:a4:ce:13:86:84:f0:7c:27:f0:88:32:a3:6b:
99:31:83:dc:2f:ff:c0:5e:3e:07:ff:df:c2:6f:b1:f1:b7:f3:
b2:61:e8:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwzmIGuxZ9ky6NiY+ga4daHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMjA0MDY1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdlZmM3MjNhM2I1ZTIzMTI4NmUwZGIwMWViZTJhNjFlMjk4NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfrxJFXHeYT8yQucsRpn3NyzTHN9
a3TPUDH7s7wzlbnMJT94qlsEubRp+bf0reVMVysJSaHWiM0gry+DTI+2cDWYl3eI
YbKPu0WChUVIpTSkI2bsSgkqhy/7MiCfamuyZ9fEr+TeGVxDIV9VQCxAJfeEQv1U
1adTyXXh43VPYL6kI0WDrsOvYa/2npXUK86f8rKQE8TxJRiIOs28ZOdLiQG57kRe
W3EEPhh5BRD+uQZIV/w5bkKQ36oVnxoJsYj4TLzF55CQwTmuJZi7lcIg0v8pvKO2
8osHvHErAZi6Fc7Q2PqD5vjuV+0TgxynOwhcVO3qJgQkcX9Ipqv/Ja0bVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1+/HI6O14jEobg2wHr4qYeKYdZMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvX1g3OGNqbzdYaU1TaHVEYkFldmlwaDRwaDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPki2MA0G
CSqGSIb3DQEBCwUAA4IBAQAkFuyJUElcquPsoIm6coOeNoYqe2i5GSxUJMHsn0hj
MH6Os2ZTtcqTKQlOL+5pZ8k/K5wuAWQj+YL4HunjrQv9RRU7QDV4nWPD7fiw8Yjo
JQsYIwCQW5Xc198BuS+/VRG0ZGE2+bSNil8EsudyNJm6trlahoEzoR0PBEPeSsE5
t8agoI2hKdGlWQuN7CZAleCgNKDTB3dNJg1HhRwvLYjyEmxtzM7v44mz0hvaBBkw
0p9C3e3+QJKJHL9T7I1u6ET7gPg/KlKXRmBtx6t1cgRPdE72Cmt3tGi+iMCPhqTO
E4aE8Hwn8Igyo2uZMYPcL//AXj4H/9/Cb7Hxt/OyYegl
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:37:21 2025 by rpki-client