Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/aqUVwAKeQr1Foas3nZOs71ZIRhk.roa
File: aqUVwAKeQr1Foas3nZOs71ZIRhk.roa (raw, json)
Hash identifier: clSnQ4FDUprYzRY49yMk+prDTvI+WgecDrL0mu9pT9I=
Subject key identifier: 6A:A5:15:C0:02:9E:42:BD:45:A1:AB:37:9D:93:AC:EF:56:48:46:19
Certificate issuer: /CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Certificate serial: 018A1D8B90C48200859B6ED7A7BADB263B84
Authority key identifier: DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/aqUVwAKeQr1Foas3nZOs71ZIRhk.roa
Signing time: Tue 22 Aug 2023 14:00:00 +0000
ROA not before: Tue 22 Aug 2023 14:00:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201766
IP address blocks: 176.124.253.0/24 maxlen: 24
185.64.32.0/22 maxlen: 24
2a04:f7c1::/32 maxlen: 32
2a04:f7c0::/32 maxlen: 32
2a04:f7c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:8b:90:c4:82:00:85:9b:6e:d7:a7:ba:db:26:3b:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7c951348bd2e09ccaf76f57b8385f15df44e4
Validity
Not Before: Aug 22 14:00:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa515c0029e42bd45a1ab379d93acef56484619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:e3:58:76:6c:7c:63:d5:a6:da:fe:ad:59:
f8:79:42:fe:45:a0:3d:ae:f0:f9:2e:ca:93:98:ae:
13:c6:ec:51:1c:3c:f0:ba:f0:22:26:8a:19:e5:ea:
24:6e:ff:1a:29:f3:47:dd:75:fd:99:52:f2:54:56:
62:15:97:52:f7:70:2a:b5:2f:16:11:b3:f1:da:22:
c8:7c:ef:d9:0b:d2:57:5c:ae:63:fc:98:6f:b1:41:
ce:bc:97:09:e9:27:da:c3:ed:0c:11:18:59:3a:83:
27:b0:34:ac:9b:96:32:48:f4:1c:d0:a8:8c:55:a6:
b9:e4:46:d0:7e:29:4a:e7:75:28:e1:21:00:33:32:
62:88:66:b9:ca:66:af:4e:25:46:7f:05:ce:ed:0f:
32:97:4d:25:79:86:16:33:92:70:68:08:d3:c4:3a:
09:d3:99:1c:56:1b:c5:47:ef:8f:e2:cb:de:45:e4:
21:1b:90:f1:fc:f2:e1:69:db:0d:31:23:54:76:0d:
f6:c7:c3:d7:65:eb:53:87:21:9a:52:2d:d8:7c:48:
0e:b3:8a:3e:e1:89:64:8a:2e:c9:bd:59:91:ed:49:
38:0b:8f:75:af:47:e8:cf:09:ac:e4:86:bd:82:fc:
81:83:f6:c2:dc:7f:70:7f:e0:c4:fb:b2:09:1c:1e:
72:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A5:15:C0:02:9E:42:BD:45:A1:AB:37:9D:93:AC:EF:56:48:46:19
X509v3 Authority Key Identifier:
keyid:DB:D7:C9:51:34:8B:D2:E0:9C:CA:F7:6F:57:B8:38:5F:15:DF:44:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29fJUTSL0uCcyvdvV7g4XxXfROQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/aqUVwAKeQr1Foas3nZOs71ZIRhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/853c76-a398-435a-be41-7d0ac52815a6/1/29fJUTSL0uCcyvdvV7g4XxXfROQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.253.0/24
