Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f29a52-3720-480f-80db-91d2b4890369/1/rVjfAJIpHuget1FMs4Umq5KlHKs.roa
File: rVjfAJIpHuget1FMs4Umq5KlHKs.roa (raw, json)
Hash identifier: QNWVKCqRsMz8HGrmV9mZbNNcGYnh0CClNh7wowBWnrw=
Subject key identifier: AD:58:DF:00:92:29:1E:E8:1E:B7:51:4C:B3:85:26:AB:92:A5:1C:AB
Certificate issuer: /CN=4e129fbcc7ae8f5b4019f07a3d6d2e18496b5ee4
Certificate serial: 01873271857EC631C564B0BACE2BF45750A5
Authority key identifier: 4E:12:9F:BC:C7:AE:8F:5B:40:19:F0:7A:3D:6D:2E:18:49:6B:5E:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThKfvMeuj1tAGfB6PW0uGElrXuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/f29a52-3720-480f-80db-91d2b4890369/1/rVjfAJIpHuget1FMs4Umq5KlHKs.roa
Signing time: Thu 30 Mar 2023 12:15:13 +0000
ROA not before: Thu 30 Mar 2023 12:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197829
IP address blocks: 176.12.82.0/23 maxlen: 23
176.12.80.0/21 maxlen: 21
176.12.84.0/23 maxlen: 23
176.12.80.0/22 maxlen: 22
176.12.80.0/23 maxlen: 23
176.12.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:71:85:7e:c6:31:c5:64:b0:ba:ce:2b:f4:57:50:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e129fbcc7ae8f5b4019f07a3d6d2e18496b5ee4
Validity
Not Before: Mar 30 12:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad58df0092291ee81eb7514cb38526ab92a51cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7e:82:db:1f:7f:ad:d5:f4:57:3d:58:0d:fc:
c3:75:8b:88:2e:40:9f:6f:3b:8b:fa:6c:a7:67:9b:
3a:c1:ef:30:0b:c0:e9:50:32:35:9a:b4:cf:2a:58:
30:cd:d3:27:06:45:b0:44:65:7d:66:99:c4:0c:9a:
28:1e:b9:d2:d2:d8:3e:20:c4:25:93:c2:5d:b3:a4:
43:2c:fe:36:86:34:8e:81:ba:cd:79:c6:3a:3e:e9:
d0:36:c0:de:ef:6f:d5:82:05:18:e5:0a:95:70:7e:
79:93:bc:a3:08:db:d4:e7:17:61:a7:17:9d:8e:e4:
9e:fc:49:a8:4e:46:51:95:0a:b8:d7:3e:7b:ed:3c:
c2:38:d8:d0:d4:56:6e:79:f5:67:c6:9c:0d:97:24:
95:8d:16:da:56:a9:b8:6a:98:a9:f6:df:65:d0:bf:
a2:80:d4:f3:de:2a:87:37:5d:f4:ac:33:92:0a:b0:
0f:8b:cc:77:f8:68:b1:0f:79:34:44:09:aa:d8:c7:
6f:5e:71:10:6c:41:68:e9:d8:fe:e3:12:9f:f5:20:
eb:37:a7:9a:1b:05:99:b3:1a:0c:1f:58:df:8e:f7:
c9:37:48:60:c8:5b:13:c9:31:14:2d:bd:14:25:92:
d9:00:8d:50:b0:99:43:62:fb:83:4d:a1:41:dd:f2:
8b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:58:DF:00:92:29:1E:E8:1E:B7:51:4C:B3:85:26:AB:92:A5:1C:AB
X509v3 Authority Key Identifier:
keyid:4E:12:9F:BC:C7:AE:8F:5B:40:19:F0:7A:3D:6D:2E:18:49:6B:5E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThKfvMeuj1tAGfB6PW0uGElrXuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f29a52-3720-480f-80db-91d2b4890369/1/rVjfAJIpHuget1FMs4Umq5KlHKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f29a52-3720-480f-80db-91d2b4890369/1/ThKfvMeuj1tAGfB6PW0uGElrXuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.12.80.0/21
