Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/CwzdSMIAUXUhKeQl3DRSQUemEWI.roa
File: CwzdSMIAUXUhKeQl3DRSQUemEWI.roa (raw, json)
Hash identifier: sSQjaWfJ2/akb0fd4fUpUUwkZI+7Vi/m3mBqeflMbdc=
Subject key identifier: 0B:0C:DD:48:C2:00:51:75:21:29:E4:25:DC:34:52:41:47:A6:11:62
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0186BCF816F28E1469E66B4FF80948576E90
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/CwzdSMIAUXUhKeQl3DRSQUemEWI.roa
Signing time: Tue 07 Mar 2023 16:47:00 +0000
ROA not before: Tue 07 Mar 2023 16:47:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 155.254.62.0/24 maxlen: 24
107.161.174.0/24 maxlen: 24
107.161.175.0/24 maxlen: 24
107.181.135.0/24 maxlen: 24
2a07:9940:3333::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:f8:16:f2:8e:14:69:e6:6b:4f:f8:09:48:57:6e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Mar 7 16:47:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b0cdd48c20051752129e425dc34524147a61162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fd:c3:93:4a:5b:e4:6c:97:68:ca:b5:20:77:
a0:ec:44:e9:28:a2:f4:b3:fc:df:66:48:da:ad:c4:
97:06:9b:7c:86:08:a5:d7:8b:10:89:b5:80:3c:8e:
4b:34:0b:37:46:a9:1e:9c:35:78:59:7d:e0:e2:fe:
fa:64:da:52:f1:db:1b:28:8b:e8:5d:4e:10:53:0e:
d1:6b:16:b8:e2:ed:72:07:c2:91:48:73:03:32:dc:
88:2a:99:1d:5f:e5:5c:b8:85:d3:58:1a:79:83:5b:
db:47:9b:cc:fb:d9:c8:1f:16:5d:a5:7a:a1:c2:c7:
48:b9:eb:70:aa:5e:11:55:9c:c1:a4:4b:3c:ce:d2:
1f:f5:8c:62:7b:fd:07:b8:e0:a2:d8:34:e9:e4:29:
3a:d6:0b:75:8d:b9:8e:f0:34:19:dd:2a:5e:22:e0:
4c:b3:08:d8:df:9b:71:ff:e3:9c:51:8a:05:dc:b3:
8e:05:29:4e:97:9c:a6:e7:76:a0:ed:78:77:6e:8c:
eb:27:a4:4d:f7:3a:fc:6a:1e:47:33:cf:96:39:a3:
01:88:4b:24:3f:ba:7f:75:10:fa:d1:c4:05:9a:64:
b9:20:e3:5a:a3:08:d3:f6:a5:40:5c:43:1c:77:b3:
4e:4d:2c:bb:46:a4:7d:64:cd:10:ff:cf:09:0d:f5:
f5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0C:DD:48:C2:00:51:75:21:29:E4:25:DC:34:52:41:47:A6:11:62
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/CwzdSMIAUXUhKeQl3DRSQUemEWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.174.0/23
107.181.135.0/24
155.254.62.0/24
IPv6:
2a07:9940:3333::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ee:2c:34:88:1e:1a:1c:88:a9:3f:ad:68:24:72:5f:4b:8e:
ee:76:fc:d8:84:d3:35:06:44:35:6f:bc:64:80:4b:c9:a6:3f:
3e:58:8c:56:a9:ab:a0:af:7e:39:a2:a4:d9:19:0c:9c:7e:f1:
93:77:e1:82:b2:25:da:e2:81:50:cf:50:a1:01:d9:26:8d:64:
47:6c:46:59:90:bc:4d:9d:aa:d3:f3:f5:39:3d:ee:49:c8:dd:
ee:ae:f7:21:e2:1e:74:22:a0:cf:ec:6b:72:b2:8b:18:aa:97:
97:6f:ca:9e:19:91:12:cf:9c:a9:43:e7:c1:9a:65:d2:06:25:
d6:1a:d6:72:88:27:23:0c:88:9b:87:b5:9e:f9:d4:18:63:d3:
05:0c:03:ce:41:55:de:6e:98:fa:18:bf:1d:2d:c3:3f:9f:32:
6c:00:49:17:2e:53:ad:44:cc:0f:0b:91:6c:da:3c:48:81:06:
c3:aa:3d:c4:f4:b9:10:9c:a1:94:fe:08:1a:f9:9c:9e:61:de:
b1:ee:96:50:ae:27:04:3b:4d:c1:6c:6a:b4:41:c8:87:4d:cf:
4c:6d:55:44:af:f7:99:2e:8a:0d:45:f3:e9:a0:b9:a7:84:44:
7c:fe:b0:bd:6d:0e:3f:ce:92:02:55:fb:20:df:36:4d:50:e5:
ab:4e:45:45
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYa8+BbyjhRp5mtP+AlIV26QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwMzA3MTY0NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBjZGQ0OGMyMDA1MTc1MjEyOWU0MjVkYzM0NTI0MTQ3YTYxMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov3Dk0pb5GyXaMq1IHeg7ETpKKL0
s/zfZkjarcSXBpt8hgil14sQibWAPI5LNAs3RqkenDV4WX3g4v76ZNpS8dsbKIvo
XU4QUw7Raxa44u1yB8KRSHMDMtyIKpkdX+VcuIXTWBp5g1vbR5vM+9nIHxZdpXqh
wsdIuetwql4RVZzBpEs8ztIf9Yxie/0HuOCi2DTp5Ck61gt1jbmO8DQZ3SpeIuBM
swjY35tx/+OcUYoF3LOOBSlOl5ym53ag7Xh3bozrJ6RN9zr8ah5HM8+WOaMBiEsk
P7p/dRD60cQFmmS5IONaowjT9qVAXEMcd7NOTSy7RqR9ZM0Q/88JDfX1vwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAsM3UjCAFF1ISnkJdw0UkFHphFiMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvQ3d6ZFNNSUFVWFVoS2VRbDNEUlNRVWVtRVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBa6GuAwQA
a7WHAwQAm/4+MA8EAgACMAkDBwAqB5lAMzMwDQYJKoZIhvcNAQELBQADggEBAD/u
LDSIHhociKk/rWgkcl9Lju52/NiE0zUGRDVvvGSAS8mmPz5YjFapq6CvfjmipNkZ
DJx+8ZN34YKyJdrigVDPUKEB2SaNZEdsRlmQvE2dqtPz9Tk97knI3e6u9yHiHnQi
oM/sa3Kyixiql5dvyp4ZkRLPnKlD58GaZdIGJdYa1nKIJyMMiJuHtZ751Bhj0wUM
A85BVd5umPoYvx0twz+fMmwASRcuU61EzA8LkWzaPEiBBsOqPcT0uRCcoZT+CBr5
nJ5h3rHullCuJwQ7TcFsarRByIdNz0xtVUSv95kuig1F8+mguaeERHz+sL1tDj/O
kgJV+yDfNk1Q5atORUU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:02 2025 by rpki-client