Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/X6w2Jj2Zvh1hHta10lx3VyVQb3s.roa
File: X6w2Jj2Zvh1hHta10lx3VyVQb3s.roa (raw, json)
Hash identifier: BJhyFkGnIsR8jdn/M4Pc4W6Ksmp5Ldkkxx4szyBh+lk=
Subject key identifier: 5F:AC:36:26:3D:99:BE:1D:61:1E:D6:B5:D2:5C:77:57:25:50:6F:7B
Certificate issuer: /CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Certificate serial: 018570CBF3651190F5235FB796E47CCA7A48
Authority key identifier: D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/X6w2Jj2Zvh1hHta10lx3VyVQb3s.roa
Signing time: Mon 02 Jan 2023 04:44:52 +0000
ROA not before: Mon 02 Jan 2023 04:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24768
IP address blocks: 176.111.108.0/24 maxlen: 24
176.111.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f3:65:11:90:f5:23:5f:b7:96:e4:7c:ca:7a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3592aac489522d5db18fd6391e035a9778ea3b1
Validity
Not Before: Jan 2 04:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fac36263d99be1d611ed6b5d25c775725506f7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ad:78:84:0e:d4:10:82:4c:ba:5e:83:15:46:
53:7b:b4:18:20:a9:21:68:d4:dd:c0:01:83:f3:6c:
7a:e1:76:cf:cb:6c:cc:bd:79:7e:15:33:70:ea:08:
aa:f3:46:e3:28:6e:9b:c7:7b:45:77:03:de:da:59:
5a:e6:cd:12:21:06:69:e3:23:bc:52:6a:c7:8e:90:
51:9b:16:9a:5c:9d:52:58:17:bf:57:f9:5e:37:1a:
50:be:9f:a0:61:7b:06:92:83:6a:70:5f:7a:45:f5:
4e:91:fd:3b:01:6c:06:76:cd:d8:80:40:f2:72:00:
85:f8:cb:74:54:a5:07:d4:69:21:c7:eb:77:26:d0:
ad:15:42:36:d7:84:d8:6e:d8:43:be:81:dd:ae:87:
70:f0:b6:65:e0:51:00:56:23:a9:70:30:0a:6a:96:
bd:4c:63:a3:b5:b4:a2:88:00:21:e3:c2:a1:de:33:
c6:75:da:d5:26:5d:22:17:7e:f3:9c:1a:ae:b1:78:
bb:35:5f:9e:55:58:8b:a3:48:3f:01:da:e8:df:61:
77:4b:91:77:b3:35:02:46:62:72:34:f8:34:f6:eb:
03:12:38:ac:5d:43:01:55:ea:f5:2b:50:07:56:c5:
f0:f9:52:18:a8:da:ca:be:30:75:c3:39:34:93:43:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AC:36:26:3D:99:BE:1D:61:1E:D6:B5:D2:5C:77:57:25:50:6F:7B
X509v3 Authority Key Identifier:
keyid:D3:59:2A:AC:48:95:22:D5:DB:18:FD:63:91:E0:35:A9:77:8E:A3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01kqrEiVItXbGP1jkeA1qXeOo7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/X6w2Jj2Zvh1hHta10lx3VyVQb3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7b13fe-f62f-4e93-821e-e33ae106b54d/1/01kqrEiVItXbGP1jkeA1qXeOo7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.108.0/22
Signature Algorithm: sha256WithRSAEncryption
42:aa:54:44:74:4c:99:4a:cb:38:ef:97:53:26:8c:e8:ef:83:
89:83:c7:ca:bb:51:94:e0:c3:b8:36:fb:e0:5d:52:4d:b1:aa:
d7:3b:7f:26:03:52:f8:7c:2d:14:c8:00:a8:e0:68:0c:fe:2c:
ac:5e:d7:be:af:1d:2e:e9:06:0e:7f:63:b5:44:7e:20:9f:1e:
85:78:5d:fe:2c:f1:f5:3f:a6:32:49:3a:78:48:f8:0f:d2:45:
d6:87:a8:be:b8:4a:b5:64:30:d0:b9:e4:54:6b:97:74:89:57:
3f:da:09:4e:50:33:1c:19:8d:08:7a:bd:1c:16:8d:c6:6a:98:
10:3c:bc:bb:b7:a4:79:01:74:4d:02:98:ba:f3:11:05:af:30:
9e:c4:da:2e:da:06:21:6d:ca:24:94:29:4b:a7:b7:15:53:e2:
59:38:e8:52:8c:5d:47:a6:08:b5:78:7a:7c:49:c4:d5:60:18:
6f:32:59:cc:fe:5c:da:80:75:33:1e:c5:a7:3e:db:d1:fc:6f:
32:b1:c4:68:9b:16:56:de:8e:0f:23:17:ca:fd:73:cc:b7:48:
b9:4a:20:c5:ad:22:79:ec:a1:26:bc:af:f8:f9:8c:2d:28:6d:
cb:1b:4c:34:d4:ec:de:9e:58:e4:70:4e:ca:aa:c3:92:ab:26:
c5:36:54:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy/NlEZD1I1+3luR8ynpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTkyYWFjNDg5NTIyZDVkYjE4ZmQ2MzkxZTAzNWE5Nzc4
ZWEzYjEwHhcNMjMwMTAyMDQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFjMzYyNjNkOTliZTFkNjExZWQ2YjVkMjVjNzc1NzI1NTA2ZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK14hA7UEIJMul6DFUZTe7QYIKkh
aNTdwAGD82x64XbPy2zMvXl+FTNw6giq80bjKG6bx3tFdwPe2lla5s0SIQZp4yO8
UmrHjpBRmxaaXJ1SWBe/V/leNxpQvp+gYXsGkoNqcF96RfVOkf07AWwGds3YgEDy
cgCF+Mt0VKUH1Gkhx+t3JtCtFUI214TYbthDvoHdrodw8LZl4FEAViOpcDAKapa9
TGOjtbSiiAAh48Kh3jPGddrVJl0iF37znBqusXi7NV+eVViLo0g/Adro32F3S5F3
szUCRmJyNPg09usDEjisXUMBVer1K1AHVsXw+VIYqNrKvjB1wzk0k0MFhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+sNiY9mb4dYR7WtdJcd1clUG97MB8GA1UdIwQY
MBaAFNNZKqxIlSLV2xj9Y5HgNal3jqOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUt
ZTMzYWUxMDZiNTRkLzEvWDZ3MkpqMlp2aDFoSHRhMTBseDNWeVZRYjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YjEzZmUtZjYyZi00ZTkzLTgyMWUtZTMzYWUxMDZiNTRk
LzEvMDFrcXJFaVZJdFhiR1AxamtlQTFxWGVPbzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsG9sMA0G
CSqGSIb3DQEBCwUAA4IBAQBCqlREdEyZSss475dTJozo74OJg8fKu1GU4MO4Nvvg
XVJNsarXO38mA1L4fC0UyACo4GgM/iysXte+rx0u6QYOf2O1RH4gnx6FeF3+LPH1
P6YySTp4SPgP0kXWh6i+uEq1ZDDQueRUa5d0iVc/2glOUDMcGY0Ier0cFo3GapgQ
PLy7t6R5AXRNApi68xEFrzCexNou2gYhbcoklClLp7cVU+JZOOhSjF1Hpgi1eHp8
ScTVYBhvMlnM/lzagHUzHsWnPtvR/G8yscRomxZW3o4PIxfK/XPMt0i5SiDFrSJ5
7KEmvK/4+YwtKG3LG0w01OzenljkcE7KqsOSqybFNlSq
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:53:44 2025 by rpki-client