Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/uX9qC6xijz6OwUOv2AT141LyOp8.roa
File: uX9qC6xijz6OwUOv2AT141LyOp8.roa (raw, json)
Hash identifier: QPBJNV6/LLvhSnsKbEmNwFYxDXP04ZgR9i+SWjWduh0=
Subject key identifier: B9:7F:6A:0B:AC:62:8F:3E:8E:C1:43:AF:D8:04:F5:E3:52:F2:3A:9F
Certificate issuer: /CN=18db5fcfdc18ef8421e2651f1b26c165a01d53f1
Certificate serial: 01856CB84E85B2E7907ABDC06BF53C11B8AE
Authority key identifier: 18:DB:5F:CF:DC:18:EF:84:21:E2:65:1F:1B:26:C1:65:A0:1D:53:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GNtfz9wY74Qh4mUfGybBZaAdU_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/uX9qC6xijz6OwUOv2AT141LyOp8.roa
Signing time: Sun 01 Jan 2023 09:44:55 +0000
ROA not before: Sun 01 Jan 2023 09:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56919
IP address blocks: 176.32.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:4e:85:b2:e7:90:7a:bd:c0:6b:f5:3c:11:b8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18db5fcfdc18ef8421e2651f1b26c165a01d53f1
Validity
Not Before: Jan 1 09:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b97f6a0bac628f3e8ec143afd804f5e352f23a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:45:70:4e:20:c1:0e:2c:ed:81:31:84:5b:
a0:5a:22:4e:01:d5:40:f6:00:29:50:d0:70:e8:83:
d9:be:fb:b6:ce:78:3f:02:5c:3a:df:d6:ba:4e:54:
9c:fe:3a:e6:ee:56:dc:4b:61:99:e1:52:8a:94:60:
88:ec:b2:d8:7d:9b:19:ea:b5:5d:39:b2:98:b4:a1:
db:9a:fa:4f:a4:4d:cf:8a:9c:b0:82:10:1e:f4:13:
f5:44:d4:74:d3:a1:ef:4b:85:dd:c6:83:43:1b:b7:
2b:e8:d0:89:66:1c:ae:e5:c4:0a:11:fe:4f:1c:ac:
d0:77:80:84:dd:27:ab:4e:2f:05:35:f8:92:5d:41:
f2:b1:d6:1d:ca:28:e3:38:bd:17:27:b2:98:9d:63:
30:7a:76:f3:28:93:fe:0a:dc:78:92:71:75:84:cf:
88:c4:a0:62:bb:22:6d:b4:6e:aa:87:52:60:3f:88:
2f:21:e4:00:a6:ba:89:e8:27:2b:0b:7d:b8:e4:c9:
70:76:8d:25:40:9b:69:f6:22:55:93:1f:1a:9f:7f:
9f:0f:a9:9b:21:4d:44:a2:af:7c:a1:41:bd:d4:a3:
70:cb:86:46:65:0f:ff:2c:49:68:f9:79:d6:2d:63:
6e:b6:71:b2:4f:9d:ae:8e:86:5c:42:43:91:e3:aa:
b9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7F:6A:0B:AC:62:8F:3E:8E:C1:43:AF:D8:04:F5:E3:52:F2:3A:9F
X509v3 Authority Key Identifier:
keyid:18:DB:5F:CF:DC:18:EF:84:21:E2:65:1F:1B:26:C1:65:A0:1D:53:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNtfz9wY74Qh4mUfGybBZaAdU_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/uX9qC6xijz6OwUOv2AT141LyOp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/GNtfz9wY74Qh4mUfGybBZaAdU_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.40.0/21
Signature Algorithm: sha256WithRSAEncryption
