Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/0VdonnK_rX6fIlQT9h-MHjxioKE.roa
File: 0VdonnK_rX6fIlQT9h-MHjxioKE.roa (raw, json)
Hash identifier: ORWObDyvK2lLmQjjTNazpZLPSeokGJIvU8O5eiIVeIw=
Subject key identifier: D1:57:68:9E:72:BF:AD:7E:9F:22:54:13:F6:1F:8C:1E:3C:62:A0:A1
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 075BFCE8
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/0VdonnK_rX6fIlQT9h-MHjxioKE.roa
Signing time: Mon 25 Apr 2022 11:46:50 +0000
ROA not before: Mon 25 Apr 2022 11:46:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 109.74.29.0/24 maxlen: 24
109.74.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123469032 (0x75bfce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Apr 25 11:46:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d157689e72bfad7e9f225413f61f8c1e3c62a0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8a:d8:4f:f9:bc:8c:96:36:73:76:e4:d3:30:
2f:cd:5e:22:2a:14:2f:ea:a0:5c:c5:63:82:69:bb:
52:04:f6:09:51:bb:96:d1:ca:61:e9:05:de:82:ce:
6e:c1:74:00:42:87:4e:ed:04:fd:ed:a0:fa:26:de:
be:64:e2:10:4c:16:71:71:86:26:43:7b:f9:35:bc:
12:90:3b:b5:e7:06:06:7c:24:a0:02:bf:d8:ea:cd:
18:4b:d9:3f:2f:55:f2:46:72:c0:8a:df:18:7c:9a:
f7:0d:f9:b0:7a:c3:8f:77:6e:28:92:ed:6c:a1:14:
fb:f6:c7:ad:b8:b8:68:05:65:34:af:07:41:20:34:
34:64:fa:8e:53:60:88:c4:8f:80:1a:f7:ca:0f:ff:
45:93:5d:f3:99:f3:ae:95:2b:6f:84:9e:56:e9:f9:
b5:2c:16:b9:03:bf:22:19:20:97:5f:f6:39:1a:e2:
23:f7:12:58:8b:50:92:af:dd:6a:c2:4f:a1:b9:14:
87:8d:0a:26:1a:ea:56:ea:fd:07:47:3d:e0:81:8a:
53:58:ed:bb:1c:cd:ab:dd:d4:72:74:0f:33:4e:c0:
21:1f:43:49:e1:a7:60:4e:72:d8:8a:80:13:b0:6f:
e6:0f:60:c9:dd:40:b1:45:f8:0f:98:c4:30:29:58:
52:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:57:68:9E:72:BF:AD:7E:9F:22:54:13:F6:1F:8C:1E:3C:62:A0:A1
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/0VdonnK_rX6fIlQT9h-MHjxioKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.29.0/24
109.74.31.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:59:41:62:cd:94:11:d6:1d:43:36:b4:c5:11:f1:a6:5f:42:
39:24:ee:ea:5c:d2:45:eb:5a:e2:38:6a:a1:a9:39:48:38:8f:
20:ef:76:aa:f3:3b:c2:87:63:50:55:f4:71:bb:b0:12:94:24:
33:87:f5:5e:ac:45:10:ed:5b:21:19:29:0f:85:fd:16:12:d3:
32:f1:51:53:f7:d8:fd:89:4e:97:cf:97:b9:5c:b6:49:d6:88:
0e:6b:36:42:67:66:b0:1a:59:44:18:85:08:dd:5a:93:2f:de:
83:d0:f2:77:a6:44:64:78:b0:3f:26:5d:64:a9:94:df:7d:d5:
72:83:f9:2b:8e:3f:b9:70:5e:4e:23:b6:b0:3c:3d:03:91:75:
d1:35:f3:6b:f7:72:b4:bf:54:a2:c0:5e:25:b3:8c:03:c5:8a:
04:9a:58:ac:36:06:1d:ae:67:3f:b9:0b:03:fb:6e:fa:7b:53:
cd:58:33:b5:57:be:da:f7:01:21:c5:fe:2a:87:f4:94:e5:1e:
81:fc:f8:3e:b8:f4:0c:44:4d:da:9b:0c:f3:fc:95:03:7e:dd:
ed:e7:bd:ad:56:b1:39:b4:61:f1:b2:4a:70:c7:37:7b:be:97:
ad:68:2e:85:78:1e:63:59:96:38:b5:f1:bd:1a:ae:ad:b6:ac:
d4:6c:48:d6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB1v86DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMB4XDTIyMDQy
NTExNDY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE1NzY4OWU3MmJm
YWQ3ZTlmMjI1NDEzZjYxZjhjMWUzYzYyYTBhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeK2E/5vIyWNnN25NMwL81eIioUL+qgXMVjgmm7UgT2CVG7
ltHKYekF3oLObsF0AEKHTu0E/e2g+ibevmTiEEwWcXGGJkN7+TW8EpA7tecGBnwk
oAK/2OrNGEvZPy9V8kZywIrfGHya9w35sHrDj3duKJLtbKEU+/bHrbi4aAVlNK8H
QSA0NGT6jlNgiMSPgBr3yg//RZNd85nzrpUrb4SeVun5tSwWuQO/Ihkgl1/2ORri
I/cSWItQkq/dasJPobkUh40KJhrqVur9B0c94IGKU1jtuxzNq93UcnQPM07AIR9D
SeGnYE5y2IqAE7Bv5g9gyd1AsUX4D5jEMClYUosCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTRV2iecr+tfp8iVBP2H4wePGKgoTAfBgNVHSMEGDAWgBRiStRTWsiN1TQZ
nypyYJWvca/kTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrclVVMXJJamRVMEdaOHFjbUNWcjNHdjVFNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8x
LzBWZG9ubktfclg2ZklsUVQ5aC1NSGp4aW9LRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRV
MEdaOHFjbUNWcjNHdjVFNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG1KHQMEAG1KHzANBgkqhkiG9w0B
AQsFAAOCAQEAf1lBYs2UEdYdQza0xRHxpl9COSTu6lzSReta4jhqoak5SDiPIO92
qvM7wodjUFX0cbuwEpQkM4f1XqxFEO1bIRkpD4X9FhLTMvFRU/fY/YlOl8+XuVy2
SdaIDms2QmdmsBpZRBiFCN1aky/eg9Dyd6ZEZHiwPyZdZKmU333VcoP5K44/uXBe
TiO2sDw9A5F10TXza/dytL9UosBeJbOMA8WKBJpYrDYGHa5nP7kLA/tu+ntTzVgz
tVe+2vcBIcX+Kof0lOUegfz4Prj0DERN2psM8/yVA37d7ee9rVaxObRh8bJKcMc3
e76XrWguhXgeY1mWOLXxvRqurbas1GxI1g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:49 2025 by rpki-client