Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/Q1n8RGTKIoYjFMLvx--KvAG-GJk.roa
File: Q1n8RGTKIoYjFMLvx--KvAG-GJk.roa (raw, json)
Hash identifier: t4d36xQQaUgms2I0aUUlLyxSPGhO5sWtU1w+C8OeoYw=
Subject key identifier: 43:59:FC:44:64:CA:22:86:23:14:C2:EF:C7:EF:8A:BC:01:BE:18:99
Certificate issuer: /CN=6e046aeb6a01ca48a49750d881b79f7a78d51089
Certificate serial: 31EC2576
Authority key identifier: 6E:04:6A:EB:6A:01:CA:48:A4:97:50:D8:81:B7:9F:7A:78:D5:10:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bgRq62oBykikl1DYgbefenjVEIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/Q1n8RGTKIoYjFMLvx--KvAG-GJk.roa
Signing time: Sat 01 Jan 2022 12:55:50 +0000
ROA not before: Sat 01 Jan 2022 12:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56534
IP address blocks: 176.53.197.0/24 maxlen: 24
176.53.198.0/23 maxlen: 24
176.53.204.0/22 maxlen: 22
176.53.200.0/22 maxlen: 24
176.53.212.0/22 maxlen: 22
176.53.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 837559670 (0x31ec2576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e046aeb6a01ca48a49750d881b79f7a78d51089
Validity
Not Before: Jan 1 12:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4359fc4464ca22862314c2efc7ef8abc01be1899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f4:43:2c:06:5d:16:8b:b8:58:1f:36:20:42:
90:5b:c0:8b:0e:07:b2:9d:f7:6c:f8:60:d5:21:3e:
7a:7a:a8:a5:93:83:93:80:5e:09:8d:6a:9c:be:eb:
f7:dc:f0:27:5a:de:83:bd:7a:d9:4b:4a:dc:a1:a5:
fc:e6:f8:a8:58:11:11:e5:f9:ec:c8:9f:71:47:03:
a7:94:7d:69:71:e6:96:ae:82:59:14:72:45:92:bb:
18:fc:a8:21:14:b6:a6:9d:82:01:42:51:e8:5b:e8:
dd:88:dd:f7:da:71:0e:97:2f:e8:1d:89:13:6d:4a:
4a:9f:92:45:ac:b8:2c:94:35:05:62:f8:02:58:5a:
87:2b:fc:04:34:0c:e0:89:30:58:e3:fe:e0:9e:f0:
dc:d7:b6:aa:5e:f8:28:1e:dc:df:f7:7d:b4:d7:f3:
f7:28:eb:b9:4a:00:9f:40:57:b1:9f:b1:5a:b4:f1:
a3:3f:07:b7:ee:d2:17:7d:ec:98:ae:f0:59:25:f5:
95:30:3a:aa:ff:a9:d1:2d:7e:d7:63:96:f4:35:d6:
27:11:91:ad:38:5b:48:93:80:0a:0b:55:98:38:21:
ab:cf:01:af:10:94:87:0f:85:bf:e6:e4:31:d5:a1:
b4:61:1a:56:af:5a:8b:00:96:b2:35:93:6a:a2:53:
4c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:59:FC:44:64:CA:22:86:23:14:C2:EF:C7:EF:8A:BC:01:BE:18:99
X509v3 Authority Key Identifier:
keyid:6E:04:6A:EB:6A:01:CA:48:A4:97:50:D8:81:B7:9F:7A:78:D5:10:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgRq62oBykikl1DYgbefenjVEIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/Q1n8RGTKIoYjFMLvx--KvAG-GJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/bgRq62oBykikl1DYgbefenjVEIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.197.0-176.53.207.255
