Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/sLT4jxAqqRpfuGeCkmeOyrO8WnI.roa
File: sLT4jxAqqRpfuGeCkmeOyrO8WnI.roa (raw, json)
Hash identifier: aKw7jhpyVEL4N7zkBf3tf77a0NaCznfedhmiDgHbILc=
Subject key identifier: B0:B4:F8:8F:10:2A:A9:1A:5F:B8:67:82:92:67:8E:CA:B3:BC:5A:72
Certificate issuer: /CN=6e046aeb6a01ca48a49750d881b79f7a78d51089
Certificate serial: 32AD93A9
Authority key identifier: 6E:04:6A:EB:6A:01:CA:48:A4:97:50:D8:81:B7:9F:7A:78:D5:10:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bgRq62oBykikl1DYgbefenjVEIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/sLT4jxAqqRpfuGeCkmeOyrO8WnI.roa
Signing time: Thu 31 Mar 2022 12:06:54 +0000
ROA not before: Thu 31 Mar 2022 12:06:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56534
IP address blocks: 176.53.192.0/24 maxlen: 24
176.53.197.0/24 maxlen: 24
176.53.196.0/24 maxlen: 24
176.53.198.0/23 maxlen: 24
176.53.200.0/22 maxlen: 24
176.53.204.0/22 maxlen: 22
176.53.208.0/24 maxlen: 24
176.53.211.0/24 maxlen: 24
176.53.212.0/22 maxlen: 22
176.53.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 850236329 (0x32ad93a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e046aeb6a01ca48a49750d881b79f7a78d51089
Validity
Not Before: Mar 31 12:06:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0b4f88f102aa91a5fb8678292678ecab3bc5a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:47:e6:b1:40:7d:58:94:88:a8:49:5c:e3:17:
42:be:d4:ad:50:60:3b:e8:97:04:2e:de:73:e9:2d:
fb:41:92:fa:93:99:79:4f:47:fc:89:2e:f1:de:64:
00:6b:e1:7a:45:63:4f:2b:e0:23:57:5a:92:e5:83:
60:a2:f7:cf:0e:59:36:7d:44:fe:02:ee:34:9d:93:
d9:8a:04:d6:8e:a0:e5:7c:51:67:80:f2:c9:88:a7:
92:8c:c8:03:06:99:06:c3:ea:7e:40:46:b9:6e:61:
ec:71:c3:c2:dc:fe:98:bb:0a:ec:a1:74:fa:2b:9c:
25:04:4f:36:0a:f5:33:df:9d:09:28:43:3e:18:2d:
a7:c6:b0:df:9f:f6:db:85:8d:08:d2:8a:e5:91:1a:
c1:9c:b1:b9:ba:3d:06:4a:d4:bd:c6:ce:5f:e9:48:
8a:24:57:88:34:62:14:d3:dc:68:ed:18:df:1e:19:
e7:1c:e5:4a:98:a2:a5:ca:76:23:f4:85:7e:97:19:
55:57:64:8f:16:12:d5:a8:e1:30:08:46:d1:7e:57:
a1:d4:86:22:bd:4a:56:45:ec:6f:27:55:db:80:97:
1b:35:d1:c7:8d:f7:61:1c:b9:b6:5a:23:3f:ba:f1:
4f:04:e9:5e:49:85:7c:15:d7:9e:95:a4:1f:c7:9e:
b7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B4:F8:8F:10:2A:A9:1A:5F:B8:67:82:92:67:8E:CA:B3:BC:5A:72
X509v3 Authority Key Identifier:
keyid:6E:04:6A:EB:6A:01:CA:48:A4:97:50:D8:81:B7:9F:7A:78:D5:10:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgRq62oBykikl1DYgbefenjVEIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/sLT4jxAqqRpfuGeCkmeOyrO8WnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/809da0-e395-4f80-ab17-3d4da8d12806/1/bgRq62oBykikl1DYgbefenjVEIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.192.0/24
