Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/tR21421wQIjanxGwvIS9vuuThAY.roa
File: tR21421wQIjanxGwvIS9vuuThAY.roa (raw, json)
Hash identifier: ausKEjWi20LIU4uoTXTJDnSe9tkhlxCVP9HT4mtUeM0=
Subject key identifier: B5:1D:B5:E3:6D:70:40:88:DA:9F:11:B0:BC:84:BD:BE:EB:93:84:06
Certificate issuer: /CN=adce3c2aafc7783cce8234551f3e9661d27eefbc
Certificate serial: 0185707968FC80966F5106DB6BCAAAFE409F
Authority key identifier: AD:CE:3C:2A:AF:C7:78:3C:CE:82:34:55:1F:3E:96:61:D2:7E:EF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rc48Kq_HeDzOgjRVHz6WYdJ-77w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/tR21421wQIjanxGwvIS9vuuThAY.roa
Signing time: Mon 02 Jan 2023 03:14:42 +0000
ROA not before: Mon 02 Jan 2023 03:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12779
IP address blocks: 176.110.111.0/24 maxlen: 24
2a10:e140::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:68:fc:80:96:6f:51:06:db:6b:ca:aa:fe:40:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adce3c2aafc7783cce8234551f3e9661d27eefbc
Validity
Not Before: Jan 2 03:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b51db5e36d704088da9f11b0bc84bdbeeb938406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:07:e4:96:c0:78:59:db:ad:0e:db:9a:fd:2c:
03:8a:b4:7e:b9:11:02:b3:3d:ba:42:d5:fc:f6:67:
e2:ba:46:f5:0c:8a:34:1c:47:c3:e0:4b:96:48:71:
54:99:1a:80:e8:23:a2:5a:cd:50:eb:a5:0f:bd:3b:
cf:5c:3d:99:eb:13:55:02:fe:87:cf:5b:87:45:cd:
44:a6:b0:cf:10:61:70:e9:fd:82:4b:92:a6:a2:da:
81:78:7f:e7:6c:7c:bb:8d:48:31:55:04:eb:19:18:
0c:97:8f:96:9c:9b:e1:bf:14:86:38:a8:37:88:4c:
ca:cd:a7:50:c9:db:89:62:82:38:e3:1f:1e:c8:f1:
f7:c8:1a:89:b4:da:43:38:eb:5b:8c:68:7f:3c:25:
42:f6:66:94:69:9a:20:7a:b5:69:47:c1:82:65:46:
5d:88:71:c9:5d:7f:12:2d:10:40:30:70:51:53:63:
2a:2e:a6:ca:17:d4:21:0b:b4:8e:17:73:30:99:30:
ea:10:27:1e:f7:33:fe:4c:ad:90:7e:03:67:91:9d:
2a:ba:6d:50:93:4c:59:71:df:16:3f:6b:6a:b2:14:
da:5d:99:df:f7:87:a7:42:1e:96:7d:7e:c2:37:3d:
ca:b5:57:63:fe:aa:42:25:13:0c:a1:00:0b:46:c3:
52:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1D:B5:E3:6D:70:40:88:DA:9F:11:B0:BC:84:BD:BE:EB:93:84:06
X509v3 Authority Key Identifier:
keyid:AD:CE:3C:2A:AF:C7:78:3C:CE:82:34:55:1F:3E:96:61:D2:7E:EF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rc48Kq_HeDzOgjRVHz6WYdJ-77w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/tR21421wQIjanxGwvIS9vuuThAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/824ccd-bc9b-4a82-be91-63104db6a7a5/1/rc48Kq_HeDzOgjRVHz6WYdJ-77w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.111.0/24
IPv6:
