Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/532deb-42b1-4a2d-9fff-af7d6a89752a/1/Y6bMUgOzSgMddqaf7QyHIN5jqHM.roa
File: Y6bMUgOzSgMddqaf7QyHIN5jqHM.roa (raw, json)
Hash identifier: eD/fxEjSX9f3AmwexTXrabY91kgOn1tkjVJUhqrmQxg=
Subject key identifier: 63:A6:CC:52:03:B3:4A:03:1D:76:A6:9F:ED:0C:87:20:DE:63:A8:73
Certificate issuer: /CN=826cc9938c32e04dc5443dd6c05a027a5617d97b
Certificate serial: 01856F14BE23E39EE5191458ECED5DB763CC
Authority key identifier: 82:6C:C9:93:8C:32:E0:4D:C5:44:3D:D6:C0:5A:02:7A:56:17:D9:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmzJk4wy4E3FRD3WwFoCelYX2Xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/532deb-42b1-4a2d-9fff-af7d6a89752a/1/Y6bMUgOzSgMddqaf7QyHIN5jqHM.roa
Signing time: Sun 01 Jan 2023 20:45:08 +0000
ROA not before: Sun 01 Jan 2023 20:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198248
IP address blocks: 176.102.77.0/24 maxlen: 24
176.102.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:be:23:e3:9e:e5:19:14:58:ec:ed:5d:b7:63:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826cc9938c32e04dc5443dd6c05a027a5617d97b
Validity
Not Before: Jan 1 20:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63a6cc5203b34a031d76a69fed0c8720de63a873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:eb:5f:23:99:fa:f1:1b:f5:d6:45:3a:2a:73:
44:0e:5e:e1:d0:f9:74:e8:90:36:2d:7c:ac:3a:e3:
0c:52:50:af:61:b5:d1:1f:d8:e5:6b:5f:68:91:59:
be:fe:cc:6f:0d:64:53:d3:70:82:ef:9c:7a:cf:4a:
f4:cc:87:85:88:12:90:b6:a3:c0:8b:7d:59:c5:3a:
46:b3:dd:0f:4c:04:8a:95:10:3d:ff:94:da:35:14:
75:38:c2:32:ed:c3:07:65:3c:9d:fa:6c:e9:fc:be:
87:6a:5f:b0:90:2e:99:83:41:09:dd:a6:38:be:e9:
89:e8:66:6e:14:e5:43:e4:40:e4:f3:66:b4:3d:f6:
35:d2:f7:49:e1:9e:97:ee:9c:d0:2b:3e:d4:a4:37:
ab:da:53:06:8c:88:82:00:3e:f0:cd:66:11:ce:4d:
94:9b:d7:5f:04:5c:b4:9f:aa:98:51:6f:3c:04:76:
09:da:e7:ba:2f:6b:ca:0b:28:1a:c0:1a:c4:95:ae:
21:29:7e:c8:b1:79:97:8e:c6:96:54:77:26:00:9b:
a0:b7:ee:32:7e:73:55:f8:70:c4:59:dc:e2:23:03:
9b:fc:1e:45:ed:63:7d:ca:6d:0a:a2:b6:13:36:77:
dd:09:f2:bb:75:01:82:51:c2:5e:ce:24:1e:c2:52:
f2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A6:CC:52:03:B3:4A:03:1D:76:A6:9F:ED:0C:87:20:DE:63:A8:73
X509v3 Authority Key Identifier:
keyid:82:6C:C9:93:8C:32:E0:4D:C5:44:3D:D6:C0:5A:02:7A:56:17:D9:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmzJk4wy4E3FRD3WwFoCelYX2Xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/532deb-42b1-4a2d-9fff-af7d6a89752a/1/Y6bMUgOzSgMddqaf7QyHIN5jqHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/532deb-42b1-4a2d-9fff-af7d6a89752a/1/gmzJk4wy4E3FRD3WwFoCelYX2Xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.72.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:ad:5d:e1:7e:5b:bc:98:24:79:fe:46:8a:9d:4a:91:45:f4:
