Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/o1NhswZqCarnn6Jm3TOVvajaToA.roa
File: o1NhswZqCarnn6Jm3TOVvajaToA.roa (raw, json)
Hash identifier: W2aa00A2eB5CuwUYZ6NJvl9hiv8kWirkYJV9FlhhbGg=
Subject key identifier: A3:53:61:B3:06:6A:09:AA:E7:9F:A2:66:DD:33:95:BD:A8:DA:4E:80
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 0107DD64
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/o1NhswZqCarnn6Jm3TOVvajaToA.roa
Signing time: Sat 01 Jan 2022 06:59:42 +0000
ROA not before: Sat 01 Jan 2022 06:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210838
IP address blocks: 109.234.78.0/24 maxlen: 24
2a11:9c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17292644 (0x107dd64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 1 06:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a35361b3066a09aae79fa266dd3395bda8da4e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c7:16:e8:98:11:f6:b1:83:55:38:8a:7d:73:
20:3d:62:b6:c7:7e:8a:5e:76:9b:7e:06:57:97:a0:
fd:f0:f7:f0:60:a6:88:e1:db:a3:72:7e:08:38:d5:
ae:0b:24:7e:0e:f4:39:80:98:b9:c4:a6:4e:ae:83:
ff:5c:f2:be:2a:e7:83:6d:bc:79:bf:fd:d4:94:a0:
21:1a:c4:0f:52:6d:2a:34:8a:60:0f:80:ed:16:94:
64:65:24:b8:59:79:d2:ab:1f:39:c0:bc:f8:f4:a8:
82:14:52:ea:5a:48:08:c2:a3:9b:b0:08:31:3a:45:
f0:d6:72:39:be:a2:16:fc:93:e3:b6:50:6a:0c:e9:
f6:64:54:9e:c8:75:27:a3:36:3a:90:0a:29:c4:14:
23:db:14:75:69:79:7e:99:29:88:22:97:a0:41:85:
d6:f5:14:01:d8:7c:2b:bd:0c:b2:1f:be:00:72:67:
24:a5:af:9e:c6:2d:3a:c8:8c:38:12:13:ba:7c:6f:
36:fc:74:4c:54:fb:e5:2b:41:c4:b2:df:3e:14:11:
08:b5:fb:1b:3f:28:24:2a:37:b7:c9:a6:23:60:d5:
f6:79:1b:24:a2:12:f2:e3:fa:75:70:0c:be:e4:a8:
c0:d1:b6:54:96:04:e5:80:7e:f4:40:b5:2f:08:a9:
80:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:53:61:B3:06:6A:09:AA:E7:9F:A2:66:DD:33:95:BD:A8:DA:4E:80
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/o1NhswZqCarnn6Jm3TOVvajaToA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.78.0/24
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
80:c0:cb:ec:4b:6f:3e:c9:ac:28:eb:7c:be:53:c4:6e:bd:09:
c1:3d:93:68:94:17:ca:27:a9:ae:fd:d8:87:99:6b:6d:da:da:
d7:d8:9a:c5:5d:22:0a:34:71:ad:82:0a:2e:bf:93:46:92:e5:
34:97:eb:23:62:6d:4e:48:5b:12:cb:2e:9a:1d:92:a9:04:03:
6e:b8:cf:8b:68:7f:95:c6:27:79:89:95:c4:7a:76:e6:93:c5:
3f:25:20:0d:55:6d:b5:51:b9:5f:81:2b:64:ef:65:54:cc:6c:
f9:7a:56:3c:44:e0:ae:0f:79:c1:09:32:7d:36:8f:d1:17:bb:
21:28:ec:1a:13:98:7d:8a:aa:1a:f6:41:cc:32:9b:12:e1:87:
cb:29:b7:a9:04:32:0b:c2:e4:1f:63:cf:f2:6a:dd:ae:85:7c:
12:22:2c:80:d3:00:b8:f5:b2:91:5e:8f:fd:68:b8:f1:e9:a4:
92:e0:24:e9:88:80:84:63:3b:e3:06:94:e5:4c:80:ae:3d:3e:
c0:59:c9:c3:75:95:21:2e:7c:0e:c8:c3:4f:be:4c:c0:97:7a:
7e:dd:44:15:11:d3:0f:da:b1:c1:15:fe:c5:9a:d3:ea:22:68:
3b:6d:6c:13:58:bf:7d:35:16:df:8f:d8:24:73:59:da:45:57:
de:ba:03:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAQfdZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzRmYTZiZTNmNWMzOGY0YmI3ZTA2MmI2NzA3NzQ3ZjQ5NjFhMDQ4MB4XDTIyMDEw
MTA2NTk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM1MzYxYjMwNjZh
MDlhYWU3OWZhMjY2ZGQzMzk1YmRhOGRhNGU4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnHFuiYEfaxg1U4in1zID1itsd+il52m34GV5eg/fD38GCm
iOHbo3J+CDjVrgskfg70OYCYucSmTq6D/1zyvirng228eb/91JSgIRrED1JtKjSK
YA+A7RaUZGUkuFl50qsfOcC8+PSoghRS6lpICMKjm7AIMTpF8NZyOb6iFvyT47ZQ
agzp9mRUnsh1J6M2OpAKKcQUI9sUdWl5fpkpiCKXoEGF1vUUAdh8K70Msh++AHJn
JKWvnsYtOsiMOBITunxvNvx0TFT75StBxLLfPhQRCLX7Gz8oJCo3t8mmI2DV9nkb
JKIS8uP6dXAMvuSowNG2VJYE5YB+9EC1LwipgGkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSjU2GzBmoJquefombdM5W9qNpOgDAfBgNVHSMEGDAWgBTTT6a+P1w49Lt+
BitnB3R/SWGgSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAwLW12ajljT1BTN2ZnWXJad2QwZjBsaG9FZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvM2JjNzA3LTc2ZTctNDk4Ny1iZWZhLTk4MTE4NGRlZTEzMS8x
L28xTmhzd1pxQ2Fybm42Sm0zVE9WdmFqYVRvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
M2JjNzA3LTc2ZTctNDk4Ny1iZWZhLTk4MTE4NGRlZTEzMS8xLzAwLW12ajljT1BT
N2ZnWXJad2QwZjBsaG9FZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAG3qTjANBAIAAjAHAwUDKhGcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgMDL7EtvPsmsKOt8vlPEbr0JwT2TaJQXyieprv3Y
h5lrbdra19iaxV0iCjRxrYIKLr+TRpLlNJfrI2JtTkhbEssumh2SqQQDbrjPi2h/
lcYneYmVxHp25pPFPyUgDVVttVG5X4ErZO9lVMxs+XpWPETgrg95wQkyfTaP0Re7
ISjsGhOYfYqqGvZBzDKbEuGHyym3qQQyC8LkH2PP8mrdroV8EiIsgNMAuPWykV6P
/Wi48emkkuAk6YiAhGM74waU5UyArj0+wFnJw3WVIS58DsjDT75MwJd6ft1EFRHT
D9qxwRX+xZrT6iJoO21sE1i/fTUW34/YJHNZ2kVX3roDsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:47 2023 by rpki-client on console-ams.rpki-client.org