Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/bVw9XrrvkJOOjJfWFiD3L4S-Ruc.roa
File: bVw9XrrvkJOOjJfWFiD3L4S-Ruc.roa (raw, json)
Hash identifier: cOD2JQs7US7qifdZm+uOORXFTQnkCEQJLdR74yj9GPQ=
Subject key identifier: 6D:5C:3D:5E:BA:EF:90:93:8E:8C:97:D6:16:20:F7:2F:84:BE:46:E7
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C3AADC19BB274CE759A4028891086A600
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/bVw9XrrvkJOOjJfWFiD3L4S-Ruc.roa
Signing time: Tue 05 Dec 2023 15:51:55 +0000
ROA not before: Tue 05 Dec 2023 15:51:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209024
IP address blocks: 176.109.68.0/24 maxlen: 24
176.109.66.0/24 maxlen: 24
176.109.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:ad:c1:9b:b2:74:ce:75:9a:40:28:89:10:86:a6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 5 15:51:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d5c3d5ebaef90938e8c97d61620f72f84be46e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:29:9a:30:f4:31:2d:c7:8e:ef:16:68:aa:3c:
e2:1a:ca:c9:83:6d:1d:71:dd:c3:12:2c:d4:34:76:
40:02:87:d4:60:a6:fd:da:36:df:46:ed:dd:f7:00:
93:f3:bb:12:aa:46:4f:e1:29:86:18:d0:4f:5a:7a:
68:ca:bf:c1:8b:e6:40:35:bb:ca:08:bc:d0:59:5e:
b4:a9:2e:58:ce:43:3c:7c:a4:1e:65:af:38:a4:d9:
a4:b2:f8:9f:90:7a:47:ac:a8:ad:98:0c:c9:45:bc:
74:ff:49:c9:b3:06:08:72:5f:e2:1b:f6:69:33:44:
d1:09:04:7b:e8:44:fd:4f:67:2a:72:11:84:c0:b0:
cd:c4:6c:c0:73:99:5a:06:6d:c1:5d:9a:7c:17:2a:
23:f0:f1:ec:b9:76:5e:09:c4:51:25:af:d6:14:9b:
2f:3e:94:05:f8:0f:dd:d3:b3:5d:f5:83:d8:93:7b:
b8:81:ca:c6:01:3b:65:d7:ac:8c:a7:d0:43:32:17:
e0:39:77:f5:18:a9:87:91:07:de:6f:f3:54:6f:08:
a9:fa:9c:cb:fb:70:73:ad:c8:7e:9b:3d:6d:f4:b9:
50:75:b0:93:c3:a7:8f:f3:f1:02:3c:96:66:01:ac:
82:75:03:9f:cd:d8:29:d7:82:a7:65:03:6b:03:82:
ac:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5C:3D:5E:BA:EF:90:93:8E:8C:97:D6:16:20:F7:2F:84:BE:46:E7
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/bVw9XrrvkJOOjJfWFiD3L4S-Ruc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.66.0/24
176.109.68.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:a6:3b:03:d3:df:c4:78:ab:03:0e:9c:30:c2:23:bc:99:ad:
1c:0d:0c:25:3d:db:02:f0:a9:56:d7:1c:52:f2:82:3b:e8:14:
53:15:b1:b2:bb:65:4c:e4:2d:bc:28:ea:59:6f:e4:82:0c:31:
33:0f:16:51:ab:7a:bd:91:7b:01:29:a9:88:82:2b:27:b9:e2:
95:45:b1:c6:ac:9d:95:78:42:f7:a4:ce:b8:dc:c9:f2:cd:01:
4f:1a:db:5b:f8:fd:e7:e5:a0:cf:03:ab:7c:16:6f:62:0d:30:
4a:b7:0d:d7:7c:54:04:e1:98:c6:b8:59:ee:38:65:4b:97:34:
3b:82:d9:e0:8b:a9:cf:98:e3:20:0c:76:4b:c8:31:f9:cf:8e:
5a:ea:48:ad:17:84:da:b7:68:19:22:14:7c:65:af:1d:b8:08:
3f:bb:5c:b7:62:30:37:65:4e:d5:8e:78:32:16:27:b3:05:83:
41:3b:01:72:f0:0e:b6:73:59:25:a1:a0:48:6d:34:10:d6:6e:
dd:be:72:9c:77:ad:1a:45:6f:ed:fd:a1:e9:00:a0:79:c7:6a:
90:63:85:7f:56:ca:e5:47:c3:4b:5f:40:6e:8a:d2:f3:84:99:
6b:5f:e7:a7:aa:0b:c6:f2:e4:1b:09:3a:0f:13:2b:ca:a4:78:
50:8b:d1:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw6rcGbsnTOdZpAKIkQhqYAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA1MTU1MTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVjM2Q1ZWJhZWY5MDkzOGU4Yzk3ZDYxNjIwZjcyZjg0YmU0NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhimaMPQxLceO7xZoqjziGsrJg20d
cd3DEizUNHZAAofUYKb92jbfRu3d9wCT87sSqkZP4SmGGNBPWnpoyr/Bi+ZANbvK
CLzQWV60qS5YzkM8fKQeZa84pNmksvifkHpHrKitmAzJRbx0/0nJswYIcl/iG/Zp
M0TRCQR76ET9T2cqchGEwLDNxGzAc5laBm3BXZp8Fyoj8PHsuXZeCcRRJa/WFJsv
PpQF+A/d07Nd9YPYk3u4gcrGATtl16yMp9BDMhfgOXf1GKmHkQfeb/NUbwip+pzL
+3Bzrch+mz1t9LlQdbCTw6eP8/ECPJZmAayCdQOfzdgp14KnZQNrA4KsLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG1cPV6675CTjoyX1hYg9y+EvkbnMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvYlZ3OVhycnZrSk9PakpmV0ZpRDNMNFMtUnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsG1CAwQB
sG1EMA0GCSqGSIb3DQEBCwUAA4IBAQBepjsD09/EeKsDDpwwwiO8ma0cDQwlPdsC
8KlW1xxS8oI76BRTFbGyu2VM5C28KOpZb+SCDDEzDxZRq3q9kXsBKamIgisnueKV
RbHGrJ2VeEL3pM643MnyzQFPGttb+P3n5aDPA6t8Fm9iDTBKtw3XfFQE4ZjGuFnu
OGVLlzQ7gtngi6nPmOMgDHZLyDH5z45a6kitF4Tat2gZIhR8Za8duAg/u1y3YjA3
ZU7VjngyFiezBYNBOwFy8A62c1kloaBIbTQQ1m7dvnKcd60aRW/t/aHpAKB5x2qQ
Y4V/VsrlR8NLX0BuitLzhJlrX+enqgvG8uQbCToPEyvKpHhQi9Fp
-----END CERTIFICATE-----
Generated at Wed May 14 00:18:24 2025 by rpki-client