Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/a4NDTb7oCydk3iOgY8UegMnWRGE.roa
File: a4NDTb7oCydk3iOgY8UegMnWRGE.roa (raw, json)
Hash identifier: qSkpCI1+swZ7aTleHyLrTIj9kc3BsPhUDbZSyC8EK6w=
Subject key identifier: 6B:83:43:4D:BE:E8:0B:27:64:DE:23:A0:63:C5:1E:80:C9:D6:44:61
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 098E4CFD
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/a4NDTb7oCydk3iOgY8UegMnWRGE.roa
Signing time: Sat 01 Jan 2022 04:03:23 +0000
ROA not before: Sat 01 Jan 2022 04:03:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16097
IP address blocks: 153.96.84.0/23 maxlen: 23
153.96.86.0/24 maxlen: 24
129.233.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160320765 (0x98e4cfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b83434dbee80b2764de23a063c51e80c9d64461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:57:c2:fa:7a:15:59:2c:0c:8e:44:1c:25:04:
5c:68:a8:8f:9c:94:ad:80:87:f9:1b:4c:d0:0e:5f:
47:7d:50:c2:33:79:d8:93:f0:6c:6b:15:59:05:4f:
ae:a4:1c:c9:ac:a1:97:c0:8b:55:9c:05:2f:3f:5d:
e8:f3:9e:d2:33:38:4d:59:2e:c8:76:75:75:a2:cb:
26:7d:7e:92:58:f9:0d:77:9a:78:d7:d2:bd:fe:d0:
1b:c6:63:29:09:15:bc:ed:ac:ab:28:b1:0a:84:bd:
48:5e:59:25:55:36:76:75:5d:39:97:e2:f3:3b:b7:
ed:02:36:14:f6:c5:ac:50:75:cb:0f:30:79:d6:a8:
d5:bc:f8:2c:dd:4c:0e:96:6b:84:7b:b2:d0:65:96:
a3:d9:68:8e:56:fb:84:0d:19:3e:5b:cd:10:25:1c:
8f:9e:8f:66:61:a6:4d:40:41:5c:31:e5:d1:d8:1b:
79:b3:60:7f:c5:9f:df:7b:3f:c4:e4:c4:5a:0a:2e:
17:a3:c0:4c:32:f2:42:d7:dd:16:c2:99:13:89:0f:
1a:71:74:04:75:af:39:a1:aa:3a:00:61:11:02:b2:
ca:4c:f5:1f:ec:da:66:d7:20:ba:bc:a7:b7:da:4b:
3a:40:62:a4:3c:f5:7d:56:1f:6a:1b:59:60:82:49:
71:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:83:43:4D:BE:E8:0B:27:64:DE:23:A0:63:C5:1E:80:C9:D6:44:61
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/a4NDTb7oCydk3iOgY8UegMnWRGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.216.0/24
153.96.84.0-153.96.86.255
Signature Algorithm: sha256WithRSAEncryption
30:37:a0:63:80:5f:49:38:1a:eb:45:2f:31:73:5b:26:22:df:
04:ac:ac:86:b2:bc:85:2a:c3:6c:91:7d:5d:da:cb:ae:65:fa:
98:e5:95:c2:79:83:f8:27:7a:64:2a:ee:96:01:fe:1e:e1:1f:
d5:43:99:8b:d4:e8:64:51:b3:45:a9:17:dd:dc:d7:7c:da:c6:
a5:04:c5:e7:a9:5a:01:0c:4f:75:c9:78:36:25:50:58:72:97:
5c:ec:12:5d:59:68:10:f6:6a:ef:92:52:ba:65:93:30:4c:56:
38:38:9e:c5:32:af:c1:5a:d9:83:c9:ed:48:18:5c:60:22:47:
73:c2:8f:1f:1f:3c:e8:d9:27:01:79:33:95:fc:ee:31:ac:c9:
25:23:d9:9e:f2:2d:91:2e:95:f3:1d:fc:93:c7:90:22:88:e4:
af:14:e8:79:12:94:14:73:d6:4b:d0:a7:b2:b8:bd:38:65:67:
03:4e:b8:90:5f:dc:4a:8b:ae:a4:4e:82:79:af:df:f0:db:60:
c8:a4:ea:35:1c:b6:62:6a:26:f0:95:86:38:2b:24:6a:2a:af:
69:69:d8:90:88:46:87:f7:c4:0b:e6:fd:80:5e:ce:70:0d:3a:
d7:37:14:60:7e:23:71:ec:8b:1f:e5:df:08:72:c7:b9:cc:1a:
68:f7:31:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECY5M/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI4MzQzNGRiZWU4
MGIyNzY0ZGUyM2EwNjNjNTFlODBjOWQ2NDQ2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxXwvp6FVksDI5EHCUEXGioj5yUrYCH+RtM0A5fR31QwjN5
2JPwbGsVWQVPrqQcyayhl8CLVZwFLz9d6POe0jM4TVkuyHZ1daLLJn1+klj5DXea
eNfSvf7QG8ZjKQkVvO2sqyixCoS9SF5ZJVU2dnVdOZfi8zu37QI2FPbFrFB1yw8w
edao1bz4LN1MDpZrhHuy0GWWo9lojlb7hA0ZPlvNECUcj56PZmGmTUBBXDHl0dgb
ebNgf8Wf33s/xOTEWgouF6PATDLyQtfdFsKZE4kPGnF0BHWvOaGqOgBhEQKyykz1
H+zaZtcgurynt9pLOkBipDz1fVYfahtZYIJJcbMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRrg0NNvugLJ2TeI6BjxR6AydZEYTAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
L2E0TkRUYjdvQ3lkazNpT2dZOFVlZ01uV1JHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAIHp2DAMAwQCmWBUAwQAmWBWMA0G
CSqGSIb3DQEBCwUAA4IBAQAwN6BjgF9JOBrrRS8xc1smIt8ErKyGsryFKsNskX1d
2suuZfqY5ZXCeYP4J3pkKu6WAf4e4R/VQ5mL1OhkUbNFqRfd3Nd82salBMXnqVoB
DE91yXg2JVBYcpdc7BJdWWgQ9mrvklK6ZZMwTFY4OJ7FMq/BWtmDye1IGFxgIkdz
wo8fHzzo2ScBeTOV/O4xrMklI9me8i2RLpXzHfyTx5AiiOSvFOh5EpQUc9ZL0Key
uL04ZWcDTriQX9xKi66kToJ5r9/w22DIpOo1HLZiaibwlYY4KyRqKq9padiQiEaH
98QL5v2AXs5wDTrXNxRgfiNx7Isf5d8Icse5zBpo9zGe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:43 2024 by rpki-client on console-ams.rpki-client.org