Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/aDDKiYvYLFiTr9N1N756UvDjCas.roa
File: aDDKiYvYLFiTr9N1N756UvDjCas.roa (raw, json)
Hash identifier: Rg2QP9v13p5N85aK+u1/1UKA7IhKH9SsDPtYE6i5NR8=
Subject key identifier: 68:30:CA:89:8B:D8:2C:58:93:AF:D3:75:37:BE:7A:52:F0:E3:09:AB
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 055947D4
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/aDDKiYvYLFiTr9N1N756UvDjCas.roa
Signing time: Sat 01 Jan 2022 03:02:22 +0000
ROA not before: Sat 01 Jan 2022 03:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17819
IP address blocks: 176.121.90.0/24 maxlen: 24
176.121.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89737172 (0x55947d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 1 03:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6830ca898bd82c5893afd37537be7a52f0e309ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:07:32:26:4e:29:68:37:7d:9e:bd:9c:1c:2f:
24:19:fa:9a:8f:f0:dd:b4:65:e9:f1:e7:2a:48:ec:
08:ee:71:f3:0b:c3:44:69:91:28:18:05:01:6b:b7:
c2:47:cd:9c:ac:d5:1e:ec:30:76:28:03:c9:1b:35:
08:4d:6d:07:80:5e:35:a1:0c:0b:89:bc:ed:5b:ad:
4e:e9:73:2e:58:e9:72:86:52:3b:42:56:f0:6c:b2:
d2:ae:13:bd:35:10:2f:e0:de:f6:58:a4:e5:c4:c5:
60:d5:7b:8b:28:e0:af:0a:6e:37:03:36:70:ac:a6:
a4:01:7e:5e:7f:49:50:4f:d1:53:bf:05:22:22:90:
b6:0a:f3:80:86:d5:b9:23:cf:7e:99:e3:20:e6:17:
10:d9:8c:46:0c:04:8b:f3:a1:26:fc:13:ea:f8:ae:
80:c5:cf:ab:1b:31:8a:06:d3:20:57:d9:df:d0:1b:
94:bf:9f:c0:2b:80:b3:f5:64:9d:f3:fd:ce:79:b4:
e4:5a:20:ad:00:37:5e:1c:1a:3a:e6:bd:3a:ae:93:
3b:9d:c5:26:df:d7:7d:5c:74:ca:02:20:4e:c9:0d:
ac:aa:d7:b6:86:45:02:67:8a:b2:d0:fb:80:3f:d6:
e4:16:1e:49:40:f9:63:b5:f7:1d:71:52:53:25:18:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:30:CA:89:8B:D8:2C:58:93:AF:D3:75:37:BE:7A:52:F0:E3:09:AB
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/aDDKiYvYLFiTr9N1N756UvDjCas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.90.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:91:c3:18:2e:2e:07:57:d8:0d:eb:73:b7:5d:6e:47:ac:be:
48:e8:85:5c:dc:80:4c:eb:b0:da:1f:ab:c5:dc:c0:75:44:24:
c3:c9:28:d4:3a:c0:cb:bf:31:ad:d0:1b:1c:44:eb:30:90:af:
7d:2f:d6:d7:69:ee:ec:8c:42:87:e9:15:a2:47:6c:64:4c:dd:
04:d6:de:cd:34:fa:a5:69:07:6f:0d:d3:28:ab:da:76:4b:3c:
81:bc:78:ef:1d:be:59:c9:70:f9:f9:58:a4:31:5d:13:7c:8a:
d1:8d:2b:85:5a:2d:7d:26:74:cd:22:c5:95:9c:05:f0:1d:5a:
ec:c7:12:61:b3:ef:c2:0b:d9:4b:6a:bb:22:61:48:f9:dd:ce:
72:d8:4e:dd:65:94:c5:40:91:0b:cd:6e:d7:a7:c8:d3:3c:89:
07:9f:92:68:f4:64:49:af:fa:be:e9:95:7c:fd:c9:41:68:3e:
8e:6c:ec:2b:40:40:b7:7c:d9:f9:9d:81:42:4f:72:bd:ea:d9:
aa:bf:2f:0d:6f:07:2b:8d:fc:52:c0:b6:90:62:02:d1:35:7c:
ce:39:23:f9:4e:e2:d4:34:37:45:af:4c:06:d9:cc:3f:59:b3:
d7:2d:39:65:de:0b:73:9f:ed:97:2f:d4:79:bf:62:31:c1:49:
02:6f:39:52
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBVlH1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Mzg5ZTcwMzViMDhlMTgxYTM0MWYzN2VkYTczNDNkMjNmMWNhZmE0MB4XDTIyMDEw
MTAzMDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgzMGNhODk4YmQ4
MmM1ODkzYWZkMzc1MzdiZTdhNTJmMGUzMDlhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOIHMiZOKWg3fZ69nBwvJBn6mo/w3bRl6fHnKkjsCO5x8wvD
RGmRKBgFAWu3wkfNnKzVHuwwdigDyRs1CE1tB4BeNaEMC4m87VutTulzLljpcoZS
O0JW8Gyy0q4TvTUQL+De9lik5cTFYNV7iyjgrwpuNwM2cKympAF+Xn9JUE/RU78F
IiKQtgrzgIbVuSPPfpnjIOYXENmMRgwEi/OhJvwT6viugMXPqxsxigbTIFfZ39Ab
lL+fwCuAs/VknfP9znm05FogrQA3XhwaOua9Oq6TO53FJt/XfVx0ygIgTskNrKrX
toZFAmeKstD7gD/W5BYeSUD5Y7X3HXFSUyUYjekCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoMMqJi9gsWJOv03U3vnpS8OMJqzAfBgNVHSMEGDAWgBSjiecDWwjhgaNB
837ac0PSPxyvpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L280bm5BMXNJNFlHalFmTi0ybk5EMGo4Y3I2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvZjA1M2NkLTFkNzktNDNhMS05YWFiLTBlNzI0MTZiNGRjNy8x
L2FEREtpWXZZTEZpVHI5TjFONzU2VXZEakNhcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
ZjA1M2NkLTFkNzktNDNhMS05YWFiLTBlNzI0MTZiNGRjNy8xL280bm5BMXNJNFlH
alFmTi0ybk5EMGo4Y3I2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbB5WjANBgkqhkiG9w0BAQsFAAOC
AQEAX5HDGC4uB1fYDetzt11uR6y+SOiFXNyATOuw2h+rxdzAdUQkw8ko1DrAy78x
rdAbHETrMJCvfS/W12nu7IxCh+kVokdsZEzdBNbezTT6pWkHbw3TKKvadks8gbx4
7x2+Wclw+flYpDFdE3yK0Y0rhVotfSZ0zSLFlZwF8B1a7McSYbPvwgvZS2q7ImFI
+d3OcthO3WWUxUCRC81u16fI0zyJB5+SaPRkSa/6vumVfP3JQWg+jmzsK0BAt3zZ
+Z2BQk9yverZqr8vDW8HK438UsC2kGIC0TV8zjkj+U7i1DQ3Ra9MBtnMP1mz1y05
Zd4Lc5/tly/Ueb9iMcFJAm85Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:59 2024 by rpki-client on console-fra.rpki-client.org