176.53.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:5c:45:f2:84:95:98:90:74:e3:ed:66:89:cc:7b:a0:28:c8:
01:7e:78:f7:ac:01:f1:f8:13:af:92:dd:63:5c:88:fa:c5:23:
95:f4:f1:5c:aa:44:67:97:d3:d6:43:6e:bc:b6:ef:62:cb:d9:
68:0f:6a:51:8d:e5:54:62:f9:70:a7:1a:8d:cf:95:31:6a:6d:
2c:27:29:e3:69:aa:34:62:21:25:3a:7a:98:4e:ed:5e:ae:39:
86:7f:c7:0f:0c:12:4c:53:38:b2:17:ec:4e:cd:6d:63:f8:f5:
c9:84:c1:2f:b4:2e:ac:39:21:82:76:21:71:eb:d8:5d:56:d5:
6b:dd:f1:44:62:cb:68:20:f1:a9:75:7b:a9:46:fb:d3:bb:25:
89:26:25:51:b0:7d:80:8d:e1:61:04:f3:37:27:b9:3d:e7:d5:
04:16:a2:a1:71:3d:07:d1:f2:6b:cb:fb:0e:b3:28:6c:c5:fd:
2f:41:a8:ca:64:f0:e0:27:21:0e:e6:3d:7d:08:55:55:42:c4:
c3:77:c9:11:1b:7c:ba:71:f2:36:ca:cd:e7:bd:04:27:81:45:
d3:84:0d:d9:75:b4:a0:70:cd:09:cc:87:27:98:c9:41:fe:c3:
49:12:8f:77:d1:bb:84:ea:f9:81:53:e1:50:e2:0d:4d:f9:9b:
d4:94:42:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEMewldjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTA0NmFlYjZhMDFjYTQ4YTQ5NzUwZDg4MWI3OWY3YTc4ZDUxMDg5MB4XDTIyMDEw
MTEyNTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM1OWZjNDQ2NGNh
MjI4NjIzMTRjMmVmYzdlZjhhYmMwMWJlMTg5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJv0QywGXRaLuFgfNiBCkFvAiw4Hsp33bPhg1SE+enqopZOD
k4BeCY1qnL7r99zwJ1reg7162UtK3KGl/Ob4qFgREeX57MifcUcDp5R9aXHmlq6C
WRRyRZK7GPyoIRS2pp2CAUJR6Fvo3Yjd99pxDpcv6B2JE21KSp+SRay4LJQ1BWL4
Alhahyv8BDQM4IkwWOP+4J7w3Ne2ql74KB7c3/d9tNfz9yjruUoAn0BXsZ+xWrTx
oz8Ht+7SF33smK7wWSX1lTA6qv+p0S1+12OW9DXWJxGRrThbSJOACgtVmDghq88B
rxCUhw+Fv+bkMdWhtGEaVq9aiwCWsjWTaqJTTPcCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBRDWfxEZMoihiMUwu/H74q8Ab4YmTAfBgNVHSMEGDAWgBRuBGrragHKSKSX
UNiBt596eNUQiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JnUnE2Mm9CeWtpa2wxRFlnYmVmZW5qVkVJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvODA5ZGEwLWUzOTUtNGY4MC1hYjE3LTNkNGRhOGQxMjgwNi8x
L1ExbjhSR1RLSW9ZakZNTHZ4LS1LdkFHLUdKay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
ODA5ZGEwLWUzOTUtNGY4MC1hYjE3LTNkNGRhOGQxMjgwNi8xL2JnUnE2Mm9CeWtp
a2wxRFlnYmVmZW5qVkVJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAsDXFAwQEsDXAAwQCsDXUMA0G
CSqGSIb3DQEBCwUAA4IBAQChXEXyhJWYkHTj7WaJzHugKMgBfnj3rAHx+BOvkt1j
XIj6xSOV9PFcqkRnl9PWQ268tu9iy9loD2pRjeVUYvlwpxqNz5Uxam0sJynjaao0
YiElOnqYTu1erjmGf8cPDBJMUziyF+xOzW1j+PXJhMEvtC6sOSGCdiFx69hdVtVr
3fFEYstoIPGpdXupRvvTuyWJJiVRsH2AjeFhBPM3J7k959UEFqKhcT0H0fJry/sO
syhsxf0vQajKZPDgJyEO5j19CFVVQsTDd8kRG3y6cfI2ys3nvQQngUXThA3ZdbSg
cM0JzIcnmMlB/sNJEo930buE6vmBU+FQ4g1N+ZvUlEIy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:00 2025 by rpki-client