Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/kYqfKcFf1S6Av5l9zN35HCA4Spg.roa
File: kYqfKcFf1S6Av5l9zN35HCA4Spg.roa (raw, json)
Hash identifier: 6YLy/qJC3bOXtE/AEf3RBH+9kgU2kEQYQhTOHhRkHqs=
Subject key identifier: 91:8A:9F:29:C1:5F:D5:2E:80:BF:99:7D:CC:DD:F9:1C:20:38:4A:98
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0AAEB78B
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/kYqfKcFf1S6Av5l9zN35HCA4Spg.roa
Signing time: Sat 01 Jan 2022 12:00:23 +0000
ROA not before: Sat 01 Jan 2022 12:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51540
IP address blocks: 176.43.129.0/24 maxlen: 24
176.43.128.0/24 maxlen: 24
176.43.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179222411 (0xaaeb78b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 12:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=918a9f29c15fd52e80bf997dccddf91c20384a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:a4:f6:21:be:ad:c4:e3:77:67:36:d5:72:
21:42:7a:e2:26:ab:db:cf:20:3c:cc:ad:24:62:cb:
48:d6:c9:ee:00:b1:84:56:93:fd:be:93:1b:f6:a0:
3a:ef:bf:65:48:46:5c:ee:a6:f4:41:7b:af:7c:ba:
2b:66:f4:ee:cc:97:78:c9:9d:62:b3:25:1d:c7:1e:
29:f9:9f:31:1b:62:11:52:a2:e6:a4:de:f2:61:ef:
ab:2d:bd:a9:7c:30:6f:8b:98:8e:4f:70:2d:c0:76:
c9:fc:99:bc:1c:72:7b:c3:6f:a9:7c:37:71:6f:33:
f2:24:13:a8:d2:2a:71:7b:f5:0f:f9:50:53:94:70:
ab:8a:df:ac:75:b9:91:18:6d:fb:25:e9:04:d9:d8:
62:ea:f6:7f:50:84:fc:41:23:d0:40:7f:f1:00:d3:
a6:2f:d6:ba:46:75:aa:a8:5b:dc:51:8f:4c:26:d3:
82:0b:f5:69:db:76:16:a5:61:1c:4e:0f:d9:0e:16:
77:d5:a2:d3:d6:0d:1b:b7:38:60:df:c4:a2:ad:fc:
76:18:38:43:ce:f5:8e:44:84:f8:4b:c8:bf:76:64:
de:26:e7:30:f8:a3:ed:06:23:9e:4b:e2:93:08:d5:
5c:d9:4b:1d:b6:58:b5:d1:84:ac:84:c4:0a:23:4c:
37:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8A:9F:29:C1:5F:D5:2E:80:BF:99:7D:CC:DD:F9:1C:20:38:4A:98
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/kYqfKcFf1S6Av5l9zN35HCA4Spg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.43.128.0-176.43.130.255
Signature Algorithm: sha256WithRSAEncryption
71:bf:ac:0e:b6:72:03:f9:84:43:c3:b5:9c:4e:80:cd:3d:95:
a5:fd:3c:d0:81:9a:af:c9:2f:21:38:b6:c9:50:1f:8b:f1:cb:
04:c2:90:57:e7:68:ac:ce:f5:fd:73:20:d2:8f:12:dc:3f:81:
45:f3:6d:b6:3b:e9:47:05:28:93:fa:2f:eb:71:b7:81:9e:5d:
56:f5:3a:80:58:94:a8:66:79:c4:4d:c7:d8:e2:51:26:29:93:
6c:76:33:08:c5:9c:fc:98:99:19:22:39:c2:68:73:30:fc:c6:
7b:31:c8:30:64:39:08:a8:57:02:35:bf:f0:26:90:dc:da:55:
62:f5:9b:57:5e:7e:e0:b5:63:5d:36:75:b9:cc:18:99:00:b0:
29:ed:ee:41:c8:fe:0e:53:24:ea:31:75:ba:af:d1:26:c3:81:
ce:73:42:7a:80:84:d3:8e:6b:7e:d5:21:49:38:9b:f1:d1:99:
63:cb:1c:9e:9e:f9:46:bf:ea:87:63:b8:6a:8d:b0:2c:a0:b3:
04:83:74:98:35:70:9f:24:58:e2:8d:fb:e5:05:86:f3:2d:8c:
a4:7a:7c:aa:fd:e8:a1:cc:75:25:fe:20:70:c0:2d:71:e8:ec:
43:71:27:1b:be:57:a5:ce:79:85:81:1a:6a:8e:17:8f:2d:a0:
11:45:7a:7e
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECq63izANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE4YTlmMjljMTVm
ZDUyZTgwYmY5OTdkY2NkZGY5MWMyMDM4NGE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFEpPYhvq3E43dnNtVyIUJ64iar288gPMytJGLLSNbJ7gCx
hFaT/b6TG/agOu+/ZUhGXO6m9EF7r3y6K2b07syXeMmdYrMlHcceKfmfMRtiEVKi
5qTe8mHvqy29qXwwb4uYjk9wLcB2yfyZvBxye8NvqXw3cW8z8iQTqNIqcXv1D/lQ
U5Rwq4rfrHW5kRht+yXpBNnYYur2f1CE/EEj0EB/8QDTpi/WukZ1qqhb3FGPTCbT
ggv1adt2FqVhHE4P2Q4Wd9Wi09YNG7c4YN/Eoq38dhg4Q871jkSE+EvIv3Zk3ibn
MPij7QYjnkvikwjVXNlLHbZYtdGErITECiNMN4ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSRip8pwV/VLoC/mX3M3fkcIDhKmDAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L2tZcWZLY0ZmMVM2QXY1bDl6TjM1SENBNFNwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQHsCuAAwQAsCuCMA0GCSqGSIb3
DQEBCwUAA4IBAQBxv6wOtnID+YRDw7WcToDNPZWl/TzQgZqvyS8hOLbJUB+L8csE
wpBX52iszvX9cyDSjxLcP4FF8222O+lHBSiT+i/rcbeBnl1W9TqAWJSoZnnETcfY
4lEmKZNsdjMIxZz8mJkZIjnCaHMw/MZ7McgwZDkIqFcCNb/wJpDc2lVi9ZtXXn7g
tWNdNnW5zBiZALAp7e5ByP4OUyTqMXW6r9Emw4HOc0J6gITTjmt+1SFJOJvx0Zlj
yxyenvlGv+qHY7hqjbAsoLMEg3SYNXCfJFjijfvlBYbzLYykenyq/eihzHUl/iBw
wC1x6OxDcScbvlelznmFgRpqjhePLaARRXp+
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:50:19 2025 by rpki-client