2a10:e140::/32
Signature Algorithm: sha256WithRSAEncryption
4c:f6:3d:b5:a0:c7:2e:43:6e:29:06:7e:5f:ac:de:3a:f5:96:
7f:93:c9:60:e2:ed:fc:8d:7b:17:40:7e:04:ac:88:7a:3f:1d:
30:cb:01:eb:ce:77:dd:e7:0a:20:fd:da:d0:07:cc:53:63:dd:
a1:96:70:cc:fd:a0:ce:db:28:ed:f9:0f:1e:8a:2d:42:f3:8c:
d5:1d:cf:e8:49:ca:08:fd:b1:f8:c9:66:9c:22:f2:9d:96:2c:
75:dd:6c:bf:72:a9:c8:44:12:81:1b:ca:e2:31:3d:a7:01:a3:
55:0b:73:fe:ab:e4:2e:5a:49:c9:47:e5:08:00:23:1d:62:8f:
b0:98:0c:4e:c0:61:3a:06:d0:98:83:f8:3b:14:d9:e8:79:48:
84:88:a7:84:65:50:b8:7a:8d:40:0f:13:df:d9:b8:5a:db:2f:
0f:1c:0f:ee:3d:35:4f:55:55:11:6a:62:c3:a6:9f:8a:64:1a:
6b:c9:b7:14:a2:19:fb:94:0b:79:17:de:67:b7:1e:7d:e3:5c:
c9:ce:6b:ee:6b:72:8f:9d:7a:fc:6f:9b:cf:dc:c4:bd:0d:b6:
71:0a:ab:f5:d8:40:c0:8c:53:8a:ed:07:08:a7:23:c1:3f:e5:
39:65:78:df:11:87:1c:a0:26:f6:1d:74:d6:56:75:24:23:bd:
ad:4a:c1:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweWj8gJZvUQbba8qq/kCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkY2UzYzJhYWZjNzc4M2NjZTgyMzQ1NTFmM2U5NjYxZDI3
ZWVmYmMwHhcNMjMwMTAyMDMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFkYjVlMzZkNzA0MDg4ZGE5ZjExYjBiYzg0YmRiZWViOTM4NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QfklsB4WdutDtua/SwDirR+uREC
sz26QtX89mfiukb1DIo0HEfD4EuWSHFUmRqA6COiWs1Q66UPvTvPXD2Z6xNVAv6H
z1uHRc1EprDPEGFw6f2CS5KmotqBeH/nbHy7jUgxVQTrGRgMl4+WnJvhvxSGOKg3
iEzKzadQyduJYoI44x8eyPH3yBqJtNpDOOtbjGh/PCVC9maUaZogerVpR8GCZUZd
iHHJXX8SLRBAMHBRU2MqLqbKF9QhC7SOF3MwmTDqECce9zP+TK2QfgNnkZ0qum1Q
k0xZcd8WP2tqshTaXZnf94enQh6WfX7CNz3KtVdj/qpCJRMMoQALRsNSkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLUdteNtcECI2p8RsLyEvb7rk4QGMB8GA1UdIwQY
MBaAFK3OPCqvx3g8zoI0VR8+lmHSfu+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmM0OEtxX0hlRHpPZ2pSVkh6NldZZEotNzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84MjRjY2QtYmM5Yi00YTgyLWJlOTEt
NjMxMDRkYjZhN2E1LzEvdFIyMTQyMXdRSWphbnhHd3ZJUzl2dXVUaEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84MjRjY2QtYmM5Yi00YTgyLWJlOTEtNjMxMDRkYjZhN2E1
LzEvcmM0OEtxX0hlRHpPZ2pSVkh6NldZZEotNzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsG5vMA0E
AgACMAcDBQAqEOFAMA0GCSqGSIb3DQEBCwUAA4IBAQBM9j21oMcuQ24pBn5frN46
9ZZ/k8lg4u38jXsXQH4ErIh6Px0wywHrznfd5wog/drQB8xTY92hlnDM/aDO2yjt
+Q8eii1C84zVHc/oScoI/bH4yWacIvKdlix13Wy/cqnIRBKBG8riMT2nAaNVC3P+
q+QuWknJR+UIACMdYo+wmAxOwGE6BtCYg/g7FNnoeUiEiKeEZVC4eo1ADxPf2bha
2y8PHA/uPTVPVVURamLDpp+KZBprybcUohn7lAt5F95ntx5941zJzmvua3KPnXr8
b5vP3MS9DbZxCqv12EDAjFOK7QcIpyPBP+U5ZXjfEYccoCb2HXTWVnUkI72tSsFh
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:32:18 2025 by rpki-client