Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/_AQmINB-58BBnN7FiicYcNdstp0.roa
File: _AQmINB-58BBnN7FiicYcNdstp0.roa (raw, json)
Hash identifier: gSYGLiI54s6PgAHnRsKGYH2LHfEBA7Q94UgNyoQFS2o=
Subject key identifier: FC:04:26:20:D0:7E:E7:C0:41:9C:DE:C5:8A:27:18:70:D7:6C:B6:9D
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 0990304E
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/_AQmINB-58BBnN7FiicYcNdstp0.roa
Signing time: Sat 01 Jan 2022 04:03:24 +0000
ROA not before: Sat 01 Jan 2022 04:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47610
IP address blocks: 192.44.11.0/24 maxlen: 24
192.102.148.0/24 maxlen: 24
153.96.180.0/24 maxlen: 24
153.96.208.0/23 maxlen: 23
129.233.212.0/24 maxlen: 24
129.233.213.0/24 maxlen: 24
2a03:db80:2c10::/48 maxlen: 48
2a03:db80:2c14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160444494 (0x990304e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc042620d07ee7c0419cdec58a271870d76cb69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:b2:ba:70:a2:f1:73:f1:59:06:28:48:bb:
70:9c:0d:1d:79:d2:69:54:bb:77:18:af:9f:bf:0d:
1f:28:ad:7c:06:1d:12:f1:9c:17:ee:c6:c4:a0:0d:
e1:e5:a2:51:ff:81:03:fc:e2:ab:e3:f9:20:95:c3:
ae:b1:90:ae:db:4e:1a:91:da:b5:19:85:cc:97:32:
46:19:f8:36:7b:30:91:9b:8b:e8:f7:67:e5:17:9b:
db:f4:25:75:86:5a:15:c3:15:58:7c:3b:a9:ed:b1:
a7:11:96:c1:18:a3:06:a9:98:bb:fb:6d:3e:10:9f:
e9:66:d1:c5:6a:cf:51:53:75:d6:13:5a:40:51:64:
18:c1:8f:9c:76:05:c4:84:9b:9f:ea:c4:a8:c2:2d:
ed:ae:22:98:c6:db:6e:b9:b7:c4:b8:a7:db:95:0d:
42:6b:aa:fa:c7:2c:55:4f:f5:d5:a4:a4:06:a2:4c:
10:02:47:fe:84:91:99:08:5b:b4:0e:1f:e0:cc:61:
0a:78:ec:19:53:93:c2:aa:5d:06:26:51:4c:a8:f7:
15:a8:e8:c1:ff:3c:b3:06:bc:68:95:14:4b:1e:94:
9f:eb:90:3e:22:29:08:e7:81:67:d0:9d:42:75:49:
a8:75:67:72:b0:3a:f0:65:e2:f1:27:f1:e6:21:cd:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:04:26:20:D0:7E:E7:C0:41:9C:DE:C5:8A:27:18:70:D7:6C:B6:9D
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/_AQmINB-58BBnN7FiicYcNdstp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.212.0/23
153.96.180.0/24
153.96.208.0/23
192.44.11.0/24
192.102.148.0/24
IPv6:
2a03:db80:2c10::/48
2a03:db80:2c14::/48
Signature Algorithm: sha256WithRSAEncryption
72:9f:33:6c:06:0d:e7:19:8b:a3:ec:7b:98:8b:84:43:f4:f1:
ae:84:5e:8d:59:0d:17:8f:91:28:7d:f6:ca:0d:84:d1:15:d7:
d1:3b:3b:b1:77:83:ff:ac:16:32:d0:66:3c:2f:a7:90:10:34:
a5:39:d7:66:22:70:a8:5f:4d:20:7a:2f:f0:32:fb:1b:2b:92:
9d:51:c8:03:ee:66:dd:9b:62:a9:81:3a:f4:4b:c2:25:ba:7a:
d2:9e:5f:23:0b:f4:d0:72:0f:59:3b:b0:4f:a3:6b:ab:27:12:
a3:a8:34:d3:8a:5d:f7:e8:5f:13:bd:86:07:c5:26:e2:47:2d:
6d:c3:c9:e4:a8:44:9f:0d:52:f5:3b:01:b9:e0:28:41:2f:c9:
85:5d:b3:12:04:e1:e3:45:21:3c:f9:f7:93:5d:37:fe:ac:c2:
2c:9a:82:66:9f:f2:15:20:88:8f:4f:28:35:1a:da:4d:96:d6:
c0:3a:83:a7:4e:af:a8:ad:6b:a6:5e:2e:bd:33:4c:e3:f5:e6:
b7:13:86:ce:4a:66:61:44:53:cf:7d:33:29:f3:f6:6e:59:a4:
aa:f8:8c:25:ac:42:8b:a6:b5:5d:51:bc:b2:ed:fc:b0:fc:2d:
5e:3b:a7:4d:c4:01:e0:c3:06:d7:a0:e0:60:05:a4:c0:13:35:
6e:22:02:d2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECZAwTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMwNDI2MjBkMDdl
ZTdjMDQxOWNkZWM1OGEyNzE4NzBkNzZjYjY5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPdsrpwovFz8VkGKEi7cJwNHXnSaVS7dxivn78NHyitfAYd
EvGcF+7GxKAN4eWiUf+BA/ziq+P5IJXDrrGQrttOGpHatRmFzJcyRhn4NnswkZuL
6Pdn5Reb2/QldYZaFcMVWHw7qe2xpxGWwRijBqmYu/ttPhCf6WbRxWrPUVN11hNa
QFFkGMGPnHYFxISbn+rEqMIt7a4imMbbbrm3xLin25UNQmuq+scsVU/11aSkBqJM
EAJH/oSRmQhbtA4f4MxhCnjsGVOTwqpdBiZRTKj3Fajowf88swa8aJUUSx6Un+uQ
PiIpCOeBZ9CdQnVJqHVncrA68GXi8Sfx5iHNHoUCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBT8BCYg0H7nwEGc3sWKJxhw12y2nTAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
L19BUW1JTkItNThCQm5ON0ZpaWNZY05kc3RwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwJAQCAAEwHgMEAYHp1AMEAJlgtAMEAZlg0AMEAMAs
CwMEAMBmlDAYBAIAAjASAwcAKgPbgCwQAwcAKgPbgCwUMA0GCSqGSIb3DQEBCwUA
A4IBAQBynzNsBg3nGYuj7HuYi4RD9PGuhF6NWQ0Xj5EoffbKDYTRFdfROzuxd4P/
rBYy0GY8L6eQEDSlOddmInCoX00gei/wMvsbK5KdUcgD7mbdm2KpgTr0S8IlunrS
nl8jC/TQcg9ZO7BPo2urJxKjqDTTil336F8TvYYHxSbiRy1tw8nkqESfDVL1OwG5
4ChBL8mFXbMSBOHjRSE8+feTXTf+rMIsmoJmn/IVIIiPTyg1GtpNltbAOoOnTq+o
rWumXi69M0zj9ea3E4bOSmZhRFPPfTMp8/ZuWaSq+IwlrEKLprVdUbyy7fyw/C1e
O6dNxAHgwwbXoOBgBaTAEzVuIgLS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:05 2025 by rpki-client