Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/toQZhZmuXbejq2P-ay8MERIZkDA.roa
File: toQZhZmuXbejq2P-ay8MERIZkDA.roa (raw, json)
Hash identifier: CKhteKiT9Cnla/3PazGUpDGWv1iTt6ay84OD35hJ77w=
Subject key identifier: B6:84:19:85:99:AE:5D:B7:A3:AB:63:FE:6B:2F:0C:11:12:19:90:30
Certificate issuer: /CN=b3aa951722a19971a44e62ca92d1c91284d12e21
Certificate serial: 131B4048
Authority key identifier: B3:AA:95:17:22:A1:99:71:A4:4E:62:CA:92:D1:C9:12:84:D1:2E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6qVFyKhmXGkTmLKktHJEoTRLiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/toQZhZmuXbejq2P-ay8MERIZkDA.roa
Signing time: Sat 01 Jan 2022 00:52:17 +0000
ROA not before: Sat 01 Jan 2022 00:52:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 141.27.0.0/16 maxlen: 16
132.187.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320553032 (0x131b4048)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3aa951722a19971a44e62ca92d1c91284d12e21
Validity
Not Before: Jan 1 00:52:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b684198599ae5db7a3ab63fe6b2f0c1112199030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b4:4f:f0:c3:2c:2c:e7:45:af:8f:ab:6d:2b:
40:6c:0a:20:d1:9f:2a:2a:d4:35:32:b8:ca:c4:c8:
06:a9:c5:68:71:f2:18:40:1c:5d:8b:b2:20:e1:a3:
79:17:ea:31:33:03:80:83:8a:ff:80:a4:ec:fb:e1:
10:f5:4b:ea:f7:ec:02:e0:a6:7e:56:e2:c8:0c:b7:
c5:1b:24:27:a5:58:be:1f:8f:c3:83:85:04:2c:73:
43:8b:22:c6:a2:f0:8b:f3:2a:2e:72:e2:ff:14:ba:
2e:66:14:d8:37:92:85:67:cb:0d:c5:e2:1b:41:e1:
50:33:5d:e2:89:ba:de:6e:9a:1f:d3:9a:f8:de:f0:
36:9f:17:8a:d5:0c:21:4e:91:86:95:62:c9:28:b2:
fe:ee:ca:cb:9a:c8:7a:49:bd:3a:1d:ae:0b:0d:e3:
be:b0:82:bb:77:48:dd:0a:9a:51:42:a4:25:c2:0a:
46:dc:cf:b9:e3:0c:9e:74:07:49:f9:35:11:f1:85:
29:54:96:9e:79:8d:09:ea:48:98:bc:0f:55:34:e4:
ee:60:dd:19:b1:b8:15:10:60:3d:fa:92:74:f2:07:
10:5c:84:68:f1:f4:36:fe:6a:2a:2a:34:a0:25:73:
ac:38:78:58:ff:6b:77:7f:05:a0:fd:d5:18:08:b8:
2b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:84:19:85:99:AE:5D:B7:A3:AB:63:FE:6B:2F:0C:11:12:19:90:30
X509v3 Authority Key Identifier:
keyid:B3:AA:95:17:22:A1:99:71:A4:4E:62:CA:92:D1:C9:12:84:D1:2E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6qVFyKhmXGkTmLKktHJEoTRLiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/toQZhZmuXbejq2P-ay8MERIZkDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/s6qVFyKhmXGkTmLKktHJEoTRLiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.187.0.0/16
141.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:d6:9c:75:ad:53:99:4c:fa:25:51:f7:41:66:4c:7b:88:98:
e7:28:7b:d7:b7:ca:c9:1a:97:05:e4:0a:c5:6a:44:3c:f5:69:
1f:ab:10:18:16:1b:35:df:16:59:ba:37:0f:48:72:b8:5a:2b:
63:e3:cf:c7:ee:13:a5:ad:21:5a:cc:13:57:e4:1c:7e:21:39:
d8:02:57:79:c6:b1:d8:36:5e:b2:9f:df:a4:83:69:af:75:cb:
91:f0:47:3e:fd:f5:e0:e7:42:e8:ed:63:5a:c3:4a:b2:d5:6b:
68:60:7a:95:aa:40:3d:9c:b4:d8:91:ce:8a:85:a1:05:75:6c:
68:12:fe:68:64:50:55:87:f2:30:69:57:72:97:d1:3f:ca:b5:
43:ce:d2:88:9b:be:6e:5c:1c:f6:46:7d:1f:88:2f:02:fc:3e:
ca:ef:db:8b:e3:68:46:58:ce:a2:8d:b3:e6:05:4f:43:f4:ee:
06:d4:fc:1f:d3:ee:af:dd:59:45:45:b2:e7:58:e3:21:f4:98:
1f:b4:53:98:60:68:28:bc:98:57:2d:af:d1:42:38:00:e6:81:
c8:a2:52:a5:03:dd:23:f1:2f:61:fd:19:7c:a3:b9:3f:42:f7:
10:cc:b5:ed:6a:37:e5:c5:0d:85:e1:83:01:a7:cd:68:a3:7c:
5a:a1:aa:0c
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEExtASDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2FhOTUxNzIyYTE5OTcxYTQ0ZTYyY2E5MmQxYzkxMjg0ZDEyZTIxMB4XDTIyMDEw
MTAwNTIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY4NDE5ODU5OWFl
NWRiN2EzYWI2M2ZlNmIyZjBjMTExMjE5OTAzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALa0T/DDLCznRa+Pq20rQGwKINGfKirUNTK4ysTIBqnFaHHy
GEAcXYuyIOGjeRfqMTMDgIOK/4Ck7PvhEPVL6vfsAuCmflbiyAy3xRskJ6VYvh+P
w4OFBCxzQ4sixqLwi/MqLnLi/xS6LmYU2DeShWfLDcXiG0HhUDNd4om63m6aH9Oa
+N7wNp8XitUMIU6RhpViySiy/u7Ky5rIekm9Oh2uCw3jvrCCu3dI3QqaUUKkJcIK
RtzPueMMnnQHSfk1EfGFKVSWnnmNCepImLwPVTTk7mDdGbG4FRBgPfqSdPIHEFyE
aPH0Nv5qKio0oCVzrDh4WP9rd38FoP3VGAi4KzsCAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBS2hBmFma5dt6OrY/5rLwwREhmQMDAfBgNVHSMEGDAWgBSzqpUXIqGZcaRO
YsqS0ckShNEuITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M2cVZGeUtobVhHa1RtTEtrdEhKRW9UUkxpRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvZmRlYTdjLWExYmMtNDhhOS1hY2QzLWEwMDNjNGI2MWE1Zi8x
L3RvUVpoWm11WGJlanEyUC1heThNRVJJWmtEQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
ZmRlYTdjLWExYmMtNDhhOS1hY2QzLWEwMDNjNGI2MWE1Zi8xL3M2cVZGeUtobVhH
a1RtTEtrdEhKRW9UUkxpRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAj
BggrBgEFBQcBBwEB/wQUMBIwEAQCAAEwCgMDAIS7AwMAjRswDQYJKoZIhvcNAQEL
BQADggEBAIvWnHWtU5lM+iVR90FmTHuImOcoe9e3yskalwXkCsVqRDz1aR+rEBgW
GzXfFlm6Nw9IcrhaK2Pjz8fuE6WtIVrME1fkHH4hOdgCV3nGsdg2XrKf36SDaa91
y5HwRz799eDnQujtY1rDSrLVa2hgepWqQD2ctNiRzoqFoQV1bGgS/mhkUFWH8jBp
V3KX0T/KtUPO0oibvm5cHPZGfR+ILwL8Psrv24vjaEZYzqKNs+YFT0P07gbU/B/T
7q/dWUVFsudY4yH0mB+0U5hgaCi8mFctr9FCOADmgciiUqUD3SPxL2H9GXyjuT9C
9xDMte1qN+XFDYXhgwGnzWijfFqhqgw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:08:14 2025 by rpki-client