Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/H55bITgCWf-1syAngmPH-Xg1Wpk.roa
File: H55bITgCWf-1syAngmPH-Xg1Wpk.roa (raw, json)
Hash identifier: wmwgRnG4N4+MQ2QCtMh1CaaUJ4sQaliHV7y10Mm6C2o=
Subject key identifier: 1F:9E:5B:21:38:02:59:FF:B5:B3:20:27:82:63:C7:F9:78:35:5A:99
Certificate issuer: /CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Certificate serial: 031EA212
Authority key identifier: 05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/H55bITgCWf-1syAngmPH-Xg1Wpk.roa
Signing time: Sat 01 Jan 2022 08:03:51 +0000
ROA not before: Sat 01 Jan 2022 08:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 128.127.169.0/24 maxlen: 24
128.127.170.0/24 maxlen: 24
128.127.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52339218 (0x31ea212)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050b1e38c704bd08e3b9d17f590367b1d1f03c4a
Validity
Not Before: Jan 1 08:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f9e5b21380259ffb5b320278263c7f978355a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:7c:17:09:e2:2e:c1:3f:5c:b5:fc:fe:04:
07:3a:63:84:4a:40:db:cb:00:71:e5:68:5b:92:a7:
64:2a:85:49:df:41:3d:57:f2:3a:c2:08:e9:40:8e:
c1:39:1a:b2:c6:17:e7:ef:95:4a:44:9e:71:6a:1b:
b4:7a:4c:76:53:b6:33:85:47:fe:5f:23:ae:1b:f6:
34:2e:44:a8:17:81:65:01:ae:ec:21:3d:86:21:89:
45:03:5a:4a:58:a9:b3:b2:6b:e5:56:81:6c:49:26:
c4:9d:b1:84:1a:50:1a:16:49:59:8d:2a:02:e3:8d:
d8:19:b6:c3:41:d6:1b:d9:41:95:a4:36:1e:eb:a3:
f3:ea:f6:0e:a6:70:e0:9e:a5:a3:fd:c3:19:52:51:
57:9d:ca:66:36:5f:94:23:e9:f2:62:29:40:b1:09:
3b:b4:43:6b:7a:50:77:11:5d:1e:57:03:fa:75:c2:
8a:eb:fd:8c:12:90:d1:02:47:55:60:33:52:27:57:
60:69:97:9b:18:4d:f0:e4:fd:f2:d1:e3:89:cf:1d:
aa:c8:f6:ae:5c:d4:9d:2a:53:03:cb:d6:b1:68:f9:
21:b4:34:8b:38:6c:9b:20:79:18:cf:27:16:5e:fc:
49:44:01:b1:15:28:12:48:48:36:2d:eb:36:b2:f2:
ad:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9E:5B:21:38:02:59:FF:B5:B3:20:27:82:63:C7:F9:78:35:5A:99
X509v3 Authority Key Identifier:
keyid:05:0B:1E:38:C7:04:BD:08:E3:B9:D1:7F:59:03:67:B1:D1:F0:3C:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQseOMcEvQjjudF_WQNnsdHwPEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/H55bITgCWf-1syAngmPH-Xg1Wpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/3cc9b4-1eff-48c9-b2f6-a01e9e6dcbf2/1/BQseOMcEvQjjudF_WQNnsdHwPEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.168.0-128.127.170.255
Signature Algorithm: sha256WithRSAEncryption
4f:cc:ef:92:d9:f2:5c:50:a5:aa:26:b0:fa:91:fc:7d:49:42:
12:c7:a7:db:39:16:79:b4:ba:94:33:d5:33:e3:64:e3:25:5c:
15:92:7e:8c:fa:ce:21:05:68:bf:68:d8:da:1c:92:7f:57:98:
56:d6:a4:f0:34:a5:de:a4:ba:c4:96:cb:a8:03:45:60:3a:9a:
a0:72:26:1e:9c:71:b9:a0:ae:7c:12:4b:0b:ba:f1:aa:93:ca:
12:cd:6b:00:ba:0a:e0:8a:9c:94:21:16:09:e0:1a:3c:c4:9a:
6c:08:cf:e7:3a:c2:68:d8:98:88:8f:29:6a:ca:dd:bb:c0:6a:
0c:64:0c:28:50:96:05:bc:2f:31:ed:37:a1:d5:4e:d0:65:cf:
70:a3:ad:61:68:c6:e6:5f:62:f0:4c:cb:5c:b6:1a:be:f2:09:
92:67:a6:d1:78:78:7e:1c:1e:7f:64:a4:6f:b9:98:49:ff:a2:
55:6d:41:95:2b:9a:92:71:59:2e:7e:4c:f7:6e:af:a6:29:a0:
3c:4e:20:dc:ab:e3:13:01:b1:b2:55:87:3a:6a:6e:bd:34:3b:
f7:8b:ce:da:4f:d6:c2:6f:39:90:27:0b:74:16:bc:70:ce:a9:
ca:6c:1b:a1:0e:d1:57:8b:3e:f1:a1:8c:4a:85:f4:cc:7d:29:
86:54:f9:59
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAx6iEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTBiMWUzOGM3MDRiZDA4ZTNiOWQxN2Y1OTAzNjdiMWQxZjAzYzRhMB4XDTIyMDEw
MTA4MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY5ZTViMjEzODAy
NTlmZmI1YjMyMDI3ODI2M2M3Zjk3ODM1NWE5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1+fBcJ4i7BP1y1/P4EBzpjhEpA28sAceVoW5KnZCqFSd9B
PVfyOsII6UCOwTkassYX5++VSkSecWobtHpMdlO2M4VH/l8jrhv2NC5EqBeBZQGu
7CE9hiGJRQNaSlips7Jr5VaBbEkmxJ2xhBpQGhZJWY0qAuON2Bm2w0HWG9lBlaQ2
Huuj8+r2DqZw4J6lo/3DGVJRV53KZjZflCPp8mIpQLEJO7RDa3pQdxFdHlcD+nXC
iuv9jBKQ0QJHVWAzUidXYGmXmxhN8OT98tHjic8dqsj2rlzUnSpTA8vWsWj5IbQ0
izhsmyB5GM8nFl78SUQBsRUoEkhINi3rNrLyracCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQfnlshOAJZ/7WzICeCY8f5eDVamTAfBgNVHSMEGDAWgBQFCx44xwS9COO5
0X9ZA2ex0fA8SjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JRc2VPTWNFdlFqanVkRl9XUU5uc2RId1BFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvM2NjOWI0LTFlZmYtNDhjOS1iMmY2LWEwMWU5ZTZkY2JmMi8x
L0g1NWJJVGdDV2YtMXN5QW5nbVBILVhnMVdway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
M2NjOWI0LTFlZmYtNDhjOS1iMmY2LWEwMWU5ZTZkY2JmMi8xL0JRc2VPTWNFdlFq
anVkRl9XUU5uc2RId1BFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDgH+oAwQAgH+qMA0GCSqGSIb3
DQEBCwUAA4IBAQBPzO+S2fJcUKWqJrD6kfx9SUISx6fbORZ5tLqUM9Uz42TjJVwV
kn6M+s4hBWi/aNjaHJJ/V5hW1qTwNKXepLrElsuoA0VgOpqgciYenHG5oK58EksL
uvGqk8oSzWsAugrgipyUIRYJ4Bo8xJpsCM/nOsJo2JiIjylqyt27wGoMZAwoUJYF
vC8x7Teh1U7QZc9wo61haMbmX2LwTMtcthq+8gmSZ6bReHh+HB5/ZKRvuZhJ/6JV
bUGVK5qScVkufkz3bq+mKaA8TiDcq+MTAbGyVYc6am69NDv3i87aT9bCbzmQJwt0
FrxwzqnKbBuhDtFXiz7xoYxKhfTMfSmGVPlZ
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:56:00 2025 by rpki-client