Signature Algorithm: sha256WithRSAEncryption
38:00:c1:8e:14:04:65:49:a5:c7:41:c7:18:66:3a:a1:34:35:
b3:97:93:2a:05:47:a1:a3:b4:e0:67:1b:9a:0c:2e:fe:73:05:
65:70:e8:3d:1d:f5:ec:7a:c8:d5:3f:90:fb:23:7b:d4:53:99:
db:07:00:6f:ff:01:9c:ab:f8:4b:42:50:8f:83:ec:0f:56:8f:
77:65:2f:c0:59:d1:65:eb:22:3e:26:1c:51:4e:54:94:22:01:
8e:98:92:8c:39:93:91:67:99:93:81:00:40:77:3d:e8:ba:81:
f6:b0:72:db:02:6b:b9:5b:f3:5a:82:35:1e:61:0f:21:f8:0c:
98:f5:20:e5:57:3a:92:b6:02:c0:5f:bc:e3:92:5c:8a:5a:c7:
09:33:a6:9f:e6:ea:54:ef:63:78:b3:13:5d:1f:df:17:e1:ae:
c9:e9:6a:e1:96:57:4d:5c:6d:b1:06:c4:c2:6f:58:7f:46:b7:
fb:26:54:67:1e:95:09:4d:f2:c6:db:5e:62:03:2c:e5:b8:55:
01:c8:77:4d:f2:d0:21:4a:ab:fe:f7:f5:aa:91:44:ab:34:c6:
c3:9b:d0:70:ab:11:1a:6a:04:ae:3b:4b:45:41:e1:de:18:be:
5b:fe:eb:ec:49:e4:ff:69:71:17:91:6b:dd:0d:a5:b6:c0:a5:
72:0a:4d:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcycYV+xjHFZLC6ziv0V1ClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTI5ZmJjYzdhZThmNWI0MDE5ZjA3YTNkNmQyZTE4NDk2
YjVlZTQwHhcNMjMwMzMwMTIxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDU4ZGYwMDkyMjkxZWU4MWViNzUxNGNiMzg1MjZhYjkyYTUxY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgH6C2x9/rdX0Vz1YDfzDdYuILkCf
bzuL+mynZ5s6we8wC8DpUDI1mrTPKlgwzdMnBkWwRGV9ZpnEDJooHrnS0tg+IMQl
k8Jds6RDLP42hjSOgbrNecY6PunQNsDe72/VggUY5QqVcH55k7yjCNvU5xdhpxed
juSe/EmoTkZRlQq41z577TzCONjQ1FZuefVnxpwNlySVjRbaVqm4apip9t9l0L+i
gNTz3iqHN130rDOSCrAPi8x3+GixD3k0RAmq2MdvXnEQbEFo6dj+4xKf9SDrN6ea
GwWZsxoMH1jfjvfJN0hgyFsTyTEULb0UJZLZAI1QsJlDYvuDTaFB3fKLbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1Y3wCSKR7oHrdRTLOFJquSpRyrMB8GA1UdIwQY
MBaAFE4Sn7zHro9bQBnwej1tLhhJa17kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhLZnZNZXVqMXRBR2ZCNlBXMHVHRWxyWHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mMjlhNTItMzcyMC00ODBmLTgwZGIt
OTFkMmI0ODkwMzY5LzEvclZqZkFKSXBIdWdldDFGTXM0VW1xNUtsSEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mMjlhNTItMzcyMC00ODBmLTgwZGItOTFkMmI0ODkwMzY5
LzEvVGhLZnZNZXVqMXRBR2ZCNlBXMHVHRWxyWHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsAxQMA0G
CSqGSIb3DQEBCwUAA4IBAQA4AMGOFARlSaXHQccYZjqhNDWzl5MqBUeho7TgZxua
DC7+cwVlcOg9HfXsesjVP5D7I3vUU5nbBwBv/wGcq/hLQlCPg+wPVo93ZS/AWdFl
6yI+JhxRTlSUIgGOmJKMOZORZ5mTgQBAdz3ouoH2sHLbAmu5W/NagjUeYQ8h+AyY
9SDlVzqStgLAX7zjklyKWscJM6af5upU72N4sxNdH98X4a7J6WrhlldNXG2xBsTC
b1h/Rrf7JlRnHpUJTfLG215iAyzluFUByHdN8tAhSqv+9/WqkUSrNMbDm9BwqxEa
agSuO0tFQeHeGL5b/uvsSeT/aXEXkWvdDaW2wKVyCk3m
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:01 2025 by rpki-client