Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/CdIogLRbqfwS5aL3gsPOctgjsZI.roa
File: CdIogLRbqfwS5aL3gsPOctgjsZI.roa (raw, json)
Hash identifier: eLVPqewSxH1y2K9cUn6PZKo82t74FD+u0jQ3Sw7LLw8=
Subject key identifier: 09:D2:28:80:B4:5B:A9:FC:12:E5:A2:F7:82:C3:CE:72:D8:23:B1:92
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0188C3E06DE232EAF4B1B91A323511150ADC
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/CdIogLRbqfwS5aL3gsPOctgjsZI.roa
Signing time: Fri 16 Jun 2023 11:04:05 +0000
ROA not before: Fri 16 Jun 2023 11:04:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 107.161.166.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
2a07:9944:40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:e0:6d:e2:32:ea:f4:b1:b9:1a:32:35:11:15:0a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jun 16 11:04:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d22880b45ba9fc12e5a2f782c3ce72d823b192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:85:33:5e:6c:ec:40:cd:1a:c5:ed:c3:b4:
b1:25:70:f3:32:64:ff:99:43:fc:42:86:9d:b2:f2:
5a:49:06:13:24:87:39:79:3c:18:f3:ac:39:ba:12:
6f:5c:9d:44:d0:79:37:f7:bf:92:a9:4b:ef:a7:ef:
c4:05:23:ec:55:3d:3e:4a:2a:dc:4e:f6:a0:6e:cf:
e0:31:fe:17:a1:7c:93:6b:fa:b0:07:d2:f8:ea:3a:
51:0f:d6:9f:75:0c:f7:84:70:f5:76:16:be:8a:57:
c1:41:78:69:2b:71:d7:24:36:f9:02:22:67:15:f7:
c7:b0:3c:02:99:d8:e6:91:24:d8:9f:06:a4:ce:74:
30:57:9e:0c:b6:32:f1:e8:10:d3:b4:ff:84:60:c5:
a2:49:51:f5:a1:1e:16:59:7b:f2:a4:ae:e5:2a:b6:
db:11:89:26:83:21:ec:49:c4:41:2a:14:13:33:d2:
0d:6d:bc:d7:fa:97:3d:51:52:b6:71:e2:a3:0b:d7:
87:9c:e5:aa:07:5b:06:01:4e:3d:ef:00:8f:7a:da:
2b:6c:64:11:e0:a9:3b:de:82:e7:d7:b2:2c:88:f4:
2b:b7:d3:4b:80:59:30:fb:b7:23:18:a5:a8:ec:8e:
64:62:80:f1:eb:93:23:b4:b9:87:2e:25:a0:d1:fe:
cd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D2:28:80:B4:5B:A9:FC:12:E5:A2:F7:82:C3:CE:72:D8:23:B1:92
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/CdIogLRbqfwS5aL3gsPOctgjsZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0/24
107.161.166.0/23
IPv6:
2a07:9944:40::/48
Signature Algorithm: sha256WithRSAEncryption
a9:c0:cb:97:fc:f1:82:33:de:d5:be:98:ba:d7:52:04:f7:c2:
5c:82:12:14:ef:17:5e:bd:fb:a5:d2:01:22:ad:2a:61:e1:2a:
3f:39:c9:bb:f6:00:b2:96:07:16:e5:97:46:26:7b:14:bc:bc:
0b:73:7c:49:1d:c6:dc:06:87:19:88:c9:0d:ac:a6:be:81:99:
b0:07:c8:58:55:e8:a5:57:fe:f6:28:73:d3:f4:e7:38:05:70:
07:c1:f7:17:91:54:76:bb:cb:5a:7f:43:d5:1b:37:9c:16:b6:
0c:7a:31:e2:d3:a1:fe:74:a6:46:5b:c1:c9:4b:65:b6:50:cc:
43:6a:6f:53:ae:c6:55:8b:ba:d7:38:bf:9f:96:b3:fd:9f:5c:
fc:4c:ac:d6:86:2d:f5:b4:97:52:6c:be:14:95:df:dd:32:af:
42:b9:9a:77:d3:9e:4b:1b:df:00:33:6e:59:16:e9:81:45:1b:
af:53:e5:15:34:2e:98:0f:ae:b5:0d:81:67:e3:d2:0d:a8:e6:
17:35:41:91:59:08:0d:0c:41:3d:87:34:99:bf:17:79:6f:97:
48:3d:d3:aa:f9:18:6b:b0:33:18:23:b4:42:ef:f2:0e:77:03:
f8:c5:10:b8:fa:d0:2c:13:a8:11:15:67:77:df:02:7d:84:30:
3c:30:42:fb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjD4G3iMur0sbkaMjURFQrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNjE2MTEwNDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQyMjg4MGI0NWJhOWZjMTJlNWEyZjc4MmMzY2U3MmQ4MjNiMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsqFM15s7EDNGsXtw7SxJXDzMmT/
mUP8QoadsvJaSQYTJIc5eTwY86w5uhJvXJ1E0Hk397+SqUvvp+/EBSPsVT0+Sirc
Tvagbs/gMf4XoXyTa/qwB9L46jpRD9afdQz3hHD1dha+ilfBQXhpK3HXJDb5AiJn
FffHsDwCmdjmkSTYnwakznQwV54MtjLx6BDTtP+EYMWiSVH1oR4WWXvypK7lKrbb
EYkmgyHsScRBKhQTM9INbbzX+pc9UVK2ceKjC9eHnOWqB1sGAU497wCPetorbGQR
4Kk73oLn17IsiPQrt9NLgFkw+7cjGKWo7I5kYoDx65MjtLmHLiWg0f7NtQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAnSKIC0W6n8EuWi94LDznLYI7GSMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvQ2RJb2dMUmJxZndTNWFMM2dzUE9jdGdqc1pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAa6GjAwQB
a6GmMA8EAgACMAkDBwAqB5lEAEAwDQYJKoZIhvcNAQELBQADggEBAKnAy5f88YIz
3tW+mLrXUgT3wlyCEhTvF169+6XSASKtKmHhKj85ybv2ALKWBxbll0YmexS8vAtz
fEkdxtwGhxmIyQ2spr6BmbAHyFhV6KVX/vYoc9P05zgFcAfB9xeRVHa7y1p/Q9Ub
N5wWtgx6MeLTof50pkZbwclLZbZQzENqb1OuxlWLutc4v5+Ws/2fXPxMrNaGLfW0
l1JsvhSV390yr0K5mnfTnksb3wAzblkW6YFFG69T5RU0LpgPrrUNgWfj0g2o5hc1
QZFZCA0MQT2HNJm/F3lvl0g906r5GGuwMxgjtELv8g53A/jFELj60CwTqBEVZ3ff
An2EMDwwQvs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:16:52 2025 by rpki-client