Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/ln5awNaTssv5C1wAsdMnn7DojLQ.roa
File: ln5awNaTssv5C1wAsdMnn7DojLQ.roa (raw, json)
Hash identifier: LpRIMb2RwmfJcTorTKmtLgtxLGsiOXrMsv+D478idRU=
Subject key identifier: 96:7E:5A:C0:D6:93:B2:CB:F9:0B:5C:00:B1:D3:27:9F:B0:E8:8C:B4
Certificate issuer: /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial: 01856E78E85EF92B99F7B267C937B21D241B
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/ln5awNaTssv5C1wAsdMnn7DojLQ.roa
Signing time: Sun 01 Jan 2023 17:54:55 +0000
ROA not before: Sun 01 Jan 2023 17:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47796
IP address blocks: 176.122.210.0/24 maxlen: 24
176.122.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:e8:5e:f9:2b:99:f7:b2:67:c9:37:b2:1d:24:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Validity
Not Before: Jan 1 17:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=967e5ac0d693b2cbf90b5c00b1d3279fb0e88cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9d:45:9a:ef:8e:13:58:b1:9b:88:3b:f6:10:
83:24:e5:99:aa:7d:fc:48:a0:30:94:24:e5:78:e5:
65:15:5b:59:56:a8:49:6e:0f:ff:e7:22:86:b0:d0:
21:cd:5e:35:87:63:92:33:d7:5b:c2:af:05:5c:fc:
80:15:d6:ed:71:31:ef:7c:96:71:a9:12:03:38:24:
dd:bd:55:dc:f8:b4:46:0f:54:41:41:9c:70:80:01:
50:d0:f3:5c:73:02:bd:e3:37:04:34:15:ec:e7:f0:
95:6e:5a:2e:57:18:84:55:87:91:dc:fe:33:bc:3d:
77:16:2c:27:f9:f1:0c:e8:37:01:3b:89:d1:f8:a3:
73:40:fe:ba:42:e7:89:0d:42:7a:95:bb:e4:d9:34:
8f:09:86:d8:63:48:62:0a:3b:3d:52:80:28:53:2a:
be:f9:43:5e:b1:51:82:32:23:62:1d:77:26:c3:25:
9e:f6:47:21:c9:e5:b2:42:47:96:3e:df:3e:fb:84:
d5:61:8f:c5:af:1a:54:a0:1b:cc:d0:23:a8:9b:00:
e7:97:97:01:08:51:23:86:1d:4d:57:e0:c8:f9:90:
05:5a:65:fc:29:2e:6f:0e:d3:df:98:fa:59:26:a7:
61:d5:b1:cd:9e:e8:4a:cc:8a:6f:c2:70:fd:2c:b7:
e5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7E:5A:C0:D6:93:B2:CB:F9:0B:5C:00:B1:D3:27:9F:B0:E8:8C:B4
X509v3 Authority Key Identifier:
keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/ln5awNaTssv5C1wAsdMnn7DojLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.210.0/23
Signature Algorithm: sha256WithRSAEncryption
03:a9:60:1b:38:63:56:e8:47:9c:b9:4a:6c:f0:73:21:0c:b1:
67:12:e6:e0:1b:5e:72:14:9b:77:91:7d:02:a8:5c:50:ba:ca:
60:f1:8b:fe:73:1e:cd:cd:a9:2b:cc:3f:9a:39:42:8c:cb:49:
87:9e:d1:0b:c5:e2:a3:bc:f2:e5:05:7a:26:32:b8:b4:b0:46:
c6:a4:78:f6:cf:a3:ab:03:b4:d8:af:a6:3d:ad:5b:e4:b2:73:
fa:17:39:16:f3:33:6a:75:9b:a3:8c:59:f7:7c:70:47:ac:97:
c9:ab:8d:c2:30:2f:55:ce:9a:1a:81:31:f5:c8:77:3a:40:9b:
e5:52:d6:01:db:b8:b9:4b:e1:01:35:e7:1b:a4:6b:7e:61:1d:
26:6f:17:c8:56:7d:74:02:3c:c6:e2:1d:aa:3d:98:b2:9b:93:
83:f3:94:6b:a2:cf:10:66:5f:a8:9a:6d:a1:9e:89:e1:e3:e5:
f5:dc:83:e7:b4:2b:5b:ca:9d:d7:67:10:a9:1b:11:b6:df:e0:
7c:e4:9d:98:e4:01:ed:71:56:3d:f3:5c:39:f7:4e:eb:ba:24:
6a:dc:bc:81:f4:72:2b:21:a3:b0:cc:5a:94:81:f3:10:08:9f:
19:b0:75:0c:a1:e3:a2:15:9e:94:e8:c0:de:cb:54:c7:eb:08:
31:d7:fc:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVueOhe+SuZ97JnyTeyHSQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2
Zjg4MzIwHhcNMjMwMTAxMTc1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdlNWFjMGQ2OTNiMmNiZjkwYjVjMDBiMWQzMjc5ZmIwZTg4Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJ1Fmu+OE1ixm4g79hCDJOWZqn38
SKAwlCTleOVlFVtZVqhJbg//5yKGsNAhzV41h2OSM9dbwq8FXPyAFdbtcTHvfJZx
qRIDOCTdvVXc+LRGD1RBQZxwgAFQ0PNccwK94zcENBXs5/CVblouVxiEVYeR3P4z
vD13Fiwn+fEM6DcBO4nR+KNzQP66QueJDUJ6lbvk2TSPCYbYY0hiCjs9UoAoUyq+
+UNesVGCMiNiHXcmwyWe9kchyeWyQkeWPt8++4TVYY/FrxpUoBvM0COomwDnl5cB
CFEjhh1NV+DI+ZAFWmX8KS5vDtPfmPpZJqdh1bHNnuhKzIpvwnD9LLflywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZ+WsDWk7LL+QtcALHTJ5+w6Iy0MB8GA1UdIwQY
MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt
Y2I5ZTFlZDc3OWFjLzEvbG41YXdOYVRzc3Y1QzF3QXNkTW5uN0RvakxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj
LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G
CSqGSIb3DQEBCwUAA4IBAQADqWAbOGNW6EecuUps8HMhDLFnEubgG15yFJt3kX0C
qFxQuspg8Yv+cx7NzakrzD+aOUKMy0mHntELxeKjvPLlBXomMri0sEbGpHj2z6Or
A7TYr6Y9rVvksnP6FzkW8zNqdZujjFn3fHBHrJfJq43CMC9VzpoagTH1yHc6QJvl
UtYB27i5S+EBNecbpGt+YR0mbxfIVn10AjzG4h2qPZiym5OD85Rros8QZl+omm2h
nonh4+X13IPntCtbyp3XZxCpGxG23+B85J2Y5AHtcVY981w5907ruiRq3LyB9HIr
IaOwzFqUgfMQCJ8ZsHUMoeOiFZ6U6MDey1TH6wgx1/xo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:28 2025 by rpki-client