Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/_Ml_s0_-eXm5C1gWOn5rt9sH9KM.roa
File: _Ml_s0_-eXm5C1gWOn5rt9sH9KM.roa (raw, json)
Hash identifier: 0+KU5k+AkRF8/4/JASwxLrpEDiAMtrg92QEf8dRp4vU=
Subject key identifier: FC:C9:7F:B3:4F:FE:79:79:B9:0B:58:16:3A:7E:6B:B7:DB:07:F4:A3
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41E0EEF6960523458F327DE9E57B86
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/_Ml_s0_-eXm5C1gWOn5rt9sH9KM.roa
Signing time: Sun 01 Jan 2023 16:54:49 +0000
ROA not before: Sun 01 Jan 2023 16:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57746
IP address blocks: 176.223.96.0/23 maxlen: 23
176.223.96.0/22 maxlen: 22
176.223.98.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:e0:ee:f6:96:05:23:45:8f:32:7d:e9:e5:7b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcc97fb34ffe7979b90b58163a7e6bb7db07f4a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6f:a6:4b:4b:62:5b:66:98:e5:4b:e5:78:10:
9c:c5:11:83:b0:9b:8f:6f:c9:64:b8:c6:83:39:cf:
79:d9:2f:26:71:b9:12:79:1f:09:f9:24:37:9a:3f:
10:50:00:fa:bf:0f:9f:e4:40:af:a7:07:58:d1:3d:
b0:2b:b4:df:6c:6d:89:f6:ae:ad:49:f5:c4:5f:93:
5f:51:27:96:26:01:00:1e:be:90:e9:9d:36:22:16:
d2:db:f5:ec:2c:3d:60:b1:1f:87:25:7f:01:d3:33:
94:a5:58:d4:bd:d2:4e:b3:46:ab:33:57:23:a0:21:
58:eb:ea:2b:8c:42:72:9c:d9:3c:8e:d0:28:5a:b8:
9d:47:af:97:f2:a6:ab:24:4b:7a:8b:55:3d:a7:df:
bf:11:83:13:81:23:94:a6:b6:87:d8:04:93:7e:4a:
9e:75:ee:2a:1a:15:97:9a:28:da:36:ca:2d:f6:d3:
5c:62:fa:e4:27:07:63:36:05:8a:14:5b:9f:71:22:
77:36:47:29:6a:ae:cc:93:83:72:a7:85:4c:98:c4:
8e:b2:7a:c6:93:b0:1d:c7:3b:f2:38:2e:f8:6e:63:
01:cc:88:3a:34:4d:13:61:35:c5:27:08:23:a5:b0:
6c:05:fa:78:08:a2:0b:46:61:31:68:af:bc:de:b8:
4b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C9:7F:B3:4F:FE:79:79:B9:0B:58:16:3A:7E:6B:B7:DB:07:F4:A3
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/_Ml_s0_-eXm5C1gWOn5rt9sH9KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.96.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:79:49:37:9a:b4:4a:a2:8e:0e:c9:14:a3:47:5d:6f:c8:c3:
8b:73:a4:6c:63:28:20:0e:de:86:a6:e7:12:c8:79:05:24:c7:
97:29:7e:ac:ef:bb:3e:cf:9f:c3:26:aa:e9:61:bd:42:e6:c3:
ed:6a:3e:29:d1:d0:b2:e2:67:4a:53:be:27:f5:e2:ac:7b:f9:
dd:90:72:20:e0:c2:6e:6b:17:a4:e9:57:1b:f0:9d:a6:70:25:
63:d8:81:57:c7:75:33:f5:b2:48:59:15:45:07:53:bf:85:e1:
49:0d:83:0c:de:5c:4c:41:d6:51:3a:a3:01:3d:2f:f1:1a:ce:
69:c4:c1:5b:0e:34:41:2d:a7:34:a0:63:08:77:df:25:22:87:
39:41:23:f2:05:ec:32:d2:6f:d6:60:49:c0:77:13:28:fc:49:
a5:2f:76:e0:59:c5:16:08:b2:2d:02:4e:1e:2b:54:22:2b:4d:
3f:ae:cf:b2:44:86:f5:b7:4f:91:f1:ba:c7:e5:74:12:30:3b:
21:bb:36:b8:4b:db:2a:d6:45:1b:22:0c:09:ec:2a:f6:a7:92:
50:80:03:87:27:9e:95:51:e2:8d:bb:17:b3:f1:05:a3:55:45:
40:ba:73:87:27:1b:9a:52:67:71:e8:c9:3a:48:8f:39:a4:d0:
31:e6:d4:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQeDu9pYFI0WPMn3p5XuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2M5N2ZiMzRmZmU3OTc5YjkwYjU4MTYzYTdlNmJiN2RiMDdmNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG+mS0tiW2aY5UvleBCcxRGDsJuP
b8lkuMaDOc952S8mcbkSeR8J+SQ3mj8QUAD6vw+f5ECvpwdY0T2wK7TfbG2J9q6t
SfXEX5NfUSeWJgEAHr6Q6Z02IhbS2/XsLD1gsR+HJX8B0zOUpVjUvdJOs0arM1cj
oCFY6+orjEJynNk8jtAoWridR6+X8qarJEt6i1U9p9+/EYMTgSOUpraH2ASTfkqe
de4qGhWXmijaNsot9tNcYvrkJwdjNgWKFFufcSJ3Nkcpaq7Mk4Nyp4VMmMSOsnrG
k7AdxzvyOC74bmMBzIg6NE0TYTXFJwgjpbBsBfp4CKILRmExaK+83rhLdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzJf7NP/nl5uQtYFjp+a7fbB/SjMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvX01sX3MwXy1lWG01QzFnV09uNXJ0OXNIOUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsN9gMA0G
CSqGSIb3DQEBCwUAA4IBAQCOeUk3mrRKoo4OyRSjR11vyMOLc6RsYyggDt6GpucS
yHkFJMeXKX6s77s+z5/DJqrpYb1C5sPtaj4p0dCy4mdKU74n9eKse/ndkHIg4MJu
axek6Vcb8J2mcCVj2IFXx3Uz9bJIWRVFB1O/heFJDYMM3lxMQdZROqMBPS/xGs5p
xMFbDjRBLac0oGMId98lIoc5QSPyBewy0m/WYEnAdxMo/EmlL3bgWcUWCLItAk4e
K1QiK00/rs+yRIb1t0+R8brH5XQSMDshuza4S9sq1kUbIgwJ7Cr2p5JQgAOHJ56V
UeKNuxez8QWjVUVAunOHJxuaUmdx6Mk6SI85pNAx5tQS
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:06:22 2025 by rpki-client