176.53.196.0-176.53.208.255
176.53.211.0-176.53.215.255
Signature Algorithm: sha256WithRSAEncryption
03:7c:2d:2b:87:d2:f8:e3:13:a0:c8:f9:d3:e7:94:b0:f8:7e:
e3:06:a1:cf:7e:3f:92:27:db:72:0f:8e:c5:2e:22:db:aa:af:
f8:69:35:1c:12:f2:3d:86:97:05:b3:9a:a1:e6:7c:2d:b8:12:
34:aa:9a:a6:72:af:60:3b:60:89:29:b8:35:69:60:b4:a5:01:
52:b5:21:20:2c:ce:83:dd:db:3b:ae:58:e4:f4:e4:08:24:a0:
ad:38:90:79:d5:bb:44:83:e9:5c:d2:e2:25:0a:97:18:f4:cc:
e1:52:27:48:79:d9:64:25:b0:74:92:1a:b2:5f:45:0d:a2:09:
c3:7d:70:36:d4:07:72:0d:5f:ce:83:9e:29:d4:75:c5:f2:b3:
73:70:64:f2:42:f3:4e:e5:8e:a7:63:dd:db:26:6d:3c:27:21:
e8:b0:b8:ea:d0:de:74:13:35:60:5b:99:40:c4:b9:35:95:65:
d2:72:12:7d:be:0c:91:04:68:7b:04:3b:25:c7:88:ae:74:87:
da:93:c9:59:dc:38:b1:58:e2:66:05:c1:dc:ae:ad:c3:75:f1:
e2:d7:d5:4d:28:d1:e2:a0:82:a4:fa:0e:83:28:99:b1:9e:0a:
fb:6a:48:87:60:c3:d2:14:42:ca:ae:36:5f:13:bc:43:42:a9:
f9:f3:cd:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEMq2TqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTA0NmFlYjZhMDFjYTQ4YTQ5NzUwZDg4MWI3OWY3YTc4ZDUxMDg5MB4XDTIyMDMz
MTEyMDY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBiNGY4OGYxMDJh
YTkxYTVmYjg2NzgyOTI2NzhlY2FiM2JjNWE3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFH5rFAfViUiKhJXOMXQr7UrVBgO+iXBC7ec+kt+0GS+pOZ
eU9H/Iku8d5kAGvhekVjTyvgI1dakuWDYKL3zw5ZNn1E/gLuNJ2T2YoE1o6g5XxR
Z4DyyYinkozIAwaZBsPqfkBGuW5h7HHDwtz+mLsK7KF0+iucJQRPNgr1M9+dCShD
Phgtp8aw35/224WNCNKK5ZEawZyxubo9BkrUvcbOX+lIiiRXiDRiFNPcaO0Y3x4Z
5xzlSpiipcp2I/SFfpcZVVdkjxYS1ajhMAhG0X5XodSGIr1KVkXsbydV24CXGzXR
x433YRy5tlojP7rxTwTpXkmFfBXXnpWkH8eet4sCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSwtPiPECqpGl+4Z4KSZ47Ks7xacjAfBgNVHSMEGDAWgBRuBGrragHKSKSX
UNiBt596eNUQiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JnUnE2Mm9CeWtpa2wxRFlnYmVmZW5qVkVJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvODA5ZGEwLWUzOTUtNGY4MC1hYjE3LTNkNGRhOGQxMjgwNi8x
L3NMVDRqeEFxcVJwZnVHZUNrbWVPeXJPOFduSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
ODA5ZGEwLWUzOTUtNGY4MC1hYjE3LTNkNGRhOGQxMjgwNi8xL2JnUnE2Mm9CeWtp
a2wxRFlnYmVmZW5qVkVJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowKAQCAAEwIgMEALA1wDAMAwQCsDXEAwQAsDXQMAwD
BACwNdMDBAOwNdAwDQYJKoZIhvcNAQELBQADggEBAAN8LSuH0vjjE6DI+dPnlLD4
fuMGoc9+P5In23IPjsUuItuqr/hpNRwS8j2GlwWzmqHmfC24EjSqmqZyr2A7YIkp
uDVpYLSlAVK1ISAszoPd2zuuWOT05AgkoK04kHnVu0SD6VzS4iUKlxj0zOFSJ0h5
2WQlsHSSGrJfRQ2iCcN9cDbUB3INX86DninUdcXys3NwZPJC807ljqdj3dsmbTwn
IeiwuOrQ3nQTNWBbmUDEuTWVZdJyEn2+DJEEaHsEOyXHiK50h9qTyVncOLFY4mYF
wdyurcN18eLX1U0o0eKggqT6DoMombGeCvtqSIdgw9IUQsquNl8TvENCqfnzzZc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:52 2025 by rpki-client