Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wIqNpsLF3qC4sVdVHpgwicRuwVY.roa
File: wIqNpsLF3qC4sVdVHpgwicRuwVY.roa (raw, json)
Hash identifier: MDQRTnFY+uRg4/na1xCe3iz4rVhuEovVIGYTO5EPKpc=
Subject key identifier: C0:8A:8D:A6:C2:C5:DE:A0:B8:B1:57:55:1E:98:30:89:C4:6E:C1:56
Certificate issuer: /CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Certificate serial: 018751B209A58004753BA07B6046A4FA166F
Authority key identifier: B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wIqNpsLF3qC4sVdVHpgwicRuwVY.roa
Signing time: Wed 05 Apr 2023 13:53:54 +0000
ROA not before: Wed 05 Apr 2023 13:53:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 132.74.189.0/24 maxlen: 24
132.74.0.0/16 maxlen: 16
132.75.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:b2:09:a5:80:04:75:3b:a0:7b:60:46:a4:fa:16:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8d251c4bfd526da062d4ce2af56b6e46e925117
Validity
Not Before: Apr 5 13:53:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c08a8da6c2c5dea0b8b157551e983089c46ec156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7e:eb:33:5f:08:8e:d5:64:98:ee:f5:46:6e:
5c:33:f7:a0:d6:fc:b4:71:cb:2b:4b:12:85:fe:dc:
dc:1f:54:d6:25:1e:13:96:73:6f:fc:35:5d:ed:bb:
4f:ce:f9:04:44:d6:a8:fd:9c:96:b2:e4:d8:cc:11:
86:7f:25:13:78:e1:9c:ec:48:e8:d6:d1:3f:90:22:
6a:45:a2:c7:9f:3c:65:c6:e9:e6:48:b8:80:b6:df:
63:e7:e8:e1:57:4c:f9:b4:49:35:ee:f0:fb:2e:b8:
58:58:7f:d5:61:5e:f7:e2:28:e6:8e:6b:da:f6:97:
51:9f:ce:21:c4:22:bb:46:c7:6a:31:be:81:6b:65:
7e:7c:f2:80:56:93:9c:13:e1:2c:d5:2d:99:18:a5:
df:7e:a0:0e:48:33:4c:9c:32:0b:39:1a:29:d3:60:
5f:d2:db:14:c1:d8:c9:43:6c:2c:b3:5c:ec:6c:2a:
cf:d0:00:0d:e8:77:3c:4d:30:73:ee:b5:4f:0c:72:
55:e9:57:2f:24:39:a6:1a:d2:e9:8a:52:d1:54:9a:
14:6d:ce:b2:f5:be:6e:0e:09:d0:4e:c1:2c:a9:b5:
a5:e7:04:89:f5:6e:d6:4d:3d:16:25:45:07:42:6d:
74:96:f2:82:7b:b7:7a:08:7b:62:ae:d4:2e:de:18:
a7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:8A:8D:A6:C2:C5:DE:A0:B8:B1:57:55:1E:98:30:89:C4:6E:C1:56
X509v3 Authority Key Identifier:
keyid:B8:D2:51:C4:BF:D5:26:DA:06:2D:4C:E2:AF:56:B6:E4:6E:92:51:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNJRxL_VJtoGLUzir1a25G6SURc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/wIqNpsLF3qC4sVdVHpgwicRuwVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/621941-f53c-448f-bd30-42b3d68b5676/1/uNJRxL_VJtoGLUzir1a25G6SURc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.74.0.0/15
