Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/cRZSY5J-oW5jpW4hz-phG0FCAVk.roa
File: cRZSY5J-oW5jpW4hz-phG0FCAVk.roa (raw, json)
Hash identifier: cUOWNGPn2FnTveCaQlE9NUpP2qqNj+tlNSIF+Qxbqpg=
Subject key identifier: 71:16:52:63:92:7E:A1:6E:63:A5:6E:21:CF:EA:61:1B:41:42:01:59
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 018570B987294C122F8EDAA08EF72E4DE614
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/cRZSY5J-oW5jpW4hz-phG0FCAVk.roa
Signing time: Mon 02 Jan 2023 04:24:44 +0000
ROA not before: Mon 02 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32323
IP address blocks: 176.121.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:87:29:4c:12:2f:8e:da:a0:8e:f7:2e:4d:e6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71165263927ea16e63a56e21cfea611b41420159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:54:56:56:b9:8e:58:3a:7d:7d:a4:84:de:a0:
66:4a:b5:b1:7e:ef:c8:c6:d0:b5:1b:14:2f:58:e9:
fa:86:78:d3:be:ca:cc:32:05:57:fc:5a:74:51:b3:
27:1f:e3:8c:c7:7f:25:35:4f:b3:5c:ad:0c:18:30:
7b:a0:22:ee:a4:66:a3:57:c6:38:33:99:0a:b7:20:
2a:19:b2:6b:83:59:86:ed:71:3d:24:6a:3f:e3:67:
ef:59:76:f2:71:aa:75:12:1a:6e:96:93:fe:23:e4:
98:fb:77:10:3f:c4:2a:c0:9d:bb:48:35:b5:6e:af:
8b:41:1a:ba:f9:85:7d:c6:2f:48:d3:cd:ad:32:b8:
80:67:9b:9e:c2:26:da:4d:14:07:51:66:47:2b:e1:
dd:bd:76:5b:bb:93:23:1c:49:ce:f6:d0:4f:53:b7:
f9:91:21:cb:52:f8:09:ed:ad:62:c2:5b:09:13:ee:
a0:c7:b9:af:ed:88:93:c1:57:01:38:7a:e1:fa:63:
52:41:4e:e1:c5:c6:ec:45:12:21:f1:9d:91:32:33:
c1:3c:5b:f3:15:65:f0:8c:56:24:f0:dc:e7:76:9b:
b4:a3:d5:b2:7a:5b:54:a8:49:4f:65:34:95:3a:3a:
13:a6:a5:22:16:13:07:ab:49:af:07:16:92:33:62:
ed:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:16:52:63:92:7E:A1:6E:63:A5:6E:21:CF:EA:61:1B:41:42:01:59
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/cRZSY5J-oW5jpW4hz-phG0FCAVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.92.0/24
Signature Algorithm: sha256WithRSAEncryption
67:25:1b:58:c9:9f:80:60:7c:b3:3f:51:c7:60:fc:f6:ff:1f:
51:2a:7e:85:0a:fb:7b:25:88:d3:c0:45:12:e6:9e:3e:13:f0:
cc:17:8e:3b:ad:43:c1:e3:5f:a3:59:d9:d4:f7:8b:6f:54:1d:
e2:50:28:34:31:b4:56:29:7c:70:e9:59:15:c8:45:e1:83:0c:
f0:f6:cd:64:a9:80:38:2b:74:60:7d:63:39:4b:f6:b0:44:38:
fd:d1:99:2f:3c:5b:ee:c7:d4:51:cd:71:ef:84:81:c1:b5:de:
96:58:23:87:93:87:de:54:55:34:45:e8:6e:5b:2d:f6:92:c2:
ed:22:67:0b:96:f5:6d:92:e6:f1:7d:c7:75:51:cd:80:5b:9d:
4d:b7:ab:2d:43:f3:5e:cd:d4:69:54:1d:48:92:26:ac:fb:cb:
4a:0d:4b:d5:a7:38:37:9c:9a:c2:9d:12:61:83:d2:92:86:03:
86:6a:af:a9:60:56:12:32:10:78:b8:10:be:9d:e4:f7:9a:bc:
9b:46:64:23:49:4c:d2:30:cd:c6:4e:f7:a7:e3:d7:86:6e:5c:
bc:88:0a:b8:97:bf:0f:98:44:9d:1c:6a:55:d2:b4:83:5e:b4:
0f:23:77:5c:69:2d:15:dc:70:3d:f8:65:83:76:24:82:6b:47:
1f:e5:f7:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYcpTBIvjtqgjvcuTeYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjMwMTAyMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE2NTI2MzkyN2VhMTZlNjNhNTZlMjFjZmVhNjExYjQxNDIwMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolRWVrmOWDp9faSE3qBmSrWxfu/I
xtC1GxQvWOn6hnjTvsrMMgVX/Fp0UbMnH+OMx38lNU+zXK0MGDB7oCLupGajV8Y4
M5kKtyAqGbJrg1mG7XE9JGo/42fvWXbycap1EhpulpP+I+SY+3cQP8QqwJ27SDW1
bq+LQRq6+YV9xi9I082tMriAZ5uewibaTRQHUWZHK+HdvXZbu5MjHEnO9tBPU7f5
kSHLUvgJ7a1iwlsJE+6gx7mv7YiTwVcBOHrh+mNSQU7hxcbsRRIh8Z2RMjPBPFvz
FWXwjFYk8Nzndpu0o9WyeltUqElPZTSVOjoTpqUiFhMHq0mvBxaSM2LtNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEWUmOSfqFuY6VuIc/qYRtBQgFZMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvY1JaU1k1Si1vVzVqcFc0aHotcGhHMEZDQVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHlcMA0G
CSqGSIb3DQEBCwUAA4IBAQBnJRtYyZ+AYHyzP1HHYPz2/x9RKn6FCvt7JYjTwEUS
5p4+E/DMF447rUPB41+jWdnU94tvVB3iUCg0MbRWKXxw6VkVyEXhgwzw9s1kqYA4
K3RgfWM5S/awRDj90ZkvPFvux9RRzXHvhIHBtd6WWCOHk4feVFU0RehuWy32ksLt
ImcLlvVtkubxfcd1Uc2AW51Nt6stQ/NezdRpVB1Ikias+8tKDUvVpzg3nJrCnRJh
g9KShgOGaq+pYFYSMhB4uBC+neT3mrybRmQjSUzSMM3GTven49eGbly8iAq4l78P
mESdHGpV0rSDXrQPI3dcaS0V3HA9+GWDdiSCa0cf5ff3
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:59 2025 by rpki-client