Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/3FdN02EQ5VJbBCtgHu1sN5RWwlw.roa
File: 3FdN02EQ5VJbBCtgHu1sN5RWwlw.roa (raw, json)
Hash identifier: oLShr9FgtKGMBrJLDi07081SjTNhHwBPO9a7QLMyRnc=
Subject key identifier: DC:57:4D:D3:61:10:E5:52:5B:04:2B:60:1E:ED:6C:37:94:56:C2:5C
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 0183FE8FF92A745953EE4805E80159FEC308
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/3FdN02EQ5VJbBCtgHu1sN5RWwlw.roa
Signing time: Sat 22 Oct 2022 07:19:51 +0000
ROA not before: Sat 22 Oct 2022 07:19:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51554
IP address blocks: 109.72.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:8f:f9:2a:74:59:53:ee:48:05:e8:01:59:fe:c3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Oct 22 07:19:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc574dd36110e5525b042b601eed6c379456c25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:23:69:78:04:37:a0:79:dc:a9:40:46:a6:0e:
92:5a:2c:d7:39:cf:c9:a7:af:24:2b:70:74:9b:05:
9e:00:10:41:65:74:78:4c:ae:02:dc:2c:77:61:ef:
ff:31:0e:70:a3:d8:39:9e:09:65:8c:b3:cb:7e:27:
4c:aa:4f:5a:e9:6d:71:e9:4f:e1:b0:67:7c:b0:1e:
5e:a9:3b:94:f1:25:83:94:ca:d2:99:30:e2:89:ad:
ba:19:1b:a0:27:02:82:ca:04:0c:13:4d:1e:42:ce:
cb:e6:9c:5f:9c:47:5a:4b:3e:cc:e4:30:1f:8e:8b:
2e:ed:80:ac:97:fb:84:b7:a8:78:96:1c:c9:08:03:
f6:3a:78:84:36:24:65:4a:4a:3f:73:41:f1:22:2a:
ab:88:91:4c:23:31:5f:90:98:5e:94:db:76:68:ad:
1a:a8:78:2c:ba:e4:4b:d4:85:fc:aa:b3:e0:35:f5:
5e:3f:c7:8d:7b:1b:e2:04:2d:06:29:f9:37:60:9d:
b5:c8:91:c8:92:ed:2b:9b:6a:ad:01:f1:f1:4f:51:
e1:c3:73:76:18:ee:aa:d0:a3:85:db:81:ae:b8:ef:
37:f3:0e:57:68:d2:e3:59:97:ec:48:af:26:cd:d0:
43:8d:f2:24:f8:13:26:02:9c:53:0e:0f:e7:07:1c:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:57:4D:D3:61:10:E5:52:5B:04:2B:60:1E:ED:6C:37:94:56:C2:5C
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/3FdN02EQ5VJbBCtgHu1sN5RWwlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.200.0/24
Signature Algorithm: sha256WithRSAEncryption
76:8c:5a:cb:48:f0:48:63:0c:64:e4:54:7b:f9:53:54:ef:e6:
e3:31:cf:0b:8d:81:46:2c:26:b9:8b:71:9b:4b:75:6e:d6:35:
88:1e:33:45:d9:98:05:38:f0:4e:60:ad:a8:c8:c1:f5:ee:92:
90:84:c5:9b:e8:59:e9:0a:d1:ca:a9:67:a3:8d:77:b2:be:e6:
20:ea:bf:e5:cb:82:50:aa:ea:08:07:a2:3f:c5:5b:e8:11:10:
4c:1c:41:25:96:4e:95:ce:cd:19:5c:4b:31:2e:90:97:70:51:
b6:c3:5e:e8:98:f3:36:a3:ba:5d:c8:62:53:14:41:8c:b6:5c:
3a:0b:16:34:b9:a7:ec:91:1b:10:25:e0:a3:9b:bf:ae:e6:eb:
a0:0f:d3:c8:54:85:c5:e3:eb:d0:ed:7f:b1:f2:4d:07:7a:8e:
69:d8:5f:f8:f2:56:dc:f8:94:73:eb:ac:e6:57:7f:87:84:0c:
33:db:a0:cf:aa:e4:31:86:8d:7b:aa:90:c6:5f:a2:1a:a6:90:
59:d3:9b:8b:93:5f:3d:0c:cd:41:49:94:61:36:f1:60:ea:28:
c6:c1:70:74:dc:60:70:f0:5a:c2:d7:b4:90:81:44:e9:9c:d2:
56:40:ae:8c:38:cd:85:f4:24:d4:20:5d:31:f6:ce:0e:59:77:
ae:3b:24:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP+j/kqdFlT7kgF6AFZ/sMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjIxMDIyMDcxOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzU3NGRkMzYxMTBlNTUyNWIwNDJiNjAxZWVkNmMzNzk0NTZjMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiNpeAQ3oHncqUBGpg6SWizXOc/J
p68kK3B0mwWeABBBZXR4TK4C3Cx3Ye//MQ5wo9g5nglljLPLfidMqk9a6W1x6U/h
sGd8sB5eqTuU8SWDlMrSmTDiia26GRugJwKCygQME00eQs7L5pxfnEdaSz7M5DAf
josu7YCsl/uEt6h4lhzJCAP2OniENiRlSko/c0HxIiqriJFMIzFfkJhelNt2aK0a
qHgsuuRL1IX8qrPgNfVeP8eNexviBC0GKfk3YJ21yJHIku0rm2qtAfHxT1Hhw3N2
GO6q0KOF24GuuO838w5XaNLjWZfsSK8mzdBDjfIk+BMmApxTDg/nBxzBMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxXTdNhEOVSWwQrYB7tbDeUVsJcMB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEvM0ZkTjAyRVE1VkpiQkN0Z0h1MXNONVJXd2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUjIMA0G
CSqGSIb3DQEBCwUAA4IBAQB2jFrLSPBIYwxk5FR7+VNU7+bjMc8LjYFGLCa5i3Gb
S3Vu1jWIHjNF2ZgFOPBOYK2oyMH17pKQhMWb6FnpCtHKqWejjXeyvuYg6r/ly4JQ
quoIB6I/xVvoERBMHEEllk6Vzs0ZXEsxLpCXcFG2w17omPM2o7pdyGJTFEGMtlw6
CxY0uafskRsQJeCjm7+u5uugD9PIVIXF4+vQ7X+x8k0Heo5p2F/48lbc+JRz66zm
V3+HhAwz26DPquQxho17qpDGX6IappBZ05uLk189DM1BSZRhNvFg6ijGwXB03GBw
8FrC17SQgUTpnNJWQK6MOM2F9CTUIF0x9s4OWXeuOySt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:46 2025 by rpki-client