Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/uw7bNlfz9HDnnb7s6HshiaaUEVo.roa
File: uw7bNlfz9HDnnb7s6HshiaaUEVo.roa (raw, json)
Hash identifier: q/ES9VvwQTrQnTDK/luenpW75cEJ4nCwNOkbqP/8TAM=
Subject key identifier: BB:0E:DB:36:57:F3:F4:70:E7:9D:BE:EC:E8:7B:21:89:A6:94:11:5A
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 072E1F2A
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/uw7bNlfz9HDnnb7s6HshiaaUEVo.roa
Signing time: Sat 01 Jan 2022 14:55:06 +0000
ROA not before: Sat 01 Jan 2022 14:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60216
IP address blocks: 176.121.20.0/24 maxlen: 24
176.121.20.0/22 maxlen: 24
176.121.23.0/24 maxlen: 24
176.121.22.0/24 maxlen: 24
176.121.21.0/24 maxlen: 24
2001:67c:18d0::/48 maxlen: 48
2001:67c:1bc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120463146 (0x72e1f2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Jan 1 14:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb0edb3657f3f470e79dbeece87b2189a694115a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:aa:f2:b4:29:4a:dc:6a:9e:b6:a0:0f:44:0c:
32:15:8d:c3:fc:06:14:99:63:af:6f:d4:7b:f1:32:
44:2f:cb:be:c1:d0:aa:60:5f:72:5a:28:e7:16:a8:
72:f4:dc:93:6e:09:22:12:3b:f9:99:02:2c:40:36:
82:e3:0f:cb:81:ff:7b:73:e6:41:88:32:cc:0b:98:
5e:24:18:ac:f5:29:1e:f4:d7:3e:be:59:fa:af:29:
7d:9e:37:25:d9:a6:b1:96:83:7c:f3:5f:cc:e2:bc:
fb:fb:d2:fb:46:0e:7d:df:66:22:aa:cb:79:c6:8c:
a5:84:c9:61:9d:55:8c:a0:1f:e0:59:38:d1:c8:45:
5e:f0:37:e0:8e:fc:80:69:1c:4a:25:e3:55:65:33:
ee:3f:8c:57:e4:f4:53:f1:82:c8:25:ea:c0:15:f5:
1e:8e:36:17:60:74:d4:0a:0f:3a:c9:3f:cd:33:d5:
9d:e0:bf:15:d1:e6:5c:2d:e1:ba:e8:f7:5d:9c:1d:
2a:e7:39:09:fb:54:50:42:68:d1:e4:01:fe:f0:f6:
49:3e:d7:b1:ee:26:c6:fe:0f:bc:4a:27:c3:b2:04:
a5:a7:b9:71:45:12:39:88:1c:de:ce:9b:0b:5f:82:
f4:90:7f:26:a1:f5:57:33:7f:37:58:86:15:3a:12:
6b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0E:DB:36:57:F3:F4:70:E7:9D:BE:EC:E8:7B:21:89:A6:94:11:5A
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/uw7bNlfz9HDnnb7s6HshiaaUEVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.20.0/22
IPv6:
2001:67c:18d0::/48
2001:67c:1bc0::/48
Signature Algorithm: sha256WithRSAEncryption
4f:93:98:57:23:d1:e2:0f:e5:f9:9a:60:41:64:77:50:d7:0a:
8f:ac:75:d7:12:dc:db:0c:7d:2e:96:7d:e9:a9:79:eb:c1:32:
40:f8:e2:0b:4d:1e:ca:c8:29:1d:d2:1c:16:44:c5:ba:06:2d:
