Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z3D2WOQbH7p_3AMaeAD-93MYv2w.roa
File: z3D2WOQbH7p_3AMaeAD-93MYv2w.roa (raw, json)
Hash identifier: jGY3w2eUfWuVrIsHwIJohCL9vJuS3hntj5yGhnRtejs=
Subject key identifier: CF:70:F6:58:E4:1B:1F:BA:7F:DC:03:1A:78:00:FE:F7:73:18:BF:6C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018225ED9611F18611247D1A6D1D044AEA8C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z3D2WOQbH7p_3AMaeAD-93MYv2w.roa
Signing time: Fri 22 Jul 2022 12:41:43 +0000
ROA not before: Fri 22 Jul 2022 12:41:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42575
IP address blocks: 109.68.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:ed:96:11:f1:86:11:24:7d:1a:6d:1d:04:4a:ea:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jul 22 12:41:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf70f658e41b1fba7fdc031a7800fef77318bf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:d9:83:81:10:74:18:59:8c:25:23:13:a1:
c4:eb:b6:d8:91:69:1e:12:e8:18:a2:2d:45:83:ee:
25:36:5a:81:69:4d:16:52:4d:89:7c:7f:70:99:58:
f7:d5:5d:d8:2e:a9:cc:c8:ce:3b:f1:fc:5a:8b:b8:
22:57:38:c2:76:66:ed:a9:cf:78:29:d6:52:7d:87:
9a:b8:54:d3:2a:ef:40:43:2e:96:32:d6:59:1c:cf:
09:10:fd:f0:19:6c:af:a0:9e:a8:66:35:02:4a:67:
8e:0a:28:ed:90:67:9d:63:8a:ac:4b:98:1e:72:51:
ab:3f:f6:5e:35:81:05:e7:a2:c2:33:4d:8a:40:3e:
0f:87:93:aa:91:2f:13:37:32:73:ef:38:6e:33:0c:
48:19:c9:1b:8f:ca:75:ff:ca:39:73:be:94:b3:ee:
6e:16:6c:82:49:09:4c:d5:d4:50:5f:3b:8c:a0:06:
3a:3c:85:fe:13:a3:7f:4a:b6:98:73:5e:4a:8f:0e:
5f:f7:db:1f:14:bd:db:a0:7f:4e:b8:19:27:91:e0:
b1:29:0a:c9:b0:8b:6f:19:84:0a:c7:df:b3:4c:a3:
e7:b3:cf:a3:bc:a9:30:86:37:c4:57:8a:02:56:13:
51:db:a5:95:1a:f8:85:dc:70:27:a0:f3:4c:80:1c:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:70:F6:58:E4:1B:1F:BA:7F:DC:03:1A:78:00:FE:F7:73:18:BF:6C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z3D2WOQbH7p_3AMaeAD-93MYv2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.169.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:f7:04:0d:98:b4:77:75:37:56:ce:fc:ff:40:4b:b3:84:5b:
3c:29:af:b1:2e:a8:4f:ad:22:1d:c5:09:6a:a7:fe:86:a2:f5:
26:f9:08:76:f5:c2:bf:ba:0a:87:9f:11:51:d5:f3:e3:db:b9:
ce:27:2e:78:41:cd:1d:3b:23:3c:eb:27:e9:29:58:a4:20:01:
51:66:13:72:99:65:59:11:9e:d7:15:02:71:68:65:9a:d7:fe:
e1:c4:37:d7:d3:c3:d6:cf:6e:4f:e2:65:ff:1a:f8:6a:23:ad:
d6:5d:fe:d3:67:aa:34:bc:c5:5c:f7:fc:59:22:2e:19:4b:ae:
3b:60:59:14:5f:07:71:76:31:bc:a1:c4:a1:0c:72:73:b6:de:
3f:4f:56:93:3a:c0:15:9b:3d:66:aa:cc:35:63:bd:b3:53:5c:
19:e1:0a:15:74:61:88:02:ee:ab:9f:d3:65:9b:73:0f:3f:17:
c4:e0:7e:e2:46:b0:09:a2:23:42:36:dd:ac:43:eb:09:d2:e3:
4f:f2:5e:89:6d:6b:a2:9a:28:7d:ac:4e:62:1e:21:47:be:29:
47:0b:a8:7e:6e:26:1e:e9:e7:44:ca:0c:22:c3:cc:59:e4:dc:
47:6b:1f:60:75:36:af:7f:f8:36:f2:73:09:a0:19:7b:55:ed:
83:f4:8d:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIl7ZYR8YYRJH0abR0ESuqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjIwNzIyMTI0MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjcwZjY1OGU0MWIxZmJhN2ZkYzAzMWE3ODAwZmVmNzczMThiZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm17Zg4EQdBhZjCUjE6HE67bYkWke
EugYoi1Fg+4lNlqBaU0WUk2JfH9wmVj31V3YLqnMyM478fxai7giVzjCdmbtqc94
KdZSfYeauFTTKu9AQy6WMtZZHM8JEP3wGWyvoJ6oZjUCSmeOCijtkGedY4qsS5ge
clGrP/ZeNYEF56LCM02KQD4Ph5OqkS8TNzJz7zhuMwxIGckbj8p1/8o5c76Us+5u
FmyCSQlM1dRQXzuMoAY6PIX+E6N/SraYc15Kjw5f99sfFL3boH9OuBknkeCxKQrJ
sItvGYQKx9+zTKPns8+jvKkwhjfEV4oCVhNR26WVGviF3HAnoPNMgBzXFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9w9ljkGx+6f9wDGngA/vdzGL9sMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvejNEMldPUWJIN3BfM0FNYWVBRC05M01ZdjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUSpMA0G
CSqGSIb3DQEBCwUAA4IBAQAa9wQNmLR3dTdWzvz/QEuzhFs8Ka+xLqhPrSIdxQlq
p/6GovUm+Qh29cK/ugqHnxFR1fPj27nOJy54Qc0dOyM86yfpKVikIAFRZhNymWVZ
EZ7XFQJxaGWa1/7hxDfX08PWz25P4mX/GvhqI63WXf7TZ6o0vMVc9/xZIi4ZS647
YFkUXwdxdjG8ocShDHJztt4/T1aTOsAVmz1mqsw1Y72zU1wZ4QoVdGGIAu6rn9Nl
m3MPPxfE4H7iRrAJoiNCNt2sQ+sJ0uNP8l6JbWuimih9rE5iHiFHvilHC6h+biYe
6edEygwiw8xZ5NxHax9gdTavf/g28nMJoBl7Ve2D9I3q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org