Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/PooqthcFU4FRXNjVUhICdlpjv44.roa
File: PooqthcFU4FRXNjVUhICdlpjv44.roa (raw, json)
Hash identifier: L2Nu9duMtG8H3pL13JOQNJCIegaz4XiygoFRcVg11J4=
Subject key identifier: 3E:8A:2A:B6:17:05:53:81:51:5C:D8:D5:52:12:02:76:5A:63:BF:8E
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 018570B985560C34AE0A59FAB7E995806B41
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/PooqthcFU4FRXNjVUhICdlpjv44.roa
Signing time: Mon 02 Jan 2023 04:24:44 +0000
ROA not before: Mon 02 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17819
IP address blocks: 176.121.90.0/24 maxlen: 24
176.121.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:85:56:0c:34:ae:0a:59:fa:b7:e9:95:80:6b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e8a2ab617055381515cd8d5521202765a63bf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bf:b7:1e:bf:3c:71:b4:86:b9:87:44:64:97:
12:f7:82:9b:32:22:e9:86:58:fb:0b:06:43:e6:53:
9d:d0:3a:f1:bb:2d:8b:2d:c3:b8:9a:01:8e:37:25:
87:15:f2:da:b5:25:95:c1:e4:0f:03:26:de:f4:4b:
26:07:5d:9a:5d:32:de:0d:8e:1d:c5:fb:8a:81:c4:
c7:45:9d:e4:c9:21:27:8c:66:d2:e4:e1:b1:cc:0b:
3e:c4:bd:08:49:26:26:ad:00:64:83:d1:8e:b7:f8:
e4:42:17:ce:af:7b:64:ee:95:db:77:32:64:c6:cf:
bc:92:57:b8:9e:2a:33:2b:16:c5:59:fb:31:7f:0d:
1d:28:ef:fb:d0:89:5e:ef:7f:e4:7c:c0:91:8f:c0:
61:96:9c:1f:fb:72:19:c3:b3:ca:a2:ce:83:15:dd:
72:98:2e:67:6b:32:fa:35:c7:32:de:8e:67:cb:e5:
6d:37:72:95:b3:40:ee:5d:19:43:9a:ef:c7:38:59:
03:56:84:3b:eb:96:20:09:a5:2c:5d:bd:ee:c4:fe:
01:e5:24:75:e8:d8:92:36:6d:b3:c6:1f:82:d5:49:
8a:d3:b6:d3:95:ba:56:7c:49:42:8f:5d:dd:85:2b:
ed:0b:32:63:fd:b3:3d:14:38:e5:0c:60:4b:85:1a:
54:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8A:2A:B6:17:05:53:81:51:5C:D8:D5:52:12:02:76:5A:63:BF:8E
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/PooqthcFU4FRXNjVUhICdlpjv44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.90.0/23
Signature Algorithm: sha256WithRSAEncryption
88:22:19:37:06:ca:79:e8:0f:f5:af:20:b2:9d:38:d5:11:5d:
da:2d:10:65:4f:7b:54:bc:22:a7:c9:d5:60:ba:18:78:78:c0:
3e:28:48:aa:44:3f:00:4c:60:44:a7:f7:88:f1:5f:df:35:8d:
cd:3e:b7:e8:ce:86:75:79:e7:5a:ce:d0:e1:eb:cb:b6:98:33:
37:2d:f4:b9:13:c3:ae:7c:49:a5:fa:6c:61:12:6a:97:ec:d4:
98:07:ea:27:c1:86:6d:e4:ff:b0:af:50:b8:b2:5f:6d:cd:e3:
9a:89:76:4c:52:6c:42:2d:2d:c1:4f:9f:d1:32:84:93:ef:5e:
96:7a:c4:ce:25:19:47:bd:a3:6f:41:e3:be:5f:de:a4:60:55:
ef:61:49:1b:2c:94:49:eb:09:5f:ba:5c:7f:fa:88:44:37:7b:
2b:f5:a9:59:8b:53:62:64:c9:3c:1c:5a:56:8c:ef:78:d6:b7:
f6:e5:36:32:5b:e7:2a:32:ec:05:41:87:7d:5b:a9:f4:d6:74:
cd:b4:4b:72:4a:00:0b:c2:78:62:e8:8c:34:21:b1:4a:a2:0b:
63:e7:0a:84:9f:f3:8c:1b:69:9f:c6:7c:0d:c4:51:29:bf:43:
94:c7:5c:15:31:df:96:91:7e:18:27:e9:e4:78:f3:8f:7d:bc:
06:2e:97:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYVWDDSuCln6t+mVgGtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjMwMTAyMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThhMmFiNjE3MDU1MzgxNTE1Y2Q4ZDU1MjEyMDI3NjVhNjNiZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b+3Hr88cbSGuYdEZJcS94KbMiLp
hlj7CwZD5lOd0Drxuy2LLcO4mgGONyWHFfLatSWVweQPAybe9EsmB12aXTLeDY4d
xfuKgcTHRZ3kySEnjGbS5OGxzAs+xL0ISSYmrQBkg9GOt/jkQhfOr3tk7pXbdzJk
xs+8kle4niozKxbFWfsxfw0dKO/70Ile73/kfMCRj8Bhlpwf+3IZw7PKos6DFd1y
mC5nazL6Nccy3o5ny+VtN3KVs0DuXRlDmu/HOFkDVoQ765YgCaUsXb3uxP4B5SR1
6NiSNm2zxh+C1UmK07bTlbpWfElCj13dhSvtCzJj/bM9FDjlDGBLhRpUYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6KKrYXBVOBUVzY1VISAnZaY7+OMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvUG9vcXRoY0ZVNEZSWE5qVlVoSUNkbHBqdjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHlaMA0G
CSqGSIb3DQEBCwUAA4IBAQCIIhk3Bsp56A/1ryCynTjVEV3aLRBlT3tUvCKnydVg
uhh4eMA+KEiqRD8ATGBEp/eI8V/fNY3NPrfozoZ1eedaztDh68u2mDM3LfS5E8Ou
fEml+mxhEmqX7NSYB+onwYZt5P+wr1C4sl9tzeOaiXZMUmxCLS3BT5/RMoST716W
esTOJRlHvaNvQeO+X96kYFXvYUkbLJRJ6wlfulx/+ohEN3sr9alZi1NiZMk8HFpW
jO941rf25TYyW+cqMuwFQYd9W6n01nTNtEtySgALwnhi6Iw0IbFKogtj5wqEn/OM
G2mfxnwNxFEpv0OUx1wVMd+WkX4YJ+nkePOPfbwGLpfP
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:35 2025 by rpki-client