Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/1-6lru1gWEO0LhwygJ0XqbapvZ0I.roa
File: 1-6lru1gWEO0LhwygJ0XqbapvZ0I.roa (raw, json)
Hash identifier: QTuhD++YW2r71JoJ7IbvrEAeVtJQZxHBx0tzhOkXVIU=
Subject key identifier: FB:A9:6B:BB:58:16:10:ED:0B:87:0C:A0:27:45:EA:6D:AA:6F:67:42
Certificate issuer: /CN=c6abd373cc595060f1a33076b53e1162512c3cd7
Certificate serial: 16FE8EA3
Authority key identifier: C6:AB:D3:73:CC:59:50:60:F1:A3:30:76:B5:3E:11:62:51:2C:3C:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/1-6lru1gWEO0LhwygJ0XqbapvZ0I.roa
Signing time: Sat 01 Jan 2022 05:05:53 +0000
ROA not before: Sat 01 Jan 2022 05:05:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52070
IP address blocks: 178.21.41.0/24 maxlen: 24
178.21.40.0/24 maxlen: 24
178.21.40.0/23 maxlen: 23
2a01:9800::/35 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385781411 (0x16fe8ea3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6abd373cc595060f1a33076b53e1162512c3cd7
Validity
Not Before: Jan 1 05:05:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fba96bbb581610ed0b870ca02745ea6daa6f6742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:a5:6c:69:7c:0e:b4:d8:90:b7:d8:37:30:
8c:8f:9a:dd:4d:e5:0f:13:93:e7:5f:ce:db:75:f3:
45:5a:43:41:c4:0a:dd:69:3d:49:c4:20:41:39:07:
56:45:45:4d:71:d4:f7:2b:3f:a2:7a:aa:e9:46:16:
3e:fa:3a:88:2a:00:aa:bb:cd:11:6e:df:60:12:23:
22:3e:c5:dc:a9:cf:76:09:ef:81:45:e2:c5:6c:21:
8a:8a:3a:db:20:af:e1:eb:5e:33:d8:da:d6:52:a8:
05:5e:f0:a5:d5:80:87:d3:ae:b3:5a:75:50:4d:a7:
65:08:0a:e1:dd:f9:42:df:d9:dc:0c:51:5a:5b:ea:
4a:b5:04:1b:cd:66:f9:50:60:8a:95:10:5f:22:89:
1a:3a:75:5f:1a:0f:bf:df:00:18:86:3f:a2:be:d6:
c2:dc:fd:4f:7d:e8:1b:24:4f:eb:7d:bc:bf:07:2b:
a8:3e:7b:df:07:62:dd:85:9f:c4:c8:02:f8:2f:6b:
60:5f:c3:53:9a:d8:d3:10:ca:90:ba:ba:99:a4:0f:
ae:1c:59:a5:82:20:47:60:0d:39:52:ad:4e:47:60:
2c:27:76:85:ce:11:0f:4b:31:dc:f4:0b:e6:75:be:
36:21:85:9b:e6:f2:3d:80:09:cb:7b:6c:d3:ff:0b:
32:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A9:6B:BB:58:16:10:ED:0B:87:0C:A0:27:45:EA:6D:AA:6F:67:42
X509v3 Authority Key Identifier:
keyid:C6:AB:D3:73:CC:59:50:60:F1:A3:30:76:B5:3E:11:62:51:2C:3C:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqvTc8xZUGDxozB2tT4RYlEsPNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/1-6lru1gWEO0LhwygJ0XqbapvZ0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/dd2cdd-9684-41ca-8015-9f150c8ea971/1/xqvTc8xZUGDxozB2tT4RYlEsPNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.40.0/23
IPv6:
2a01:9800::/35
Signature Algorithm: sha256WithRSAEncryption