a4:12:85:00:37:5a:31:db:cd:c3:18:a5:67:c9:66:d2:63:4f:
ad:de:41:cb:a3:42:06:7f:0c:9e:c8:5b:ae:26:63:26:aa:c8:
fc:54:7f:b3:e8:ed:2d:7c:a2:5d:8b:ff:66:05:44:90:af:80:
1a:0e:d3:4d:76:a4:73:8d:9f:34:c3:9f:a0:42:d8:0b:b1:6a:
86:ff:cc:77:27:b8:f0:9b:d8:67:f9:fa:de:a6:a1:fc:7b:0a:
1e:42:b4:d1:99:8e:48:27:08:63:aa:e1:3f:d9:54:48:67:93:
d3:db:0f:e4:f1:0a:10:e1:d9:c6:61:91:10:62:e7:5d:0b:de:
07:aa:e6:98:88:fc:4b:55:f6:1f:36:90:88:56:3a:be:e8:5f:
1e:52:87:74:3b:58:20:af:49:c9:70:ba:1a:c8:43:e5:0c:ae:
ab:af:17:f9:ba:6f:df:b4:f9:d9:70:27:5f:77:8f:f2:87:34:
6b:e9:61:a8:dc:21:78:8a:73:99:0f:c4:59:82:5f:73:4d:44:
73:f9:f1:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBy4fKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjdiYTQzNTc2NjY3NjY0YWQ2ZjI5YTY2NjI3MGUzMzU3ODM2ZjFhMB4XDTIyMDEw
MTE0NTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmIwZWRiMzY1N2Yz
ZjQ3MGU3OWRiZWVjZTg3YjIxODlhNjk0MTE1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+q8rQpStxqnragD0QMMhWNw/wGFJljr2/Ue/EyRC/LvsHQ
qmBfcloo5xaocvTck24JIhI7+ZkCLEA2guMPy4H/e3PmQYgyzAuYXiQYrPUpHvTX
Pr5Z+q8pfZ43JdmmsZaDfPNfzOK8+/vS+0YOfd9mIqrLecaMpYTJYZ1VjKAf4Fk4
0chFXvA34I78gGkcSiXjVWUz7j+MV+T0U/GCyCXqwBX1Ho42F2B01AoPOsk/zTPV
neC/FdHmXC3huuj3XZwdKuc5CftUUEJo0eQB/vD2ST7Xse4mxv4PvEonw7IEpae5
cUUSOYgc3s6bC1+C9JB/JqH1VzN/N1iGFToSa3kCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBS7Dts2V/P0cOedvuzoeyGJppQRWjAfBgNVHSMEGDAWgBSre6Q1dmZ2ZK1v
KaZmJw4zV4NvGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzdWtOWFptZG1TdGJ5bW1aaWNPTTFlRGJ4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvMGUxZjkxLWMzZWQtNDM1ZC1hNDVmLTIzYWM3NTgwNDhlYy8x
L3V3N2JObGZ6OUhEbm5iN3M2SHNoaWFhVUVWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
MGUxZjkxLWMzZWQtNDM1ZC1hNDVmLTIzYWM3NTgwNDhlYy8xL3EzdWtOWFptZG1T
dGJ5bW1aaWNPTTFlRGJ4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEArB5FDAYBAIAAjASAwcAIAEGfBjQ
AwcAIAEGfBvAMA0GCSqGSIb3DQEBCwUAA4IBAQBPk5hXI9HiD+X5mmBBZHdQ1wqP
rHXXEtzbDH0uln3pqXnrwTJA+OILTR7KyCkd0hwWRMW6Bi2kEoUAN1ox283DGKVn
yWbSY0+t3kHLo0IGfwyeyFuuJmMmqsj8VH+z6O0tfKJdi/9mBUSQr4AaDtNNdqRz
jZ80w5+gQtgLsWqG/8x3J7jwm9hn+frepqH8ewoeQrTRmY5IJwhjquE/2VRIZ5PT
2w/k8QoQ4dnGYZEQYuddC94HquaYiPxLVfYfNpCIVjq+6F8eUod0O1ggr0nJcLoa
yEPlDK6rrxf5um/ftPnZcCdfd4/yhzRr6WGo3CF4inOZD8RZgl9zTURz+fHt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:40 2025 by rpki-client