Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/MhX3I1ODzFnE09bShaZvSe3qefU.roa
File: MhX3I1ODzFnE09bShaZvSe3qefU.roa (raw, json)
Hash identifier: 28lok8jvPLcvybccmEGQ2ejQRWBmx5IkIGFiIYhQLVc=
Subject key identifier: 32:15:F7:23:53:83:CC:59:C4:D3:D6:D2:85:A6:6F:49:ED:EA:79:F5
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 072F030A
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/MhX3I1ODzFnE09bShaZvSe3qefU.roa
Signing time: Sat 01 Jan 2022 14:55:07 +0000
ROA not before: Sat 01 Jan 2022 14:55:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199472
IP address blocks: 176.121.16.0/24 maxlen: 24
176.121.16.0/22 maxlen: 24
176.121.17.0/24 maxlen: 24
176.121.19.0/24 maxlen: 24
176.121.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120521482 (0x72f030a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Jan 1 14:55:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3215f7235383cc59c4d3d6d285a66f49edea79f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b2:6a:39:8f:dc:88:1a:34:03:4b:97:d4:f0:
23:0b:51:9f:fd:ff:29:c8:d3:af:89:60:90:58:4a:
f4:c6:0b:22:b9:ad:e3:38:84:8e:b7:e6:8d:08:b8:
15:aa:8a:32:87:7f:81:31:7f:41:97:55:a8:63:6f:
0a:03:c4:7c:f2:b0:59:5f:c9:76:56:df:39:de:af:
9a:86:37:40:4b:08:00:85:b8:ad:0a:e0:b7:8a:4b:
0d:e0:5b:4c:37:af:42:fb:d0:ab:5e:19:67:18:ef:
40:59:00:45:96:c3:3d:57:18:9b:51:a2:98:18:b3:
f3:d9:05:01:df:97:0e:2f:70:36:38:85:f8:1a:de:
71:eb:58:ba:4c:92:47:ff:e8:5a:16:0c:ca:8e:49:
99:4f:e1:9a:3b:b2:c7:b8:c2:39:dc:ed:59:31:80:
14:81:93:b0:a4:6d:cf:26:6c:92:af:d4:11:40:da:
dc:54:76:81:7c:10:19:2f:f6:47:25:03:e3:4b:67:
4d:f7:49:41:ad:df:eb:76:39:70:a8:87:55:93:b2:
ef:8a:b9:f2:56:4d:ba:41:cb:b1:35:06:9f:da:ee:
61:7e:62:d0:61:5c:a2:b4:04:78:37:de:fb:79:bb:
1c:cc:62:d7:3c:2f:a2:2c:17:ee:87:2b:58:ac:27:
04:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:15:F7:23:53:83:CC:59:C4:D3:D6:D2:85:A6:6F:49:ED:EA:79:F5
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/MhX3I1ODzFnE09bShaZvSe3qefU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
17:ab:cc:39:b7:11:09:3e:83:88:87:79:a2:39:13:75:31:aa:
c4:e7:fa:8d:f6:f1:88:55:5b:20:0f:a8:79:d2:dd:26:c4:81:
ac:b0:1a:fd:5e:d1:85:81:6d:32:0c:9c:53:5d:62:2f:d3:9c:
9e:ac:cc:3b:0f:04:8a:ec:d7:ba:65:fb:94:79:b6:ed:07:8b:
9b:47:ac:4f:54:35:da:51:f6:04:f1:00:61:fc:29:ce:67:4c:
26:e2:84:bc:44:dc:a7:f2:85:e5:4d:c6:ba:be:cb:94:85:ef:
d4:ea:a3:80:46:75:8b:a6:20:ac:24:09:62:37:22:51:8e:9e:
37:cd:7d:ba:c6:f1:f2:4f:b4:9d:ac:cd:a8:f4:6f:0c:41:e7:
85:82:e2:f6:a0:ba:94:dc:a3:3d:cb:3a:e4:a0:2d:9b:48:32:
b0:e9:7f:f6:6e:94:db:e8:92:d7:88:3f:91:9d:88:34:98:f6:
4e:e2:8c:4f:1c:c3:d7:ff:4e:fc:f6:f6:3e:20:eb:d7:be:10:
2c:64:a5:c9:8f:15:57:68:ff:b0:4b:63:a6:64:b8:25:97:36:
2b:7e:95:c7:93:69:99:2b:6f:8b:74:bd:30:ca:c0:e1:c2:59:
da:e0:4b:f4:ee:2d:d0:ef:da:aa:db:96:dc:61:c5:5c:b9:f1:
44:e6:3f:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBy8DCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjdiYTQzNTc2NjY3NjY0YWQ2ZjI5YTY2NjI3MGUzMzU3ODM2ZjFhMB4XDTIyMDEw
MTE0NTUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIxNWY3MjM1Mzgz
Y2M1OWM0ZDNkNmQyODVhNjZmNDllZGVhNzlmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKyajmP3IgaNANLl9TwIwtRn/3/KcjTr4lgkFhK9MYLIrmt
4ziEjrfmjQi4FaqKMod/gTF/QZdVqGNvCgPEfPKwWV/JdlbfOd6vmoY3QEsIAIW4
rQrgt4pLDeBbTDevQvvQq14ZZxjvQFkARZbDPVcYm1GimBiz89kFAd+XDi9wNjiF
+BrecetYukySR//oWhYMyo5JmU/hmjuyx7jCOdztWTGAFIGTsKRtzyZskq/UEUDa
3FR2gXwQGS/2RyUD40tnTfdJQa3f63Y5cKiHVZOy74q58lZNukHLsTUGn9ruYX5i
0GFcorQEeDfe+3m7HMxi1zwvoiwX7ocrWKwnBHUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQyFfcjU4PMWcTT1tKFpm9J7ep59TAfBgNVHSMEGDAWgBSre6Q1dmZ2ZK1v
KaZmJw4zV4NvGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzdWtOWFptZG1TdGJ5bW1aaWNPTTFlRGJ4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvMGUxZjkxLWMzZWQtNDM1ZC1hNDVmLTIzYWM3NTgwNDhlYy8x
L01oWDNJMU9EekZuRTA5YlNoYVp2U2UzcWVmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
MGUxZjkxLWMzZWQtNDM1ZC1hNDVmLTIzYWM3NTgwNDhlYy8xL3EzdWtOWFptZG1T
dGJ5bW1aaWNPTTFlRGJ4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArB5EDANBgkqhkiG9w0BAQsFAAOC
AQEAF6vMObcRCT6DiId5ojkTdTGqxOf6jfbxiFVbIA+oedLdJsSBrLAa/V7RhYFt
MgycU11iL9OcnqzMOw8EiuzXumX7lHm27QeLm0esT1Q12lH2BPEAYfwpzmdMJuKE
vETcp/KF5U3Gur7LlIXv1OqjgEZ1i6YgrCQJYjciUY6eN819usbx8k+0nazNqPRv
DEHnhYLi9qC6lNyjPcs65KAtm0gysOl/9m6U2+iS14g/kZ2INJj2TuKMTxzD1/9O
/Pb2PiDr174QLGSlyY8VV2j/sEtjpmS4JZc2K36Vx5NpmStvi3S9MMrA4cJZ2uBL
9O4t0O/aqtuW3GHFXLnxROY/SQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:08 2025 by rpki-client