Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/K5m2-N-vRItO43igfdj0wQOtsOg.roa
File: K5m2-N-vRItO43igfdj0wQOtsOg.roa (raw, json)
Hash identifier: tG9oNrANR7DSj4rhNTja5KoDUsTj14aUE1i3DjMTqc4=
Subject key identifier: 2B:99:B6:F8:DF:AF:44:8B:4E:E3:78:A0:7D:D8:F4:C1:03:AD:B0:E8
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01893A1B8A64EF25D1A3F737D3A4B570BCBC
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/K5m2-N-vRItO43igfdj0wQOtsOg.roa
Signing time: Sun 09 Jul 2023 10:03:50 +0000
ROA not before: Sun 09 Jul 2023 10:03:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211421
IP address blocks: 62.60.180.0/22 maxlen: 24
62.60.192.0/22 maxlen: 24
62.60.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:1b:8a:64:ef:25:d1:a3:f7:37:d3:a4:b5:70:bc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jul 9 10:03:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b99b6f8dfaf448b4ee378a07dd8f4c103adb0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8c:08:92:c0:fc:10:b9:62:24:cb:ca:18:de:
fc:e4:f7:df:80:81:9a:50:83:74:a5:25:51:4d:d2:
ab:f9:0d:a7:e6:0e:ed:be:dc:58:3a:6f:39:ca:8c:
81:ad:cf:47:c5:5a:30:6b:02:09:fd:fa:9e:ad:4e:
d9:fe:0e:20:79:95:43:4e:f1:59:0c:31:d8:b8:83:
46:eb:bc:e9:1b:7f:8a:55:22:67:28:6a:09:b2:da:
2e:37:42:4b:c2:c6:71:1d:5c:40:4c:46:a6:dc:77:
96:3b:43:5e:4a:f5:7c:39:e9:54:2a:47:a0:44:af:
33:57:95:b5:be:f8:b2:69:c2:22:b1:10:a1:1a:7d:
15:d1:2d:1f:b5:f5:ac:09:cc:49:23:0c:7f:52:76:
91:c2:f8:0f:5a:58:3c:e5:58:e1:fc:6e:b7:4b:fa:
8d:e9:60:fd:d4:0d:11:ff:8b:38:17:94:17:a0:6c:
62:2d:33:62:e0:79:0b:fc:c3:e6:44:86:f6:6c:b7:
50:50:bd:5a:45:44:76:14:00:18:14:61:0c:d0:01:
a3:59:7e:0b:c7:29:bb:7b:b7:1e:6e:15:3b:65:c3:
13:a9:f1:54:88:1d:ef:42:8b:d8:67:47:93:ab:ee:
cb:cf:31:5a:96:3b:2b:0e:68:c2:f3:b7:68:44:fc:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:99:B6:F8:DF:AF:44:8B:4E:E3:78:A0:7D:D8:F4:C1:03:AD:B0:E8
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/K5m2-N-vRItO43igfdj0wQOtsOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.180.0/22
62.60.192.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:2b:1b:e5:f9:43:c8:a7:81:85:58:af:93:5f:9b:1b:63:e1:
e9:fe:23:88:7e:06:eb:f1:9a:d2:c0:ee:f1:70:2f:7d:9b:e7:
e9:67:1c:39:6b:9e:04:36:ae:36:c0:4f:26:36:13:4b:d4:54:
f5:0e:56:9c:37:34:4d:18:d7:f2:88:c7:4f:c2:35:38:1f:a0:
8d:9d:b1:b9:d5:82:b5:f0:76:f8:0a:a3:4d:50:ab:95:45:6f:
62:ae:b3:0f:eb:39:b7:5f:dc:b0:7a:34:1c:f2:d3:b0:5d:ed:
c1:ab:a3:24:87:39:52:44:22:00:70:87:6f:c7:f9:3a:a3:cb:
1d:14:b0:ed:84:6e:8f:5a:dd:7a:a8:a8:9d:78:04:5e:14:ef:
98:bd:75:92:88:e5:58:8f:14:3a:3f:8d:89:f5:bd:f6:ac:45:
42:10:67:6b:63:8c:d5:80:b5:97:a1:20:fe:8d:0c:01:b6:55:
70:e9:55:21:fb:0c:10:5c:ab:cf:96:15:91:cd:e4:d7:81:8f:
0e:dc:3a:8a:8f:b7:ad:f3:de:85:6a:17:d0:80:6a:b6:24:0c:
4c:f4:d4:a0:45:1a:19:74:b8:1d:3c:9a:92:6f:96:ac:68:1b:
5e:b4:d8:7c:bc:6e:c1:31:13:e7:6d:e8:c5:af:00:83:f8:39:
0f:ca:50:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYk6G4pk7yXRo/c306S1cLy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwNzA5MTAwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk5YjZmOGRmYWY0NDhiNGVlMzc4YTA3ZGQ4ZjRjMTAzYWRiMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4wIksD8ELliJMvKGN785PffgIGa
UIN0pSVRTdKr+Q2n5g7tvtxYOm85yoyBrc9HxVowawIJ/fqerU7Z/g4geZVDTvFZ
DDHYuING67zpG3+KVSJnKGoJstouN0JLwsZxHVxATEam3HeWO0NeSvV8OelUKkeg
RK8zV5W1vviyacIisRChGn0V0S0ftfWsCcxJIwx/UnaRwvgPWlg85Vjh/G63S/qN
6WD91A0R/4s4F5QXoGxiLTNi4HkL/MPmRIb2bLdQUL1aRUR2FAAYFGEM0AGjWX4L
xym7e7cebhU7ZcMTqfFUiB3vQovYZ0eTq+7LzzFaljsrDmjC87doRPzcEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCuZtvjfr0SLTuN4oH3Y9MEDrbDoMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSzVtMi1OLXZSSXRPNDNpZ2ZkajB3UU90c09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPjy0AwQD
PjzAMA0GCSqGSIb3DQEBCwUAA4IBAQCmKxvl+UPIp4GFWK+TX5sbY+Hp/iOIfgbr
8ZrSwO7xcC99m+fpZxw5a54ENq42wE8mNhNL1FT1DlacNzRNGNfyiMdPwjU4H6CN
nbG51YK18Hb4CqNNUKuVRW9irrMP6zm3X9ywejQc8tOwXe3Bq6MkhzlSRCIAcIdv
x/k6o8sdFLDthG6PWt16qKideAReFO+YvXWSiOVYjxQ6P42J9b32rEVCEGdrY4zV
gLWXoSD+jQwBtlVw6VUh+wwQXKvPlhWRzeTXgY8O3DqKj7et896FahfQgGq2JAxM
9NSgRRoZdLgdPJqSb5asaBtetNh8vG7BMRPnbejFrwCD+DkPylBh
-----END CERTIFICATE-----
Generated at Mon May 12 07:13:00 2025 by rpki-client