Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/1OwhU6vxw7a-XFONi2MZOTb7hfs.roa
File: 1OwhU6vxw7a-XFONi2MZOTb7hfs.roa (raw, json)
Hash identifier: fqvzdm2DWIsFtYpcBiPZh0WC919pvBwS+KWncV7XNno=
Subject key identifier: D4:EC:21:53:AB:F1:C3:B6:BE:5C:53:8D:8B:63:19:39:36:FB:85:FB
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 09883406
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/1OwhU6vxw7a-XFONi2MZOTb7hfs.roa
Signing time: Sat 01 Jan 2022 04:03:18 +0000
ROA not before: Sat 01 Jan 2022 04:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 153.96.78.0/24 maxlen: 24
153.96.82.0/24 maxlen: 24
153.96.218.0/24 maxlen: 24
153.96.22.0/24 maxlen: 24
153.96.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159921158 (0x9883406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4ec2153abf1c3b6be5c538d8b63193936fb85fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:20:0f:9c:fb:d3:b6:59:7b:fe:e3:ea:9b:3d:
c5:05:07:8f:0d:2f:29:c9:c4:96:0f:0e:2e:b7:61:
70:fd:af:51:5f:d3:27:72:d7:91:4a:bb:98:ab:c9:
2f:e8:8f:7e:e7:3a:1c:ad:e8:4a:69:15:6c:4f:30:
0f:ac:5b:88:3d:02:f4:11:1a:43:33:13:d1:35:0e:
39:8b:d9:08:b2:da:3e:a9:08:37:6f:5c:03:5f:75:
db:f9:00:85:bc:ae:d5:c7:bb:a7:91:07:95:30:62:
8a:e5:bb:a4:dd:f4:80:fc:f0:fa:8b:2f:b3:34:f0:
97:d0:95:58:1c:08:d6:39:aa:ec:7b:f8:72:ac:48:
4c:79:a5:e9:d4:ff:25:30:17:46:45:bb:88:d3:47:
46:32:93:6b:e1:d9:c2:15:1e:ba:a3:28:6e:95:a2:
6c:84:dc:97:e6:7d:28:06:1e:69:56:5a:20:54:a5:
f0:cf:19:d5:f7:5c:97:3f:c6:50:8c:f1:80:fe:3c:
47:87:fb:ef:f7:66:26:25:24:ee:4c:57:17:ee:84:
85:b0:80:25:e2:1a:cb:1c:6a:33:a8:98:7d:38:16:
be:f2:68:30:be:ae:81:18:80:15:10:b4:1e:9d:b4:
03:f6:54:5f:33:5a:fb:d8:3b:52:e6:13:bf:49:17:
93:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EC:21:53:AB:F1:C3:B6:BE:5C:53:8D:8B:63:19:39:36:FB:85:FB
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/1OwhU6vxw7a-XFONi2MZOTb7hfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.22.0/24
153.96.51.0/24
153.96.78.0/24
153.96.82.0/24
153.96.218.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4a:3b:57:8a:56:67:e9:59:53:5e:79:69:c9:de:31:ad:84:
a4:d0:e4:b8:86:0d:3d:dc:e8:72:4a:d6:fd:f6:83:90:02:ff:
79:94:53:af:e7:7b:24:2e:aa:1a:18:b0:a9:a2:94:46:74:e1:
10:d3:22:b8:5b:db:85:64:71:ab:88:5d:99:1a:4e:74:53:b4:
04:fd:0e:a6:90:88:e7:72:93:c5:83:66:0c:cc:f3:8f:82:2f:
3a:1c:bf:01:a1:c3:27:9b:63:a3:45:88:fd:4b:ca:45:d3:82:
8c:3e:a0:fa:e0:2a:0e:f2:2c:ac:a6:0a:4f:ce:2d:95:9a:49:
fc:3d:c0:fe:f6:d9:88:ba:67:c1:7b:78:f0:2d:7b:62:7f:8e:
a6:f5:70:8e:26:50:d7:b7:60:79:a8:d3:ec:08:39:30:87:43:
21:00:5d:a7:8b:93:56:ba:0f:8f:27:ee:19:93:45:8d:e5:82:
bd:5b:d5:07:60:c6:f3:d5:c2:f7:33:47:d3:d8:1b:af:b9:26:
41:95:7d:8f:29:2b:b8:e8:f4:5a:46:02:27:8f:77:b2:cd:67:
6b:c1:76:b5:1a:21:95:0f:70:c6:cd:2b:6a:5a:1d:c7:d0:04:
10:5d:38:e7:82:9d:f5:7b:76:85:63:7b:07:b5:99:99:4c:6d:
63:d0:1d:90
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECYg0BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRlYzIxNTNhYmYx
YzNiNmJlNWM1MzhkOGI2MzE5MzkzNmZiODVmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQgD5z707ZZe/7j6ps9xQUHjw0vKcnElg8OLrdhcP2vUV/T
J3LXkUq7mKvJL+iPfuc6HK3oSmkVbE8wD6xbiD0C9BEaQzMT0TUOOYvZCLLaPqkI
N29cA1912/kAhbyu1ce7p5EHlTBiiuW7pN30gPzw+osvszTwl9CVWBwI1jmq7Hv4
cqxITHml6dT/JTAXRkW7iNNHRjKTa+HZwhUeuqMobpWibITcl+Z9KAYeaVZaIFSl
8M8Z1fdclz/GUIzxgP48R4f77/dmJiUk7kxXF+6EhbCAJeIayxxqM6iYfTgWvvJo
ML6ugRiAFRC0Hp20A/ZUXzNa+9g7UuYTv0kXk5MCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTU7CFTq/HDtr5cU42LYxk5NvuF+zAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
LzFPd2hVNnZ4dzdhLVhGT05pMk1aT1RiN2hmcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAJlgFgMEAJlgMwMEAJlgTgMEAJlg
UgMEAJlg2jANBgkqhkiG9w0BAQsFAAOCAQEANEo7V4pWZ+lZU155acneMa2EpNDk
uIYNPdzockrW/faDkAL/eZRTr+d7JC6qGhiwqaKURnThENMiuFvbhWRxq4hdmRpO
dFO0BP0OppCI53KTxYNmDMzzj4IvOhy/AaHDJ5tjo0WI/UvKRdOCjD6g+uAqDvIs
rKYKT84tlZpJ/D3A/vbZiLpnwXt48C17Yn+OpvVwjiZQ17dgeajT7Ag5MIdDIQBd
p4uTVroPjyfuGZNFjeWCvVvVB2DG89XC9zNH09gbr7kmQZV9jykruOj0WkYCJ493
ss1na8F2tRohlQ9wxs0ralodx9AEEF0454Kd9Xt2hWN7B7WZmUxtY9AdkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:43 2024 by rpki-client on console-ams.rpki-client.org