Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/RLJjLNFisfHhMIoIX0Q-viBAqcE.roa
File: RLJjLNFisfHhMIoIX0Q-viBAqcE.roa (raw, json)
Hash identifier: qTdH908d8gTb2b0Qm9rykI0dXfCwxFRORrkt1ITmD9c=
Subject key identifier: 44:B2:63:2C:D1:62:B1:F1:E1:30:8A:08:5F:44:3E:BE:20:40:A9:C1
Certificate issuer: /CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Certificate serial: 01856F301CC39034B28EF20CD81715D36915
Authority key identifier: AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/RLJjLNFisfHhMIoIX0Q-viBAqcE.roa
Signing time: Sun 01 Jan 2023 21:15:02 +0000
ROA not before: Sun 01 Jan 2023 21:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56822
IP address blocks: 176.32.55.0/24 maxlen: 24
176.32.52.0/24 maxlen: 24
176.32.48.0/23 maxlen: 23
176.32.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:1c:c3:90:34:b2:8e:f2:0c:d8:17:15:d3:69:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Validity
Not Before: Jan 1 21:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44b2632cd162b1f1e1308a085f443ebe2040a9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:18:e7:b1:cc:73:b5:78:b3:ac:c2:9d:03:
db:b3:89:33:58:91:1b:37:03:a2:87:04:42:9d:64:
fd:27:19:a6:a6:83:0a:ae:fb:31:77:b2:a0:c1:10:
0c:9a:34:ce:30:e9:60:b7:bd:d0:1c:0e:67:26:b7:
fb:1d:a9:26:b5:2d:f9:82:9d:0a:75:79:c5:a5:9c:
71:a1:dc:3a:b7:10:09:ff:5d:46:43:33:90:76:2c:
09:db:be:c9:6f:d5:e2:d3:bc:75:66:1d:f9:19:22:
7d:cd:72:1c:7c:6a:ab:c0:7c:49:38:48:3a:75:4e:
9f:0b:83:81:fd:5a:0f:cd:67:99:94:58:dc:52:47:
69:40:da:0c:c4:1e:0e:f6:b8:85:88:f8:92:6e:51:
05:65:34:3a:ac:e9:a1:49:e6:e4:ec:5e:ca:86:e1:
bc:e8:86:b8:02:c8:7a:a6:a5:89:b1:e6:70:74:18:
ff:39:c4:19:95:e9:70:96:d0:69:ac:8b:a3:ce:f8:
4e:07:a9:0f:54:c0:09:ab:98:7e:4d:5f:1e:d9:6c:
ae:49:8a:e3:84:56:89:7d:b1:4f:01:21:2c:7a:f7:
75:99:90:ea:57:95:b0:f4:c8:52:ea:31:34:8c:dc:
83:3a:87:eb:0c:73:06:ca:ff:e4:1e:8d:24:9a:d9:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B2:63:2C:D1:62:B1:F1:E1:30:8A:08:5F:44:3E:BE:20:40:A9:C1
X509v3 Authority Key Identifier:
keyid:AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/RLJjLNFisfHhMIoIX0Q-viBAqcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qqthEeAEwqBE8Wi40oJzz2dE86g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.48.0/23
176.32.51.0-176.32.52.255
176.32.55.0/24
Signature Algorithm: sha256WithRSAEncryption
01:8c:7b:82:30:fc:18:25:6f:b0:08:0c:35:f7:c9:b4:a7:ca:
29:0e:e1:a8:69:4f:07:00:07:40:01:fc:a4:b3:d1:6b:68:65:
d5:0e:98:2f:f0:a0:31:df:f0:fc:71:fb:a2:75:cd:ff:70:83:
60:c0:54:f9:49:54:96:e7:54:a1:6b:70:cf:72:80:eb:87:dd:
ee:ae:2f:6a:04:93:49:b0:a3:65:68:69:89:6b:af:f5:d1:47:
3e:ca:2d:16:e7:99:ca:54:e2:9a:41:76:65:53:52:e5:48:ac:
47:e7:52:60:11:6c:c4:8d:ba:a0:1a:a5:93:de:b3:01:9e:51:
b1:70:ca:69:da:90:79:8a:4e:55:87:d5:86:dd:34:bb:de:54:
aa:3f:eb:9f:4f:d0:44:1d:48:bf:9e:2f:c1:fe:a6:84:6a:7e:
4f:81:6b:23:23:9e:3e:0c:74:1f:07:d7:d1:55:e8:05:e7:47:
44:89:61:2e:b5:f4:4f:da:3e:b0:60:90:4e:0f:5a:e2:60:29:
ed:08:be:3e:cd:50:36:ab:28:c4:54:92:05:bb:ed:3c:a7:e6:
05:56:72:76:bc:5c:47:c1:e0:cf:a4:72:b2:b0:d1:03:b6:a9:
76:92:cf:bf:42:62:0f:17:49:aa:74:1f:eb:65:b5:27:10:6a:
f3:62:42:85
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvMBzDkDSyjvIM2BcV02kVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYWI2MTExZTAwNGMyYTA0NGYxNjhiOGQyODI3M2NmNjc0
NGYzYTgwHhcNMjMwMTAxMjExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGIyNjMyY2QxNjJiMWYxZTEzMDhhMDg1ZjQ0M2ViZTIwNDBhOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDoY57HMc7V4s6zCnQPbs4kzWJEb
NwOihwRCnWT9JxmmpoMKrvsxd7KgwRAMmjTOMOlgt73QHA5nJrf7HakmtS35gp0K
dXnFpZxxodw6txAJ/11GQzOQdiwJ277Jb9Xi07x1Zh35GSJ9zXIcfGqrwHxJOEg6
dU6fC4OB/VoPzWeZlFjcUkdpQNoMxB4O9riFiPiSblEFZTQ6rOmhSebk7F7KhuG8
6Ia4Ash6pqWJseZwdBj/OcQZlelwltBprIujzvhOB6kPVMAJq5h+TV8e2WyuSYrj
hFaJfbFPASEsevd1mZDqV5Ww9MhS6jE0jNyDOofrDHMGyv/kHo0kmtnZFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFESyYyzRYrHx4TCKCF9EPr4gQKnBMB8GA1UdIwQY
MBaAFKqrYRHgBMKgRPFouNKCc89nRPOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXF0aEVlQUV3cUJFOFdpNDBvSnp6MmRFODZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNGFkMGYtMGIzMC00MWZmLWE4ZDkt
ODJlZGVkYTdmZTdhLzEvUkxKakxORmlzZkhoTUlvSVgwUS12aUJBcWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNGFkMGYtMGIzMC00MWZmLWE4ZDktODJlZGVkYTdmZTdh
LzEvcXF0aEVlQUV3cUJFOFdpNDBvSnp6MmRFODZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBsCAwMAwD
BACwIDMDBACwIDQDBACwIDcwDQYJKoZIhvcNAQELBQADggEBAAGMe4Iw/Bglb7AI
DDX3ybSnyikO4ahpTwcAB0AB/KSz0WtoZdUOmC/woDHf8Pxx+6J1zf9wg2DAVPlJ
VJbnVKFrcM9ygOuH3e6uL2oEk0mwo2VoaYlrr/XRRz7KLRbnmcpU4ppBdmVTUuVI
rEfnUmARbMSNuqAapZPeswGeUbFwymnakHmKTlWH1YbdNLveVKo/659P0EQdSL+e
L8H+poRqfk+BayMjnj4MdB8H19FV6AXnR0SJYS619E/aPrBgkE4PWuJgKe0Ivj7N
UDarKMRUkgW77Tyn5gVWcna8XEfB4M+kcrKw0QO2qXaSz79CYg8XSap0H+tltScQ
avNiQoU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:01:58 2025 by rpki-client