Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/yHfiJos90YbgnuamOdx8X4AibAo.roa
File: yHfiJos90YbgnuamOdx8X4AibAo.roa (raw, json)
Hash identifier: 35ksp7GAXqr92PPrbgntN9mV5GIEk9iw0DthyoPg1hc=
Subject key identifier: C8:77:E2:26:8B:3D:D1:86:E0:9E:E6:A6:39:DC:7C:5F:80:22:6C:0A
Certificate issuer: /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial: 35BAA2E4
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/yHfiJos90YbgnuamOdx8X4AibAo.roa
Signing time: Sat 01 Jan 2022 02:55:25 +0000
ROA not before: Sat 01 Jan 2022 02:55:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39010
IP address blocks: 109.75.64.0/24 maxlen: 24
109.75.69.0/24 maxlen: 24
109.75.70.0/24 maxlen: 24
109.75.71.0/24 maxlen: 24
109.75.65.0/24 maxlen: 24
109.75.66.0/24 maxlen: 24
109.75.67.0/24 maxlen: 24
109.75.68.0/24 maxlen: 24
109.75.72.0/24 maxlen: 24
109.75.73.0/24 maxlen: 24
109.75.74.0/24 maxlen: 24
109.75.75.0/24 maxlen: 24
109.75.76.0/24 maxlen: 24
109.75.77.0/24 maxlen: 24
109.75.78.0/24 maxlen: 24
109.75.79.0/24 maxlen: 24
185.204.50.0/24 maxlen: 24
185.204.51.0/24 maxlen: 24
185.204.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901423844 (0x35baa2e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Validity
Not Before: Jan 1 02:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c877e2268b3dd186e09ee6a639dc7c5f80226c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7d:a3:aa:b6:4b:5b:29:38:be:0f:9b:45:37:
fc:c1:a0:3d:d1:df:b0:05:cb:d1:4a:dc:fb:d3:5a:
cd:12:80:a1:d7:58:e1:6e:f0:d6:82:f8:ee:b1:4c:
4a:90:40:51:69:74:3f:7a:56:4c:1d:41:b4:37:49:
f7:15:58:23:77:72:a5:ae:b3:78:ef:80:18:92:f3:
0c:fd:5a:6c:7b:e4:29:a5:13:ea:9c:72:83:7b:d9:
05:83:be:33:fa:9c:83:f9:e8:20:6e:db:d1:37:5d:
4e:e6:6f:5f:7b:00:19:5f:11:12:72:ec:94:89:29:
6a:98:bb:20:9d:6d:ff:5e:a6:9f:ec:26:b5:6f:65:
76:b3:fa:8a:f5:5a:d1:ec:be:58:e4:15:2c:6a:d3:
bd:0b:5a:c5:d3:01:29:c3:c3:8a:fd:c4:1e:14:65:
1f:d4:c4:0d:4f:08:a2:f4:c0:93:02:a5:46:a9:32:
16:18:39:82:a7:3f:0f:b3:dd:d6:b2:96:1b:ef:ca:
ad:a8:8c:2b:67:1f:d3:77:b6:90:85:74:91:d0:85:
2b:3d:71:16:8a:63:67:5b:8e:47:77:38:91:43:e4:
34:da:df:98:15:34:ab:37:6c:b4:2c:d2:a5:c9:1c:
93:26:2d:48:c6:b2:63:5f:b4:46:69:2a:07:77:b8:
98:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:77:E2:26:8B:3D:D1:86:E0:9E:E6:A6:39:DC:7C:5F:80:22:6C:0A
X509v3 Authority Key Identifier:
keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/yHfiJos90YbgnuamOdx8X4AibAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.64.0/20
185.204.48.0/24