3b:ba:94:26:82:5e:3b:e6:da:e7:80:54:cb:8d:08:6e:31:f4:
58:99:ab:3d:44:23:af:b9:f5:ab:78:9a:1e:b4:06:56:a2:0c:
68:9a:ee:8c:c9:b7:ce:b1:01:a1:12:59:91:14:ee:66:7e:a1:
24:81:d5:8d:a8:ff:aa:60:57:47:7d:6d:8d:98:14:48:60:8e:
c7:81:72:bd:29:11:06:55:c3:e6:67:b1:b5:a1:58:f0:a1:f1:
8d:79:f1:b4:cf:06:f6:d6:f9:55:95:2c:41:b8:2d:f7:84:c2:
97:65:9c:2f:ea:24:98:75:b1:8b:67:10:45:36:76:84:d8:24:
58:a8:4d:bc:76:c0:19:b5:9f:b5:de:d2:b1:6a:7d:93:0d:4f:
49:d7:0e:ed:75:12:d9:b3:6c:33:d7:6f:5a:10:49:59:50:b9:
1f:fb:e4:d8:a2:ff:4a:68:34:69:1d:76:9b:8a:33:78:92:f4:
01:0d:f1:94:d5:7a:3c:0e:90:e1:84:3d:1c:52:ff:bd:a9:84:
ce:61:f7:09:4a:80:de:78:0c:c9:c6:f5:bf:15:db:bb:ee:c2:
25:87:23:04:71:a6:3b:19:bb:63:dd:ae:8f:d3:37:fa:c3:3f:
97:0a:58:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFL4j457lGRRY7O1dt2PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNmNjOTkzOGMzMmUwNGRjNTQ0M2RkNmMwNWEwMjdhNTYx
N2Q5N2IwHhcNMjMwMTAxMjA0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E2Y2M1MjAzYjM0YTAzMWQ3NmE2OWZlZDBjODcyMGRlNjNhODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiutfI5n68Rv11kU6KnNEDl7h0Pl0
6JA2LXysOuMMUlCvYbXRH9jla19okVm+/sxvDWRT03CC75x6z0r0zIeFiBKQtqPA
i31ZxTpGs90PTASKlRA9/5TaNRR1OMIy7cMHZTyd+mzp/L6Hal+wkC6Zg0EJ3aY4
vumJ6GZuFOVD5EDk82a0PfY10vdJ4Z6X7pzQKz7UpDer2lMGjIiCAD7wzWYRzk2U
m9dfBFy0n6qYUW88BHYJ2ue6L2vKCygawBrEla4hKX7IsXmXjsaWVHcmAJugt+4y
fnNV+HDEWdziIwOb/B5F7WN9ym0KorYTNnfdCfK7dQGCUcJeziQewlLyzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOmzFIDs0oDHXamn+0MhyDeY6hzMB8GA1UdIwQY
MBaAFIJsyZOMMuBNxUQ91sBaAnpWF9l7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ216Sms0d3k0RTNGUkQzV3dGb0NlbFlYMlhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81MzJkZWItNDJiMS00YTJkLTlmZmYt
YWY3ZDZhODk3NTJhLzEvWTZiTVVnT3pTZ01kZHFhZjdReUhJTjVqcUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81MzJkZWItNDJiMS00YTJkLTlmZmYtYWY3ZDZhODk3NTJh
LzEvZ216Sms0d3k0RTNGUkQzV3dGb0NlbFlYMlhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGZIMA0G
CSqGSIb3DQEBCwUAA4IBAQC1rV3hflu8mCR5/kaKnUqRRfQ7upQmgl475trngFTL
jQhuMfRYmas9RCOvufWreJoetAZWogxomu6MybfOsQGhElmRFO5mfqEkgdWNqP+q
YFdHfW2NmBRIYI7HgXK9KREGVcPmZ7G1oVjwofGNefG0zwb21vlVlSxBuC33hMKX
ZZwv6iSYdbGLZxBFNnaE2CRYqE28dsAZtZ+13tKxan2TDU9J1w7tdRLZs2wz129a
EElZULkf++TYov9KaDRpHXabijN4kvQBDfGU1Xo8DpDhhD0cUv+9qYTOYfcJSoDe
eAzJxvW/Fdu77sIlhyMEcaY7Gbtj3a6P0zf6wz+XCljD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:43 2025 by rpki-client