Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/SIXuTrXDGoMcoJutEfaHM5q1vXY.roa
File: SIXuTrXDGoMcoJutEfaHM5q1vXY.roa (raw, json)
Hash identifier: up/OEguEv2d+Cg8Jh5/UN5Broto7kj18YDnySf6ytvw=
Subject key identifier: 48:85:EE:4E:B5:C3:1A:83:1C:A0:9B:AD:11:F6:87:33:9A:B5:BD:76
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 02CC0897
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/SIXuTrXDGoMcoJutEfaHM5q1vXY.roa
Signing time: Sat 01 Jan 2022 13:02:33 +0000
ROA not before: Sat 01 Jan 2022 13:02:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48990
IP address blocks: 158.172.132.0/22 maxlen: 22
158.172.128.0/22 maxlen: 22
158.172.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46925975 (0x2cc0897)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 1 13:02:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4885ee4eb5c31a831ca09bad11f687339ab5bd76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:99:71:4f:08:3c:3a:4e:f3:04:51:f0:d7:a2:
be:78:df:d8:f4:91:60:68:74:89:93:55:31:ee:fe:
77:3b:a6:1f:1d:13:6b:1b:02:de:db:5f:2b:30:8e:
38:76:02:b5:5e:88:5c:f0:ed:7e:f7:c5:e3:9a:b1:
80:da:07:e3:65:35:ff:dd:77:2d:3e:66:b4:f1:47:
9d:7a:26:05:3b:31:ed:ea:93:f4:a7:32:50:c8:15:
cd:8e:eb:0d:c9:a3:2e:87:97:55:54:cb:52:9e:5b:
dc:8a:31:e5:c2:80:fd:5e:ed:40:8f:37:a4:dc:c9:
49:05:a9:80:92:91:4e:03:ed:6f:b2:f0:77:99:d5:
7c:46:0b:15:a6:ff:03:68:ec:b0:ef:41:6f:d7:ef:
4e:cc:4f:3e:82:f5:43:0e:78:95:c7:8d:61:32:22:
74:a4:3a:db:a3:bf:c2:39:e3:cf:a2:49:37:9a:f3:
f2:39:ea:9a:6c:10:3f:4f:a1:96:c0:57:bc:94:fd:
3d:42:13:ba:f1:87:ca:78:1c:62:bf:f5:bd:17:dd:
52:9f:59:64:51:57:22:3a:66:a0:5e:32:bb:d4:2b:
ff:5b:09:e2:a8:f4:e4:13:df:e5:3b:a6:6b:86:c7:
39:af:d7:bf:c5:08:00:84:14:c6:b2:cd:e2:fe:87:
84:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:85:EE:4E:B5:C3:1A:83:1C:A0:9B:AD:11:F6:87:33:9A:B5:BD:76
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/SIXuTrXDGoMcoJutEfaHM5q1vXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.128.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:22:e5:b9:10:02:c8:86:6d:3d:9c:35:96:fc:a6:94:f4:93:
b6:cc:80:11:10:65:9c:10:13:cb:00:09:d1:0a:96:f9:cb:5c:
95:93:96:ac:dd:f4:3a:53:63:f5:1b:bd:f7:b7:96:ce:ac:96:
87:9c:47:6c:bb:98:86:f3:6f:56:e3:ab:95:74:47:e1:6e:82:
ff:5e:96:09:07:30:e9:a7:34:3f:53:18:a3:1f:37:69:0d:7a:
89:46:9b:50:b3:e5:23:8a:1b:25:9e:26:b3:1e:11:fe:f9:41:
b9:c6:0f:cd:6d:66:b0:39:dc:b8:eb:f3:a9:99:a0:33:0a:f4:
a8:67:ad:c7:60:e0:b2:10:ab:fc:7b:76:b0:b3:17:3e:8a:d9:
37:55:5d:8f:f4:25:84:46:4b:f5:33:0e:3a:54:0d:b3:80:66:
db:f2:87:9c:93:07:e5:ae:84:67:60:db:a7:29:a8:b0:a5:a7:
06:1c:0c:80:ce:e1:ab:8d:1b:90:50:d9:f2:b3:c5:a8:b9:54:
0a:5d:22:a2:23:4f:2d:80:3f:87:18:b0:39:60:dc:fd:ee:9c:
60:aa:50:39:4a:13:94:e7:5a:af:87:84:65:5d:74:5b:38:3e:
5d:d7:d0:e7:be:b2:3a:b3:97:40:62:e9:9f:32:dd:27:34:0a:
1e:7c:80:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAswIlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzUzYzA2MjkwYTM3MTk5NGQ3NTc3MzE4Njg1ZjViYzRhNTM4ZDQ3MB4XDTIyMDEw
MTEzMDIzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg4NWVlNGViNWMz
MWE4MzFjYTA5YmFkMTFmNjg3MzM5YWI1YmQ3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKZcU8IPDpO8wRR8Neivnjf2PSRYGh0iZNVMe7+dzumHx0T
axsC3ttfKzCOOHYCtV6IXPDtfvfF45qxgNoH42U1/913LT5mtPFHnXomBTsx7eqT
9KcyUMgVzY7rDcmjLoeXVVTLUp5b3Iox5cKA/V7tQI83pNzJSQWpgJKRTgPtb7Lw
d5nVfEYLFab/A2jssO9Bb9fvTsxPPoL1Qw54lceNYTIidKQ626O/wjnjz6JJN5rz
8jnqmmwQP0+hlsBXvJT9PUITuvGHyngcYr/1vRfdUp9ZZFFXIjpmoF4yu9Qr/1sJ
4qj05BPf5Tuma4bHOa/Xv8UIAIQUxrLN4v6HhHsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRIhe5OtcMagxygm60R9oczmrW9djAfBgNVHSMEGDAWgBRXU8BikKNxmU11
dzGGhfW8SlONRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1YxUEFZcENqY1psTmRYY3hob1gxdkVwVGpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvYjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8x
L1NJWHVUclhER29NY29KdXRFZmFITTVxMXZYWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
YjQxYWI2LWI5ZjMtNGI0YS05YjdiLTFlZDEwOTU0YmQ5Ni8xL1YxUEFZcENqY1ps
TmRYY3hob1gxdkVwVGpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA56sgDANBgkqhkiG9w0BAQsFAAOC
AQEAjSLluRACyIZtPZw1lvymlPSTtsyAERBlnBATywAJ0QqW+ctclZOWrN30OlNj
9Ru997eWzqyWh5xHbLuYhvNvVuOrlXRH4W6C/16WCQcw6ac0P1MYox83aQ16iUab
ULPlI4obJZ4msx4R/vlBucYPzW1msDncuOvzqZmgMwr0qGetx2DgshCr/Ht2sLMX
PorZN1Vdj/QlhEZL9TMOOlQNs4Bm2/KHnJMH5a6EZ2DbpymosKWnBhwMgM7hq40b
kFDZ8rPFqLlUCl0ioiNPLYA/hxiwOWDc/e6cYKpQOUoTlOdar4eEZV10Wzg+XdfQ
576yOrOXQGLpnzLdJzQKHnyAWw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:11 2025 by rpki-client