Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/sxJ5zaDJbbQos9_o5-8lRCIjTSo.roa
File: sxJ5zaDJbbQos9_o5-8lRCIjTSo.roa (raw, json)
Hash identifier: 6DwRElZATbEO5gfyBB7Y+kBxmV4Vyz4Hfpv9XYbx8XY=
Subject key identifier: B3:12:79:CD:A0:C9:6D:B4:28:B3:DF:E8:E7:EF:25:44:22:23:4D:2A
Certificate issuer: /CN=fec6fb5a467974c977a997c6dda1464805ed379f
Certificate serial: 0186312EFCEBC8FE9C8A54CC7C7C08E1EB07
Authority key identifier: FE:C6:FB:5A:46:79:74:C9:77:A9:97:C6:DD:A1:46:48:05:ED:37:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_sb7WkZ5dMl3qZfG3aFGSAXtN58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/sxJ5zaDJbbQos9_o5-8lRCIjTSo.roa
Signing time: Wed 08 Feb 2023 13:20:08 +0000
ROA not before: Wed 08 Feb 2023 13:20:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 176.116.122.0/24 maxlen: 24
176.116.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:2e:fc:eb:c8:fe:9c:8a:54:cc:7c:7c:08:e1:eb:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fec6fb5a467974c977a997c6dda1464805ed379f
Validity
Not Before: Feb 8 13:20:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b31279cda0c96db428b3dfe8e7ef254422234d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:09:09:6f:db:fb:5d:81:30:e6:d9:7c:e0:dc:
7e:99:79:aa:2d:fc:39:6f:f6:50:68:b5:b5:2a:4e:
37:f2:78:c8:9c:62:b2:2a:b6:71:da:2f:4c:54:bf:
86:a1:a7:42:c1:a4:92:27:38:8b:e7:c7:9e:78:b2:
1d:51:d1:d1:ef:f1:dd:47:e2:aa:79:2f:e4:4c:90:
2c:63:87:96:c0:25:68:1b:e9:92:f8:4e:7f:66:ee:
43:68:28:5f:95:d1:45:84:1f:7a:92:4f:57:3d:1e:
0d:3a:fd:70:ed:88:b9:6f:8f:1d:9d:68:ef:ba:c8:
99:a2:21:b1:d0:ed:cc:46:19:e6:20:ff:bd:86:e2:
93:9d:94:80:e8:17:18:9b:ac:cc:01:72:47:07:de:
aa:9a:34:c8:03:03:94:12:ce:46:f6:4e:7e:92:f4:
0d:85:ea:bc:ed:bf:8c:5b:03:53:9b:6f:1f:02:e0:
a7:c0:8d:f5:10:5d:a7:75:e9:d0:64:f2:65:f3:a3:
d2:74:a8:35:b3:ee:22:44:ba:9c:e9:c1:84:fc:fa:
6b:0a:7d:26:4f:e2:33:35:77:8b:63:7b:95:32:d4:
4e:9d:97:dd:6c:37:57:36:bf:de:b5:21:52:68:1e:
20:a2:93:80:9b:6e:25:d4:bb:b1:3d:f5:47:31:d5:
72:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:12:79:CD:A0:C9:6D:B4:28:B3:DF:E8:E7:EF:25:44:22:23:4D:2A
X509v3 Authority Key Identifier:
keyid:FE:C6:FB:5A:46:79:74:C9:77:A9:97:C6:DD:A1:46:48:05:ED:37:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_sb7WkZ5dMl3qZfG3aFGSAXtN58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/sxJ5zaDJbbQos9_o5-8lRCIjTSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/ac52c3-ca44-4784-b72e-12641f9e6fc0/1/_sb7WkZ5dMl3qZfG3aFGSAXtN58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:21:a5:41:1f:3b:da:89:63:fd:42:a6:d7:6e:34:37:9a:38:
54:15:7c:3f:fb:19:fe:5b:28:03:4f:14:17:6b:7f:be:93:f1:
99:c2:fa:1e:88:2b:51:01:b3:65:0f:4b:b7:ef:a5:cb:57:63:
90:a0:9e:16:e5:6a:92:0c:f1:5b:a9:4d:35:5b:50:30:0c:71:
03:7f:aa:ed:05:7b:40:4a:98:24:4b:b6:41:92:b6:da:53:89:
55:58:23:b1:ad:f2:87:17:2c:ac:82:b2:a5:c0:98:69:a6:07:
44:51:6f:56:44:e4:23:b9:b4:5c:b4:11:83:41:7f:14:84:39:
af:9e:e2:3e:d4:50:c5:21:02:d7:b8:41:48:c2:b4:5c:f5:5f:
fb:bb:dc:c0:86:83:eb:23:d2:fe:3e:8c:f9:5e:44:bf:80:8f:
09:50:61:49:45:dd:41:47:02:b6:2a:19:30:aa:86:a7:1d:86:
28:45:1a:60:3b:6b:e3:e6:9e:2f:43:37:58:68:c0:7d:5f:be:
fe:41:77:c5:bd:c7:2c:13:d8:b9:ea:06:8e:05:d5:4f:9b:c8:
74:85:23:e5:a0:22:5a:66:10:0a:df:6b:f5:d8:73:0c:67:57:
66:f4:db:75:f1:20:3e:5f:de:27:ee:05:11:22:b8:2d:da:83:
18:2b:ba:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYxLvzryP6cilTMfHwI4esHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYzZmYjVhNDY3OTc0Yzk3N2E5OTdjNmRkYTE0NjQ4MDVl
ZDM3OWYwHhcNMjMwMjA4MTMyMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEyNzljZGEwYzk2ZGI0MjhiM2RmZThlN2VmMjU0NDIyMjM0ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAkJb9v7XYEw5tl84Nx+mXmqLfw5
b/ZQaLW1Kk438njInGKyKrZx2i9MVL+GoadCwaSSJziL58eeeLIdUdHR7/HdR+Kq
eS/kTJAsY4eWwCVoG+mS+E5/Zu5DaChfldFFhB96kk9XPR4NOv1w7Yi5b48dnWjv
usiZoiGx0O3MRhnmIP+9huKTnZSA6BcYm6zMAXJHB96qmjTIAwOUEs5G9k5+kvQN
heq87b+MWwNTm28fAuCnwI31EF2ndenQZPJl86PSdKg1s+4iRLqc6cGE/PprCn0m
T+IzNXeLY3uVMtROnZfdbDdXNr/etSFSaB4gopOAm24l1LuxPfVHMdVyyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMSec2gyW20KLPf6OfvJUQiI00qMB8GA1UdIwQY
MBaAFP7G+1pGeXTJd6mXxt2hRkgF7TefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3NiN1drWjVkTWwzcVpmRzNhRkdTQVh0TjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hYzUyYzMtY2E0NC00Nzg0LWI3MmUt
MTI2NDFmOWU2ZmMwLzEvc3hKNXphREpiYlFvczlfbzUtOGxSQ0lqVFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hYzUyYzMtY2E0NC00Nzg0LWI3MmUtMTI2NDFmOWU2ZmMw
LzEvX3NiN1drWjVkTWwzcVpmRzNhRkdTQVh0TjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHR6MA0G
CSqGSIb3DQEBCwUAA4IBAQCnIaVBHzvaiWP9QqbXbjQ3mjhUFXw/+xn+WygDTxQX
a3++k/GZwvoeiCtRAbNlD0u376XLV2OQoJ4W5WqSDPFbqU01W1AwDHEDf6rtBXtA
SpgkS7ZBkrbaU4lVWCOxrfKHFyysgrKlwJhppgdEUW9WROQjubRctBGDQX8UhDmv
nuI+1FDFIQLXuEFIwrRc9V/7u9zAhoPrI9L+Poz5XkS/gI8JUGFJRd1BRwK2Khkw
qoanHYYoRRpgO2vj5p4vQzdYaMB9X77+QXfFvccsE9i56gaOBdVPm8h0hSPloCJa
ZhAK32v12HMMZ1dm9Nt18SA+X94n7gURIrgt2oMYK7qB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:12 2025 by rpki-client