185.64.32.0/22
IPv6:
2a04:f7c0::-2a04:f7c2:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:ee:2b:0f:17:aa:b8:91:38:8c:3b:e3:80:e9:07:6e:e9:f7:
57:53:72:59:b6:25:3f:b9:97:d6:a2:d5:77:e5:82:f3:c3:26:
98:c7:cf:b7:be:fd:ed:f1:3d:3c:f7:77:8d:3f:54:7a:a8:3e:
f1:c8:f6:1d:97:55:dc:ca:6f:6c:5e:53:27:76:b2:22:f7:4f:
b0:67:81:db:c9:47:80:9f:5a:07:59:af:6a:e1:b0:fc:5d:c7:
b1:7b:9e:82:6a:10:8c:7d:f1:d9:a2:9d:df:e5:b5:b1:f1:d5:
b9:94:b7:0a:3a:ac:2b:e6:0c:a6:76:cd:9c:99:ed:be:70:48:
14:f0:ef:68:60:32:f8:6e:11:95:c7:e1:6c:bd:f2:01:e0:4d:
e3:de:b0:54:ea:e0:1f:2b:5c:ed:be:2f:e8:96:f8:54:80:3a:
ec:69:7a:6b:4d:55:71:f5:70:87:7f:40:4b:7c:a5:46:6c:e2:
6b:83:52:7d:bd:5e:11:2c:28:6f:23:b7:9b:90:7f:3f:70:73:
7b:5e:c4:cd:69:43:62:55:0a:37:ae:55:83:60:eb:44:58:90:
39:a8:47:71:3c:70:cb:54:f6:7a:37:7d:fc:67:30:df:50:c4:
4b:30:fa:ba:9c:52:42:a2:f5:69:35:75:d5:1f:3c:19:d4:89:
63:1f:9a:3d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYodi5DEggCFm27Xp7rbJjuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdjOTUxMzQ4YmQyZTA5Y2NhZjc2ZjU3YjgzODVmMTVk
ZjQ0ZTQwHhcNMjMwODIyMTQwMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE1MTVjMDAyOWU0MmJkNDVhMWFiMzc5ZDkzYWNlZjU2NDg0NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO3jWHZsfGPVptr+rVn4eUL+RaA9
rvD5LsqTmK4TxuxRHDzwuvAiJooZ5eokbv8aKfNH3XX9mVLyVFZiFZdS93AqtS8W
EbPx2iLIfO/ZC9JXXK5j/JhvsUHOvJcJ6Sfaw+0MERhZOoMnsDSsm5YySPQc0KiM
Vaa55EbQfilK53Uo4SEAMzJiiGa5ymavTiVGfwXO7Q8yl00leYYWM5JwaAjTxDoJ
05kcVhvFR++P4sveReQhG5Dx/PLhadsNMSNUdg32x8PXZetThyGaUi3YfEgOs4o+
4Ylkii7JvVmR7Uk4C491r0fozwms5Ia9gvyBg/bC3H9wf+DE+7IJHB5yrwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGqlFcACnkK9RaGrN52TrO9WSEYZMB8GA1UdIwQY
MBaAFNvXyVE0i9LgnMr3b1e4OF8V30TkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEt
N2QwYWM1MjgxNWE2LzEvYXFVVndBS2VRcjFGb2FzM25aT3M3MVpJUmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NTNjNzYtYTM5OC00MzVhLWJlNDEtN2QwYWM1MjgxNWE2
LzEvMjlmSlVUU0wwdUNjeXZkdlY3ZzRYeFhmUk9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAsHz9AwQC
uUAgMBgEAgACMBIwEAMFBioE98ADBwAqBPfCAAAwDQYJKoZIhvcNAQELBQADggEB
AJPuKw8XqriROIw744DpB27p91dTclm2JT+5l9ai1XflgvPDJpjHz7e+/e3xPTz3
d40/VHqoPvHI9h2XVdzKb2xeUyd2siL3T7BngdvJR4CfWgdZr2rhsPxdx7F7noJq
EIx98dmind/ltbHx1bmUtwo6rCvmDKZ2zZyZ7b5wSBTw72hgMvhuEZXH4Wy98gHg
TePesFTq4B8rXO2+L+iW+FSAOuxpemtNVXH1cId/QEt8pUZs4muDUn29XhEsKG8j
t5uQfz9wc3texM1pQ2JVCjeuVYNg60RYkDmoR3E8cMtU9no3ffxnMN9QxEsw+rqc
UkKi9Wk1ddUfPBnUiWMfmj0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:47 2025 by rpki-client