23:48:26:86:c4:a2:8c:91:5b:46:45:0d:8c:c5:80:1c:65:e9:
d1:90:9a:29:3b:7e:93:52:67:70:e9:4d:0c:26:3a:60:ee:c6:
a1:18:f4:3d:e7:55:f5:c5:dc:f4:22:25:47:aa:e1:95:12:73:
91:2d:63:6c:ee:34:20:e0:07:a3:77:59:57:a8:2d:51:a8:6a:
47:d5:25:ed:c2:93:3c:1e:fa:40:64:8c:58:76:1e:1a:3d:d1:
eb:4e:96:28:1b:91:31:7e:9f:61:cb:5d:5a:b3:f7:60:f2:f6:
ee:ba:87:71:38:44:76:f1:dc:f7:fa:57:a9:13:e1:a7:1b:d9:
f4:60:15:77:c2:70:f7:26:58:f5:c8:5e:61:6c:e7:be:6d:f0:
eb:b7:40:5e:d1:4e:8f:6f:a7:b0:6c:b4:6a:7b:11:1c:27:07:
97:bc:21:77:ba:63:1a:e2:e8:af:c6:2b:40:fd:37:3a:4d:e2:
03:a3:cc:69:b8:3c:0a:57:13:3b:6a:2b:83:ff:65:30:02:b3:
95:b7:78:79:a3:19:15:2f:23:ca:bb:85:5a:1c:b5:fb:be:af:
79:bf:34:d9:e3:ec:98:63:e0:a7:69:91:8b:b2:13:86:f1:59:
45:fa:95:81:ed:44:cd:2b:18:6a:e3:2e:a5:16:1f:f7:76:c4:
d9:9a:29:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuE6FsueQer3Aa/U8EbiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGI1ZmNmZGMxOGVmODQyMWUyNjUxZjFiMjZjMTY1YTAx
ZDUzZjEwHhcNMjMwMTAxMDk0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTdmNmEwYmFjNjI4ZjNlOGVjMTQzYWZkODA0ZjVlMzUyZjIzYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX9FcE4gwQ4s7YExhFugWiJOAdVA
9gApUNBw6IPZvvu2zng/Alw639a6TlSc/jrm7lbcS2GZ4VKKlGCI7LLYfZsZ6rVd
ObKYtKHbmvpPpE3PipywghAe9BP1RNR006HvS4XdxoNDG7cr6NCJZhyu5cQKEf5P
HKzQd4CE3SerTi8FNfiSXUHysdYdyijjOL0XJ7KYnWMwenbzKJP+Ctx4knF1hM+I
xKBiuyJttG6qh1JgP4gvIeQAprqJ6CcrC3245Mlwdo0lQJtp9iJVkx8an3+fD6mb
IU1Eoq98oUG91KNwy4ZGZQ//LElo+XnWLWNutnGyT52ujoZcQkOR46q5jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLl/agusYo8+jsFDr9gE9eNS8jqfMB8GA1UdIwQY
MBaAFBjbX8/cGO+EIeJlHxsmwWWgHVPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR050Zno5d1k3NFFoNG1VZkd5YkJaYUFkVV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82YzNjZDQtNTg5Ni00MjVlLTk1ZGIt
ZmZlZDUwYmFhMGRhLzEvdVg5cUM2eGlqejZPd1VPdjJBVDE0MUx5T3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82YzNjZDQtNTg5Ni00MjVlLTk1ZGItZmZlZDUwYmFhMGRh
LzEvR050Zno5d1k3NFFoNG1VZkd5YkJaYUFkVV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsCAoMA0G
CSqGSIb3DQEBCwUAA4IBAQAjSCaGxKKMkVtGRQ2MxYAcZenRkJopO36TUmdw6U0M
Jjpg7sahGPQ951X1xdz0IiVHquGVEnORLWNs7jQg4Aejd1lXqC1RqGpH1SXtwpM8
HvpAZIxYdh4aPdHrTpYoG5Exfp9hy11as/dg8vbuuodxOER28dz3+lepE+GnG9n0
YBV3wnD3Jlj1yF5hbOe+bfDrt0Be0U6Pb6ewbLRqexEcJweXvCF3umMa4uivxitA
/Tc6TeIDo8xpuDwKVxM7aiuD/2UwArOVt3h5oxkVLyPKu4VaHLX7vq95vzTZ4+yY
Y+CnaZGLshOG8VlF+pWB7UTNKxhq4y6lFh/3dsTZminp
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:57:44 2025 by rpki-client