Signature Algorithm: sha256WithRSAEncryption
03:85:f1:0f:e9:96:25:12:da:33:9c:95:e8:55:e2:1f:4b:9f:
d6:b2:60:74:35:0c:8e:4b:9b:f8:2d:41:a6:e5:5a:dd:98:1a:
21:be:0f:11:9b:b7:f8:54:5a:e1:ab:82:4a:fc:aa:11:84:fb:
2a:e5:52:60:cb:bc:fc:9b:08:5e:5b:4e:00:39:bb:2f:2e:f9:
2f:ad:ca:67:78:23:95:72:7a:63:04:17:20:1b:1a:b9:c9:ee:
fd:34:aa:8c:1c:24:16:91:43:f8:1a:a0:8e:69:33:ce:5d:98:
76:72:0f:e6:55:8c:2e:9b:cd:f5:9a:16:89:eb:10:b1:4d:e1:
7d:5b:8e:4b:f7:4f:b9:8b:b5:b3:28:8e:c4:09:39:c3:8c:c7:
8a:ae:ac:a8:23:4e:a3:f6:25:35:58:c5:c6:7a:f3:ed:12:d6:
2d:29:35:a7:5e:c8:50:ea:0f:9a:fc:bd:b9:c8:64:66:53:fb:
a0:27:cd:57:04:47:9f:85:25:d4:84:fd:3a:fc:00:1b:29:df:
56:3a:a2:57:4a:24:37:e0:9c:3b:2c:cf:6d:6b:0d:f5:5b:d7:
bd:96:29:87:44:a6:ca:10:1f:ef:df:0c:ff:73:7f:5f:34:ea:
8a:fd:e8:d3:e7:b3:23:9b:9e:6d:e5:df:f7:93:2e:bf:62:3b:
25:0b:7d:0b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRsgmlgAR1O6B7YEak+hZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDI1MWM0YmZkNTI2ZGEwNjJkNGNlMmFmNTZiNmU0NmU5
MjUxMTcwHhcNMjMwNDA1MTM1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDhhOGRhNmMyYzVkZWEwYjhiMTU3NTUxZTk4MzA4OWM0NmVjMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr37rM18IjtVkmO71Rm5cM/eg1vy0
ccsrSxKF/tzcH1TWJR4TlnNv/DVd7btPzvkERNao/ZyWsuTYzBGGfyUTeOGc7Ejo
1tE/kCJqRaLHnzxlxunmSLiAtt9j5+jhV0z5tEk17vD7LrhYWH/VYV734ijmjmva
9pdRn84hxCK7RsdqMb6Ba2V+fPKAVpOcE+Es1S2ZGKXffqAOSDNMnDILORop02Bf
0tsUwdjJQ2wss1zsbCrP0AAN6Hc8TTBz7rVPDHJV6VcvJDmmGtLpilLRVJoUbc6y
9b5uDgnQTsEsqbWl5wSJ9W7WTT0WJUUHQm10lvKCe7d6CHtirtQu3hin6wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMCKjabCxd6guLFXVR6YMInEbsFWMB8GA1UdIwQY
MBaAFLjSUcS/1SbaBi1M4q9WtuRuklEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAt
NDJiM2Q2OGI1Njc2LzEvd0lxTnBzTEYzcUM0c1ZkVkhwZ3dpY1J1d1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MjE5NDEtZjUzYy00NDhmLWJkMzAtNDJiM2Q2OGI1Njc2
LzEvdU5KUnhMX1ZKdG9HTFV6aXIxYTI1RzZTVVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEowDQYJ
KoZIhvcNAQELBQADggEBAAOF8Q/pliUS2jOclehV4h9Ln9ayYHQ1DI5Lm/gtQabl
Wt2YGiG+DxGbt/hUWuGrgkr8qhGE+yrlUmDLvPybCF5bTgA5uy8u+S+tymd4I5Vy
emMEFyAbGrnJ7v00qowcJBaRQ/gaoI5pM85dmHZyD+ZVjC6bzfWaFonrELFN4X1b
jkv3T7mLtbMojsQJOcOMx4qurKgjTqP2JTVYxcZ68+0S1i0pNadeyFDqD5r8vbnI
ZGZT+6AnzVcER5+FJdSE/Tr8ABsp31Y6oldKJDfgnDssz21rDfVb172WKYdEpsoQ
H+/fDP9zf1806or96NPnsyObnm3l3/eTLr9iOyULfQs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:16 2025 by rpki-client