Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/6QAfdaSRsmsInMoMtDKKbxUTEQI.roa
File: 6QAfdaSRsmsInMoMtDKKbxUTEQI.roa (raw, json)
Hash identifier: IBBD7SfPEK+3fiIRP1RK23sj1i0EAWs1XyX+Nw5cY2g=
Subject key identifier: E9:00:1F:75:A4:91:B2:6B:08:9C:CA:0C:B4:32:8A:6F:15:13:11:02
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 098C949C
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/6QAfdaSRsmsInMoMtDKKbxUTEQI.roa
Signing time: Sat 01 Jan 2022 04:03:21 +0000
ROA not before: Sat 01 Jan 2022 04:03:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13132
IP address blocks: 153.96.252.0/24 maxlen: 24
153.96.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160208028 (0x98c949c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9001f75a491b26b089cca0cb4328a6f15131102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:77:15:db:c6:7f:58:cd:dc:7c:25:cb:95:81:
f9:30:97:0a:01:b0:ae:46:45:60:c9:0f:3b:5a:12:
6c:a1:81:93:0e:78:b0:c8:b8:54:ed:33:67:d2:7b:
27:bc:bb:53:22:72:44:7b:47:fe:27:39:bf:d1:67:
0d:6b:19:bc:1f:99:b2:e9:5b:50:30:5f:8c:e5:97:
39:1b:89:1e:41:62:08:11:8b:eb:b5:56:8e:f3:f9:
c6:1d:82:7f:97:77:9b:7c:0c:e9:1e:a4:d1:a6:b6:
b7:40:9e:b2:5f:2c:9c:34:96:f5:c9:ee:27:39:2f:
36:bd:fc:86:38:b9:ee:cf:11:71:89:1f:78:d3:67:
3a:33:61:59:cb:9d:c9:ee:f6:e4:d9:a6:c1:8a:d7:
6b:c1:41:ce:1b:af:35:be:9b:1f:18:91:91:21:33:
5d:72:9f:84:4c:02:d5:e4:75:7c:c5:93:99:7e:3a:
c5:89:ce:57:3c:d7:0d:d5:f5:43:aa:66:9e:f2:37:
7d:59:19:17:1f:57:19:ce:50:a9:f8:b7:1d:26:fe:
fa:d3:54:7e:37:c7:38:f3:4d:39:80:d1:36:a9:38:
d5:35:0b:20:a4:72:9a:55:bf:8e:aa:c2:87:0e:15:
b1:bf:3e:04:45:3b:18:b7:91:5c:3e:77:e9:ff:43:
eb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:00:1F:75:A4:91:B2:6B:08:9C:CA:0C:B4:32:8A:6F:15:13:11:02
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/6QAfdaSRsmsInMoMtDKKbxUTEQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.251.0-153.96.252.255
Signature Algorithm: sha256WithRSAEncryption
b4:75:67:7d:43:52:ba:b7:0b:ce:f4:1e:51:d0:02:88:37:3b:
0c:8a:f8:da:20:60:77:1d:80:a4:e4:cf:b4:ec:8f:53:86:1c:
1b:b1:9a:1b:b3:16:5c:67:1f:02:14:2a:a3:fe:91:a8:ca:35:
c0:fd:a7:d4:05:3a:55:c9:16:e4:d0:7e:7e:56:35:bb:88:16:
76:05:26:a8:e9:13:9a:8b:14:dc:1b:30:53:e3:4b:1d:f7:25:
d1:aa:a9:a6:e7:08:cc:e0:79:a2:97:0f:de:d3:e1:8b:2e:82:
cf:0f:99:37:bc:29:65:bd:04:9b:48:2f:92:97:5b:8c:55:7d:
c6:20:59:7b:63:36:ad:c2:44:a5:15:2a:8f:97:16:a8:3f:aa:
17:e6:69:9f:2a:b9:b8:ec:22:92:f9:28:da:db:80:f5:26:37:
d7:13:69:41:63:b2:7b:e3:e3:14:59:cc:4d:c9:1a:f4:5e:40:
8a:9e:80:0e:45:30:b1:1a:02:51:9b:be:f5:90:74:1f:ee:c0:
bb:65:57:89:c9:2c:3f:bb:f4:b1:f1:15:34:52:2d:33:bc:55:
6f:20:3c:37:52:8c:a5:12:c4:fc:c4:e8:f8:b6:3b:cf:ec:d1:
47:fa:82:08:9f:88:36:aa:47:9e:c7:7d:94:95:91:08:db:0b:
ae:c4:31:f0
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECYyUnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTkwMDFmNzVhNDkx
YjI2YjA4OWNjYTBjYjQzMjhhNmYxNTEzMTEwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALl3FdvGf1jN3Hwly5WB+TCXCgGwrkZFYMkPO1oSbKGBkw54
sMi4VO0zZ9J7J7y7UyJyRHtH/ic5v9FnDWsZvB+ZsulbUDBfjOWXORuJHkFiCBGL
67VWjvP5xh2Cf5d3m3wM6R6k0aa2t0Cesl8snDSW9cnuJzkvNr38hji57s8RcYkf
eNNnOjNhWcudye725NmmwYrXa8FBzhuvNb6bHxiRkSEzXXKfhEwC1eR1fMWTmX46
xYnOVzzXDdX1Q6pmnvI3fVkZFx9XGc5Qqfi3HSb++tNUfjfHOPNNOYDRNqk41TUL
IKRymlW/jqrChw4Vsb8+BEU7GLeRXD536f9D61ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTpAB91pJGyawicygy0MopvFRMRAjAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
LzZRQWZkYVNSc21zSW5Nb010REtLYnhVVEVRSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAmWD7AwQAmWD8MA0GCSqGSIb3
DQEBCwUAA4IBAQC0dWd9Q1K6twvO9B5R0AKINzsMivjaIGB3HYCk5M+07I9Thhwb
sZobsxZcZx8CFCqj/pGoyjXA/afUBTpVyRbk0H5+VjW7iBZ2BSao6ROaixTcGzBT
40sd9yXRqqmm5wjM4Hmilw/e0+GLLoLPD5k3vCllvQSbSC+Sl1uMVX3GIFl7Yzat
wkSlFSqPlxaoP6oX5mmfKrm47CKS+Sja24D1JjfXE2lBY7J74+MUWcxNyRr0XkCK
noAORTCxGgJRm771kHQf7sC7ZVeJySw/u/Sx8RU0Ui0zvFVvIDw3UoylEsT8xOj4
tjvP7NFH+oIIn4g2qkeex32UlZEI2wuuxDHw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:07 2025 by rpki-client