Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/W2DPC2ppOSRRMlxbqAWxym9xw6Y.roa
File: W2DPC2ppOSRRMlxbqAWxym9xw6Y.roa (raw, json)
Hash identifier: 0dCwQwUaT7yH7ITWIffJW6ub5szNdR258oV1uCCjJn8=
Subject key identifier: 5B:60:CF:0B:6A:69:39:24:51:32:5C:5B:A8:05:B1:CA:6F:71:C3:A6
Certificate issuer: /CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Certificate serial: 01856F301B9F1DE77EA142457945BE2D8502
Authority key identifier: AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/W2DPC2ppOSRRMlxbqAWxym9xw6Y.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43160
IP address blocks: 176.32.52.0/23 maxlen: 23
176.32.48.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:1b:9f:1d:e7:7e:a1:42:45:79:45:be:2d:85:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b60cf0b6a69392451325c5ba805b1ca6f71c3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:4a:db:9f:d9:8e:a0:94:c5:78:bc:43:2b:
10:64:c4:2d:d0:88:de:73:43:63:70:54:5f:a1:ce:
de:e4:2c:28:e2:c8:95:65:b4:e0:d0:b3:ce:d2:51:
4d:bc:8f:58:b5:2a:3e:c6:a9:bb:e5:37:4f:e2:3c:
11:5e:37:3e:d6:05:53:50:e7:cc:79:63:2d:e4:5b:
c9:d0:1e:2c:c3:08:30:3e:99:76:f6:86:13:28:41:
f9:ee:a8:27:72:68:52:d3:24:0d:e3:dd:ea:a3:36:
3b:c2:cc:cc:27:e2:ac:25:26:1e:a9:d8:f0:d0:37:
69:83:c3:82:86:d1:b0:e0:34:83:ce:7a:ec:e6:d3:
52:96:08:30:4f:63:4c:53:4d:cb:21:06:52:24:02:
96:4b:ed:86:29:60:61:0b:7a:1b:13:ba:a1:63:02:
45:b9:05:0e:b9:d0:5a:7d:ac:00:eb:36:33:9e:97:
e1:cf:7b:0f:00:94:0a:06:1f:10:aa:db:3f:a8:19:
96:f1:56:a6:03:d3:99:ce:d1:83:fc:e3:9b:bd:f3:
b8:80:9e:b4:6b:4b:ca:ca:24:0f:6c:60:13:99:e3:
a9:6a:85:44:aa:0a:c6:02:3d:d1:b6:cf:b4:98:38:
ef:d7:88:63:93:61:d1:09:39:bb:28:b3:4e:7a:ad:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:60:CF:0B:6A:69:39:24:51:32:5C:5B:A8:05:B1:CA:6F:71:C3:A6
X509v3 Authority Key Identifier:
keyid:AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/W2DPC2ppOSRRMlxbqAWxym9xw6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qqthEeAEwqBE8Wi40oJzz2dE86g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.48.0/23
176.32.52.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:b7:59:a7:54:e2:2a:1f:82:70:6e:83:70:18:12:74:af:f6:
d2:54:45:86:3b:85:f5:30:d3:67:05:fd:3c:98:1b:d7:71:82:
ea:d8:01:d7:4c:55:a9:47:7b:86:09:27:76:94:fd:d5:8a:17:
de:2f:c9:b8:2a:42:67:cc:84:6a:bd:7d:0d:bb:32:da:51:05:
67:02:77:fa:e0:40:95:1f:7b:e1:68:7e:bd:a1:f2:fc:6b:5d:
ae:53:66:44:b9:6f:f8:28:c1:5b:2c:c4:ad:38:eb:d4:b7:f0:
ca:fa:86:53:c5:ae:e5:de:fb:e1:15:a4:15:d2:ac:c1:8b:a4:
45:e6:4a:73:da:84:37:25:20:e8:3c:2a:1c:c2:7f:fc:cb:54:
33:37:c0:95:b7:92:6f:a2:b5:0f:f1:c6:40:69:1e:7b:59:cd:
f7:6d:57:0b:4a:82:5e:3e:75:91:ad:b8:50:c9:96:2f:28:cc:
d2:d9:1b:6e:ef:fe:1a:df:9b:9d:05:3e:71:12:66:46:af:af:
76:4a:08:a4:ba:90:14:77:3f:dd:64:33:12:95:f9:f6:b9:c4:
38:cc:eb:90:f2:67:35:fa:30:dc:9a:63:df:b0:b4:68:21:c4:
06:77:46:6d:1e:9c:bf:7b:06:e8:1e:17:93:36:70:b0:01:f1:
c3:84:72:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvMBufHed+oUJFeUW+LYUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYWI2MTExZTAwNGMyYTA0NGYxNjhiOGQyODI3M2NmNjc0
NGYzYTgwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjYwY2YwYjZhNjkzOTI0NTEzMjVjNWJhODA1YjFjYTZmNzFjM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLFK25/ZjqCUxXi8QysQZMQt0Ije
c0NjcFRfoc7e5Cwo4siVZbTg0LPO0lFNvI9YtSo+xqm75TdP4jwRXjc+1gVTUOfM
eWMt5FvJ0B4swwgwPpl29oYTKEH57qgncmhS0yQN493qozY7wszMJ+KsJSYeqdjw
0Ddpg8OChtGw4DSDznrs5tNSlggwT2NMU03LIQZSJAKWS+2GKWBhC3obE7qhYwJF
uQUOudBafawA6zYznpfhz3sPAJQKBh8Qqts/qBmW8VamA9OZztGD/OObvfO4gJ60
a0vKyiQPbGATmeOpaoVEqgrGAj3Rts+0mDjv14hjk2HRCTm7KLNOeq039wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFtgzwtqaTkkUTJcW6gFscpvccOmMB8GA1UdIwQY
MBaAFKqrYRHgBMKgRPFouNKCc89nRPOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXF0aEVlQUV3cUJFOFdpNDBvSnp6MmRFODZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNGFkMGYtMGIzMC00MWZmLWE4ZDkt
ODJlZGVkYTdmZTdhLzEvVzJEUEMycHBPU1JSTWx4YnFBV3h5bTl4dzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNGFkMGYtMGIzMC00MWZmLWE4ZDktODJlZGVkYTdmZTdh
LzEvcXF0aEVlQUV3cUJFOFdpNDBvSnp6MmRFODZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsCAwAwQB
sCA0MA0GCSqGSIb3DQEBCwUAA4IBAQBNt1mnVOIqH4JwboNwGBJ0r/bSVEWGO4X1
MNNnBf08mBvXcYLq2AHXTFWpR3uGCSd2lP3VihfeL8m4KkJnzIRqvX0NuzLaUQVn
Anf64ECVH3vhaH69ofL8a12uU2ZEuW/4KMFbLMStOOvUt/DK+oZTxa7l3vvhFaQV
0qzBi6RF5kpz2oQ3JSDoPCocwn/8y1QzN8CVt5JvorUP8cZAaR57Wc33bVcLSoJe
PnWRrbhQyZYvKMzS2Rtu7/4a35udBT5xEmZGr692SgikupAUdz/dZDMSlfn2ucQ4
zOuQ8mc1+jDcmmPfsLRoIcQGd0ZtHpy/ewboHheTNnCwAfHDhHK/
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:08 2025 by rpki-client