185.204.50.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:bd:6b:7e:34:3f:a5:09:a0:79:16:44:63:d9:95:9f:f1:30:
f1:c5:48:47:52:c4:b6:e1:1e:90:37:5b:ce:2f:cb:3b:c1:c2:
4e:2c:ea:0f:32:3e:5d:4f:7d:6f:87:54:c4:52:3b:f4:53:15:
55:b4:9e:37:0e:a5:2c:44:19:98:aa:64:4a:ed:20:9b:47:e3:
4e:ea:90:26:9c:57:fd:31:1a:8e:b4:f5:20:81:a0:db:ac:e7:
0c:33:5f:1b:dd:dd:82:1b:9a:bd:ce:2a:08:7f:39:6c:d9:0c:
64:90:eb:42:b5:68:85:e8:3b:35:51:3b:51:92:8b:cf:0d:4f:
58:57:f3:db:0e:81:e0:e6:ad:c0:50:b5:22:08:b7:f2:99:91:
21:4c:20:13:26:4f:3e:57:49:67:0e:21:3d:af:ab:1b:13:cd:
6b:48:25:bb:34:54:79:84:28:af:f2:75:0d:17:8e:da:5f:dc:
d8:22:03:f8:d8:bb:69:61:22:5b:79:1b:0c:d7:5e:e7:4e:3b:
16:ae:55:ff:8d:30:b9:b2:ce:db:c0:29:e9:9b:b7:f7:50:79:
24:82:20:bb:07:7a:a3:57:03:a0:0a:e5:30:26:5f:a2:c0:88:
a5:b7:1c:2e:23:40:b3:11:b0:2b:32:45:94:f5:67:13:00:db:
25:75:49:ea
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENbqi5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDVmMmU3Y2MyYzY4N2Y1OGMwZDFmNjEzMmJiMmRjZmRmMzhjYjY0MB4XDTIyMDEw
MTAyNTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg3N2UyMjY4YjNk
ZDE4NmUwOWVlNmE2MzlkYzdjNWY4MDIyNmMwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMh9o6q2S1spOL4Pm0U3/MGgPdHfsAXL0Urc+9NazRKAoddY
4W7w1oL47rFMSpBAUWl0P3pWTB1BtDdJ9xVYI3dypa6zeO+AGJLzDP1abHvkKaUT
6pxyg3vZBYO+M/qcg/noIG7b0TddTuZvX3sAGV8REnLslIkpapi7IJ1t/16mn+wm
tW9ldrP6ivVa0ey+WOQVLGrTvQtaxdMBKcPDiv3EHhRlH9TEDU8IovTAkwKlRqky
Fhg5gqc/D7Pd1rKWG+/KraiMK2cf03e2kIV0kdCFKz1xFopjZ1uOR3c4kUPkNNrf
mBU0qzdstCzSpckckyYtSMayY1+0RmkqB3e4mAECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTId+Imiz3RhuCe5qY53HxfgCJsCjAfBgNVHSMEGDAWgBTdXy58wsaH9YwN
H2Eyuy3P3zjLZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNWOHVmTUxHaF9XTURSOWhNcnN0ejk4NHkyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvYmMwYTI1LTkzM2EtNGY1YS1hNWYzLTlkY2ZkMmVmMzAyMy8x
L3lIZmlKb3M5MFliZ251YW1PZHg4WDRBaWJBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
YmMwYTI1LTkzM2EtNGY1YS1hNWYzLTlkY2ZkMmVmMzAyMy8xLzNWOHVmTUxHaF9X
TURSOWhNcnN0ejk4NHkyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBG1LQAMEALnMMAMEAbnMMjANBgkq
hkiG9w0BAQsFAAOCAQEAsb1rfjQ/pQmgeRZEY9mVn/Ew8cVIR1LEtuEekDdbzi/L
O8HCTizqDzI+XU99b4dUxFI79FMVVbSeNw6lLEQZmKpkSu0gm0fjTuqQJpxX/TEa
jrT1IIGg26znDDNfG93dghuavc4qCH85bNkMZJDrQrVoheg7NVE7UZKLzw1PWFfz
2w6B4OatwFC1Igi38pmRIUwgEyZPPldJZw4hPa+rGxPNa0gluzRUeYQor/J1DReO
2l/c2CID+Ni7aWEiW3kbDNde5047Fq5V/40wubLO28Ap6Zu391B5JIIguwd6o1cD
oArlMCZfosCIpbccLiNAsxGwKzJFlPVnEwDbJXVJ6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:26 2024 by rpki-client on console-fra.rpki-client.org