Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qasxWcg5i9r6c-fD27gUroD8I-U.roa
File: qasxWcg5i9r6c-fD27gUroD8I-U.roa (raw, json)
Hash identifier: DPjbiOty76ipEF8XAO5+Tay475gPm3d7syoVlv+ZvvU=
Subject key identifier: A9:AB:31:59:C8:39:8B:DA:FA:73:E7:C3:DB:B8:14:AE:80:FC:23:E5
Certificate issuer: /CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Certificate serial: 36862DD6
Authority key identifier: AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qasxWcg5i9r6c-fD27gUroD8I-U.roa
Signing time: Sat 01 Jan 2022 12:56:48 +0000
ROA not before: Sat 01 Jan 2022 12:56:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56822
IP address blocks: 176.32.55.0/24 maxlen: 24
176.32.52.0/24 maxlen: 24
176.32.48.0/23 maxlen: 23
176.32.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 914763222 (0x36862dd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaab6111e004c2a044f168b8d28273cf6744f3a8
Validity
Not Before: Jan 1 12:56:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9ab3159c8398bdafa73e7c3dbb814ae80fc23e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d5:be:b2:73:17:b2:b0:40:f5:0c:e3:1c:96:
0d:d6:00:31:aa:91:d1:0d:ad:6d:4f:57:4e:27:b0:
fc:bb:92:2f:c2:94:2a:6c:a0:01:91:20:f6:ab:27:
d6:e3:43:b1:af:48:31:a3:f6:0a:b0:f0:81:5d:8f:
2e:4a:d4:7d:e5:46:ca:b1:84:7c:5f:05:2d:08:af:
be:19:84:bb:a3:2a:b2:71:e6:63:f4:50:91:cd:0b:
a7:db:1a:30:07:f0:ea:87:4e:f0:26:e9:b5:61:32:
3a:11:b4:34:1f:58:36:17:33:99:3f:44:10:7f:38:
99:7d:47:ea:34:f4:16:cd:db:af:db:e3:95:4d:be:
36:b9:16:eb:78:74:c7:97:8f:06:75:b7:01:a4:87:
15:cd:bc:d6:22:40:24:c6:33:a6:f0:17:65:cd:e3:
8d:42:5b:19:ad:bd:14:5b:20:98:36:e8:7a:55:30:
d7:12:d3:a5:b9:5c:57:29:4e:35:41:02:f4:97:d4:
11:c2:5e:51:08:3f:56:d9:d2:b1:e5:1a:7f:b0:4c:
7e:7c:cb:d7:47:7b:2b:b1:53:25:ca:04:c4:19:80:
28:15:53:ba:36:46:d0:e4:af:09:62:6c:ec:3f:df:
a7:55:29:1d:a7:e6:27:56:73:9c:9a:03:d3:ae:02:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AB:31:59:C8:39:8B:DA:FA:73:E7:C3:DB:B8:14:AE:80:FC:23:E5
X509v3 Authority Key Identifier:
keyid:AA:AB:61:11:E0:04:C2:A0:44:F1:68:B8:D2:82:73:CF:67:44:F3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qqthEeAEwqBE8Wi40oJzz2dE86g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qasxWcg5i9r6c-fD27gUroD8I-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f4ad0f-0b30-41ff-a8d9-82ededa7fe7a/1/qqthEeAEwqBE8Wi40oJzz2dE86g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.48.0/23
176.32.51.0-176.32.52.255
176.32.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:73:87:9b:58:9e:0b:df:e0:5e:1e:72:2c:12:20:8f:18:c5:
94:b4:98:92:d5:ea:bd:91:ee:6f:63:df:95:23:fd:ff:69:0c:
27:fc:d3:15:2b:5e:d6:d4:cc:4c:0b:44:a3:8b:83:11:ec:dc:
f9:54:f8:66:e8:c9:c9:ef:54:76:ce:18:b9:6e:53:f8:c5:49:
bf:67:51:02:a0:3d:c2:59:0e:b7:49:a7:7f:39:ed:4c:b3:f1:
d8:58:06:ab:1f:58:d9:79:d5:ee:c4:d3:16:4e:1f:00:b3:14:
d3:8d:e0:5d:17:69:97:95:32:aa:99:23:02:e3:0f:a4:d2:ec:
2e:cf:ed:45:10:e4:63:5f:dc:4c:94:f9:53:f2:3c:dd:8e:c4:
4e:6b:4f:ba:29:03:6f:2e:6c:69:61:64:66:2d:5b:72:9c:11:
76:cf:c5:9d:30:4d:08:2d:7d:55:fa:85:6b:85:e9:c3:e4:84:
6e:72:59:ef:66:00:cf:5c:1a:a5:75:11:be:1e:e4:10:13:17:
d7:38:89:c4:e2:0b:45:b1:d0:37:08:12:56:58:13:6f:27:67:
7e:e4:66:8c:9b:b6:ac:5a:6b:a1:ba:bf:72:7e:9f:04:c4:09:
a6:29:4c:88:23:ca:dc:c3:e5:94:8f:41:3d:c8:59:0f:f4:81:
28:38:33:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIENoYt1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWFiNjExMWUwMDRjMmEwNDRmMTY4YjhkMjgyNzNjZjY3NDRmM2E4MB4XDTIyMDEw
MTEyNTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTlhYjMxNTljODM5
OGJkYWZhNzNlN2MzZGJiODE0YWU4MGZjMjNlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3VvrJzF7KwQPUM4xyWDdYAMaqR0Q2tbU9XTiew/LuSL8KU
KmygAZEg9qsn1uNDsa9IMaP2CrDwgV2PLkrUfeVGyrGEfF8FLQivvhmEu6MqsnHm
Y/RQkc0Lp9saMAfw6odO8CbptWEyOhG0NB9YNhczmT9EEH84mX1H6jT0Fs3br9vj
lU2+NrkW63h0x5ePBnW3AaSHFc281iJAJMYzpvAXZc3jjUJbGa29FFsgmDboelUw
1xLTpblcVylONUEC9JfUEcJeUQg/VtnSseUaf7BMfnzL10d7K7FTJcoExBmAKBVT
ujZG0OSvCWJs7D/fp1UpHafmJ1ZznJoD064Cql8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSpqzFZyDmL2vpz58PbuBSugPwj5TAfBgNVHSMEGDAWgBSqq2ER4ATCoETx
aLjSgnPPZ0TzqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FxdGhFZUFFd3FCRThXaTQwb0p6ejJkRTg2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZjRhZDBmLTBiMzAtNDFmZi1hOGQ5LTgyZWRlZGE3ZmU3YS8x
L3Fhc3hXY2c1aTlyNmMtZkQyN2dVcm9EOEktVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZjRhZDBmLTBiMzAtNDFmZi1hOGQ5LTgyZWRlZGE3ZmU3YS8xL3FxdGhFZUFFd3FC
RThXaTQwb0p6ejJkRTg2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAbAgMDAMAwQAsCAzAwQAsCA0AwQA
sCA3MA0GCSqGSIb3DQEBCwUAA4IBAQA9c4ebWJ4L3+BeHnIsEiCPGMWUtJiS1eq9
ke5vY9+VI/3/aQwn/NMVK17W1MxMC0Sji4MR7Nz5VPhm6MnJ71R2zhi5blP4xUm/
Z1ECoD3CWQ63Sad/Oe1Ms/HYWAarH1jZedXuxNMWTh8AsxTTjeBdF2mXlTKqmSMC
4w+k0uwuz+1FEORjX9xMlPlT8jzdjsROa0+6KQNvLmxpYWRmLVtynBF2z8WdME0I
LX1V+oVrhenD5IRuclnvZgDPXBqldRG+HuQQExfXOInE4gtFsdA3CBJWWBNvJ2d+
5GaMm7asWmuhur9yfp8ExAmmKUyII8rcw+WUj0E9yFkP9IEoODOo
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:37 2025 by rpki-client