Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/4P_ty-KfQNv6RPU4MMBP5h7FkF4.roa
File: 4P_ty-KfQNv6RPU4MMBP5h7FkF4.roa (raw, json)
Hash identifier: /FqwzTRIelcoDDJDfZUSdsb5uRXZ0KNfNIz3EEqAaCM=
Subject key identifier: E0:FF:ED:CB:E2:9F:40:DB:FA:44:F5:38:30:C0:4F:E6:1E:C5:90:5E
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 0185707986D54B8D47A93348A8CE228B9D3C
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/4P_ty-KfQNv6RPU4MMBP5h7FkF4.roa
Signing time: Mon 02 Jan 2023 03:14:50 +0000
ROA not before: Mon 02 Jan 2023 03:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199472
IP address blocks: 176.121.16.0/24 maxlen: 24
176.121.16.0/22 maxlen: 24
176.121.17.0/24 maxlen: 24
176.121.19.0/24 maxlen: 24
176.121.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:86:d5:4b:8d:47:a9:33:48:a8:ce:22:8b:9d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Jan 2 03:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0ffedcbe29f40dbfa44f53830c04fe61ec5905e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3f:55:c2:c1:f1:91:e3:53:cd:10:b3:26:2b:
56:91:69:cc:2b:e5:12:90:09:0f:6d:af:4f:fd:01:
f4:c3:98:65:fa:28:54:34:14:17:68:04:95:63:74:
6b:7e:18:bb:aa:92:89:e0:0d:fc:32:e1:d6:35:9d:
e3:47:d4:63:fa:e3:74:79:97:99:16:3a:00:c1:6f:
7e:be:e4:4f:5f:01:1e:ca:df:43:dd:5d:6c:b7:72:
2c:33:36:02:98:46:06:df:8d:98:9a:ab:42:bc:74:
b4:8e:bd:40:f7:3a:bf:01:f9:0b:e4:93:1b:11:ef:
23:c0:33:72:d8:88:22:55:df:23:c5:f1:c6:a5:b4:
af:82:a0:aa:3b:ea:81:cb:2b:e7:0a:97:49:7c:00:
37:59:e5:47:96:71:09:15:f6:71:f9:21:59:95:22:
0c:f1:e0:9f:d4:c5:50:80:b9:e8:ae:1d:5c:62:14:
79:a8:fd:b8:da:98:94:66:fc:e6:a5:c5:69:2d:77:
86:fc:62:2d:e6:dd:16:34:65:9b:df:79:4b:2c:be:
b4:2a:6d:98:ea:7a:b7:22:b0:2c:2f:74:cb:ca:2a:
87:e3:14:85:2b:d7:48:48:9a:60:d9:68:39:52:03:
ca:22:86:7f:89:cd:58:39:2b:3e:03:29:b0:bf:1b:
2b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FF:ED:CB:E2:9F:40:DB:FA:44:F5:38:30:C0:4F:E6:1E:C5:90:5E
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/4P_ty-KfQNv6RPU4MMBP5h7FkF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
08:a6:02:87:97:43:5f:95:3a:c2:17:86:3c:2a:10:1e:81:17:
60:0d:9a:dd:bc:36:57:7c:75:1a:87:63:bb:d9:96:ab:5a:c8:
f1:ec:30:ac:55:01:a2:fe:9f:86:d3:e3:1b:77:66:e7:87:0d:
04:8b:47:59:c2:a1:e8:5f:49:ad:a1:c5:9d:49:b1:b9:e0:ed:
60:14:c6:ef:db:61:5e:b1:7e:b5:13:9c:66:a3:4b:62:47:16:
45:b6:18:62:69:79:8f:03:6d:6d:bd:96:59:1e:d6:5d:ed:64:
f9:64:45:36:8e:7a:aa:4a:b7:6c:c4:4a:57:74:36:d6:11:9e:
6d:a1:7f:38:86:d6:88:7d:30:b9:6a:da:fa:2d:62:0e:e0:13:
14:25:30:77:a9:b8:97:37:e5:c7:aa:a6:ba:2f:03:8c:14:f9:
0e:89:9d:71:a9:4a:26:33:8d:ef:cc:38:b0:cf:3e:32:17:a6:
18:f6:77:17:aa:0c:82:24:90:67:2c:3c:af:02:c8:d3:20:ed:
89:54:07:28:b5:b4:7c:2d:32:3b:fe:ed:cd:04:1c:26:9e:8e:
53:50:54:04:81:25:f6:bf:b7:01:9e:3a:d6:c2:6e:35:e5:7d:
ab:5f:51:47:92:be:93:da:ef:1c:4f:ce:77:1e:e8:30:4d:48:
df:47:b0:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweYbVS41HqTNIqM4ii508MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjMwMTAyMDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZmZWRjYmUyOWY0MGRiZmE0NGY1MzgzMGMwNGZlNjFlYzU5MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD9VwsHxkeNTzRCzJitWkWnMK+US
kAkPba9P/QH0w5hl+ihUNBQXaASVY3Rrfhi7qpKJ4A38MuHWNZ3jR9Rj+uN0eZeZ
FjoAwW9+vuRPXwEeyt9D3V1st3IsMzYCmEYG342YmqtCvHS0jr1A9zq/AfkL5JMb
Ee8jwDNy2IgiVd8jxfHGpbSvgqCqO+qByyvnCpdJfAA3WeVHlnEJFfZx+SFZlSIM
8eCf1MVQgLnorh1cYhR5qP242piUZvzmpcVpLXeG/GIt5t0WNGWb33lLLL60Km2Y
6nq3IrAsL3TLyiqH4xSFK9dISJpg2Wg5UgPKIoZ/ic1YOSs+AymwvxsreQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOD/7cvin0Db+kT1ODDAT+YexZBeMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvNFBfdHktS2ZRTnY2UlBVNE1NQlA1aDdGa0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHkQMA0G
CSqGSIb3DQEBCwUAA4IBAQAIpgKHl0NflTrCF4Y8KhAegRdgDZrdvDZXfHUah2O7
2ZarWsjx7DCsVQGi/p+G0+Mbd2bnhw0Ei0dZwqHoX0mtocWdSbG54O1gFMbv22Fe
sX61E5xmo0tiRxZFthhiaXmPA21tvZZZHtZd7WT5ZEU2jnqqSrdsxEpXdDbWEZ5t
oX84htaIfTC5atr6LWIO4BMUJTB3qbiXN+XHqqa6LwOMFPkOiZ1xqUomM43vzDiw
zz4yF6YY9ncXqgyCJJBnLDyvAsjTIO2JVAcotbR8LTI7/u3NBBwmno5TUFQEgSX2
v7cBnjrWwm415X2rX1FHkr6T2u8cT853HugwTUjfR7Cu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:09 2025 by rpki-client