Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/lwGusKaY-Hc5Gemc07q_KGCGNz8.roa
File: lwGusKaY-Hc5Gemc07q_KGCGNz8.roa (raw, json)
Hash identifier: PfA/v7/Yb0qyJgjJt/RX+EHWn0ka9kXpEXtj42KUTbk=
Subject key identifier: 97:01:AE:B0:A6:98:F8:77:39:19:E9:9C:D3:BA:BF:28:60:86:37:3F
Certificate issuer: /CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Certificate serial: 0187B49169A12CE360ECD58579B1C891331B
Authority key identifier: B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/lwGusKaY-Hc5Gemc07q_KGCGNz8.roa
Signing time: Mon 24 Apr 2023 18:40:41 +0000
ROA not before: Mon 24 Apr 2023 18:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 132.74.0.0/16 maxlen: 16
132.75.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:91:69:a1:2c:e3:60:ec:d5:85:79:b1:c8:91:33:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Validity
Not Before: Apr 24 18:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9701aeb0a698f8773919e99cd3babf286086373f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1c:00:d7:49:6d:b8:8c:fa:b3:05:e1:2d:8a:
fd:c1:08:98:40:65:b4:f3:cd:e2:9e:1b:b3:76:c3:
06:b4:27:fa:46:a2:01:1c:2b:8b:35:4e:ee:c9:fd:
d8:83:5b:35:5c:68:7a:3b:4e:9d:eb:24:99:90:65:
41:24:2e:36:97:24:65:2e:0c:1e:25:40:98:f5:b2:
a1:df:e4:d1:9c:bb:d5:85:7b:31:04:70:d8:5d:5c:
ae:bc:89:b2:10:99:a2:0b:83:35:c8:91:f5:fa:a4:
27:c6:b2:26:0c:ca:9e:5f:ea:5b:b1:d4:09:c9:10:
50:e2:62:c7:cc:94:44:5a:30:73:20:69:52:a6:38:
6a:7e:98:e7:03:b2:9e:dd:4b:e9:27:34:b2:dc:ac:
27:02:23:59:8b:5b:d8:14:e7:27:25:39:90:98:ab:
f6:9a:e4:ea:3c:8e:b7:d2:53:63:10:5c:77:f9:a8:
b1:a4:f0:7a:53:ad:95:b9:3e:92:73:0b:a8:26:9c:
6c:fa:f8:f1:8f:26:c4:1b:b9:37:2c:14:36:6c:de:
00:79:ce:4d:d7:ec:fd:5d:0f:78:79:22:22:fb:5d:
01:94:64:42:c1:b1:6a:d7:0e:05:5c:41:d2:5a:90:
98:4e:e8:f4:b5:f1:f0:c3:d2:ab:82:5f:18:81:9e:
f5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:01:AE:B0:A6:98:F8:77:39:19:E9:9C:D3:BA:BF:28:60:86:37:3F
X509v3 Authority Key Identifier:
keyid:B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/lwGusKaY-Hc5Gemc07q_KGCGNz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/uNJRxL_VJtoGLUzir1a25G6SURc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.74.0.0/15
Signature Algorithm: sha256WithRSAEncryption
13:f9:b5:fa:c7:1c:8c:bb:89:7c:62:5f:29:a1:ce:b3:63:65:
c1:61:37:5f:70:e2:5f:d3:58:83:45:b2:d5:6e:a3:57:aa:13:
fe:69:32:86:f9:42:a9:0a:d0:f4:c9:87:18:92:c4:83:d8:63:
fa:a7:c9:7c:3f:20:73:f9:ae:2e:0c:d7:f0:69:ea:b5:53:59:
ff:30:10:e1:21:02:b2:74:db:5d:53:fc:4d:4b:7c:4f:f7:bd:
69:50:61:70:cf:2d:68:47:1a:1c:44:dc:20:05:90:32:44:88:
27:60:5e:b9:4e:1e:34:d9:b2:38:d8:5c:02:2d:61:41:b0:61:
99:59:05:59:29:3a:39:12:af:1d:de:6c:79:e8:60:48:5e:6c:
73:a8:6b:ff:39:99:3e:8f:ce:e4:63:1b:62:a2:a4:56:91:70:
02:35:b8:e2:37:dc:f5:34:b9:5d:76:0c:bd:1d:03:95:25:6f:
8d:7d:a4:1e:ee:cb:ca:38:60:c1:6f:ea:06:36:b3:c7:47:e3:
1a:e8:ae:f1:c4:83:8c:f3:59:b3:c2:4a:77:69:d5:d6:82:43:
ac:69:1e:45:bb:f6:98:d9:a7:7a:7e:eb:87:f3:d9:ee:ee:cf:
d9:3d:0e:d3:79:40:2f:52:5b:c6:67:c1:31:b9:a6:2e:1a:6f:
ac:9d:c4:bd
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYe0kWmhLONg7NWFebHIkTMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDI1MWM0YmZkNTI2ZGEwNjJkNGNlMmFmNTZiNmU0NmU5
MjUxMTcwHhcNMjMwNDI0MTg0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzAxYWViMGE2OThmODc3MzkxOWU5OWNkM2JhYmYyODYwODYzNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhwA10ltuIz6swXhLYr9wQiYQGW0
883inhuzdsMGtCf6RqIBHCuLNU7uyf3Yg1s1XGh6O06d6ySZkGVBJC42lyRlLgwe
JUCY9bKh3+TRnLvVhXsxBHDYXVyuvImyEJmiC4M1yJH1+qQnxrImDMqeX+pbsdQJ
yRBQ4mLHzJREWjBzIGlSpjhqfpjnA7Ke3UvpJzSy3KwnAiNZi1vYFOcnJTmQmKv2
muTqPI630lNjEFx3+aixpPB6U62VuT6ScwuoJpxs+vjxjybEG7k3LBQ2bN4Aec5N
1+z9XQ94eSIi+10BlGRCwbFq1w4FXEHSWpCYTuj0tfHww9Krgl8YgZ71WQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJcBrrCmmPh3ORnpnNO6vyhghjc/MB8GA1UdIwQY
MBaAFLjSUcS/1SbaBi1M4q9WtuRuklEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAt
NDJiM2Q2OGI1Njc2LzEvbHdHdXNLYVktSGM1R2VtYzA3cV9LR0NHTno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAtNDJiM2Q2OGI1Njc2
LzEvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEowDQYJ
KoZIhvcNAQELBQADggEBABP5tfrHHIy7iXxiXymhzrNjZcFhN19w4l/TWINFstVu
o1eqE/5pMob5QqkK0PTJhxiSxIPYY/qnyXw/IHP5ri4M1/Bp6rVTWf8wEOEhArJ0
211T/E1LfE/3vWlQYXDPLWhHGhxE3CAFkDJEiCdgXrlOHjTZsjjYXAItYUGwYZlZ
BVkpOjkSrx3ebHnoYEhebHOoa/85mT6PzuRjG2KipFaRcAI1uOI33PU0uV12DL0d
A5Ulb419pB7uy8o4YMFv6gY2s8dH4xrorvHEg4zzWbPCSndp1daCQ6xpHkW79pjZ
p3p+64fz2e7uz9k9DtN5QC9SW8ZnwTG5pi4ab6ydxL0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:08 2025 by rpki-client