81:55:bb:0c:38:14:d9:b2:5c:04:08:90:b0:e5:a4:68:58:bf:
90:ed:c0:c9:5f:fe:3b:8a:ec:97:b6:33:c1:69:14:dc:29:51:
d1:01:9f:d5:ec:5e:0a:1c:73:cd:79:59:05:ec:cb:14:cf:6d:
e2:14:54:2e:3a:98:44:e6:f7:a2:9a:fb:8d:51:9c:41:93:7f:
9f:80:ff:b7:be:cf:e8:cd:7f:a4:8f:79:ef:57:af:1f:85:f3:
a8:97:f1:35:65:51:03:f3:2f:96:25:f9:d3:eb:4c:18:ca:b1:
d6:1e:c1:2a:02:8d:17:ef:95:a5:c3:60:00:13:6d:f1:cf:22:
03:20:59:0b:c9:54:66:a2:aa:40:03:b2:c2:06:bd:d5:1d:74:
94:8d:5d:79:df:65:b8:33:5c:0a:73:20:f0:39:76:96:f6:9f:
51:89:28:91:3d:9c:d9:f9:b0:b8:ca:0e:5d:01:d3:1b:d9:95:
85:86:8a:72:3e:d7:73:5b:8d:de:53:a1:ef:9e:7c:e7:b3:d0:
c9:39:c5:84:df:e7:b0:86:12:8c:36:ba:13:86:5e:6a:94:06:
91:90:99:34:aa:1f:49:2e:d2:80:7f:85:a2:10:84:cb:b8:cc:
9c:ff:ea:de:32:d6:9d:cd:d9:4b:38:75:a4:70:65:0c:42:73:
9b:35:00:96
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEFv6OozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NmFiZDM3M2NjNTk1MDYwZjFhMzMwNzZiNTNlMTE2MjUxMmMzY2Q3MB4XDTIyMDEw
MTA1MDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJhOTZiYmI1ODE2
MTBlZDBiODcwY2EwMjc0NWVhNmRhYTZmNjc0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK31pWxpfA602JC32DcwjI+a3U3lDxOT51/O23XzRVpDQcQK
3Wk9ScQgQTkHVkVFTXHU9ys/onqq6UYWPvo6iCoAqrvNEW7fYBIjIj7F3KnPdgnv
gUXixWwhioo62yCv4eteM9ja1lKoBV7wpdWAh9Ous1p1UE2nZQgK4d35Qt/Z3AxR
WlvqSrUEG81m+VBgipUQXyKJGjp1XxoPv98AGIY/or7Wwtz9T33oGyRP6328vwcr
qD573wdi3YWfxMgC+C9rYF/DU5rY0xDKkLq6maQPrhxZpYIgR2ANOVKtTkdgLCd2
hc4RD0sx3PQL5nW+NiGFm+byPYAJy3ts0/8LMosCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT7qWu7WBYQ7QuHDKAnReptqm9nQjAfBgNVHSMEGDAWgBTGq9NzzFlQYPGj
MHa1PhFiUSw81zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hxdlRjOHhaVUdEeG96QjJ0VDRSWWxFc1BOYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvZGQyY2RkLTk2ODQtNDFjYS04MDE1LTlmMTUwYzhlYTk3MS8x
LzEtNmxydTFnV0VPMExod3lnSjBYcWJhcHZaMEkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Fm
L2RkMmNkZC05Njg0LTQxY2EtODAxNS05ZjE1MGM4ZWE5NzEvMS94cXZUYzh4WlVH
RHhvekIydFQ0UllsRXNQTmMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBAGyFSgwDgQCAAIwCAMGBSoBmAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBVbsMOBTZslwECJCw5aRoWL+Q7cDJX/47iuyX
tjPBaRTcKVHRAZ/V7F4KHHPNeVkF7MsUz23iFFQuOphE5veimvuNUZxBk3+fgP+3
vs/ozX+kj3nvV68fhfOol/E1ZVED8y+WJfnT60wYyrHWHsEqAo0X75Wlw2AAE23x
zyIDIFkLyVRmoqpAA7LCBr3VHXSUjV1532W4M1wKcyDwOXaW9p9RiSiRPZzZ+bC4
yg5dAdMb2ZWFhopyPtdzW43eU6Hvnnzns9DJOcWE3+ewhhKMNroThl5qlAaRkJk0
qh9JLtKAf4WiEITLuMyc/+reMtadzdlLOHWkcGUMQnObNQCW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:18 2025 by rpki-client