Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/26p7qIj8hnfjS8NVZItY7zl2_6A.roa
File: 26p7qIj8hnfjS8NVZItY7zl2_6A.roa (raw, json)
Hash identifier: wBO4OdhQA/w1Ergq8aLy+mD5g2CV867muXgsxH2/X4E=
Subject key identifier: DB:AA:7B:A8:88:FC:86:77:E3:4B:C3:55:64:8B:58:EF:39:76:FF:A0
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0185729EDF473B2D8850CDAC1810551E5255
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/26p7qIj8hnfjS8NVZItY7zl2_6A.roa
Signing time: Mon 02 Jan 2023 13:14:52 +0000
ROA not before: Mon 02 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206874
IP address blocks: 109.74.82.0/23 maxlen: 23
109.74.82.0/24 maxlen: 24
109.74.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:df:47:3b:2d:88:50:cd:ac:18:10:55:1e:52:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 2 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbaa7ba888fc8677e34bc355648b58ef3976ffa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f1:86:d1:a1:ef:ed:d4:7b:0f:2c:19:8d:30:
5b:95:03:c7:ab:c0:ed:9f:f4:e0:dd:35:99:cb:e7:
8e:99:57:f9:e6:22:f6:e4:ba:dd:17:8e:45:69:01:
cf:d1:dc:78:d1:8f:74:6e:fc:2a:ba:04:a0:61:d8:
26:19:7d:6f:40:2b:97:f2:27:9e:b6:8b:75:2d:84:
4b:1b:60:03:2e:4a:d0:0f:b1:67:10:3b:3b:64:0d:
c7:82:15:bb:10:69:67:45:57:af:fa:20:ec:b0:d4:
36:fd:55:65:62:2b:90:5c:6d:1e:b7:19:93:d0:45:
1d:54:fb:cd:c6:00:69:53:b9:4c:4b:fd:45:f1:f8:
3f:19:46:04:fd:e5:b4:f5:80:d3:88:2a:5f:3f:e6:
9a:00:98:fc:7f:17:ed:35:ae:00:33:19:ac:63:2d:
52:58:3b:c2:52:d2:a1:de:ba:49:c3:4b:29:a8:8c:
62:6c:3d:df:20:44:38:e5:44:8e:b1:38:b9:8b:e5:
67:07:bd:4c:38:4d:ed:e2:bf:2e:bf:b0:35:05:c0:
63:df:2e:d7:0b:31:d8:2c:51:ba:44:c6:b2:05:16:
1e:4c:cb:6a:84:b2:53:56:cb:b9:37:97:76:55:f0:
32:0d:9b:55:45:4c:06:79:7e:d2:50:f2:10:c2:75:
1b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AA:7B:A8:88:FC:86:77:E3:4B:C3:55:64:8B:58:EF:39:76:FF:A0
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/26p7qIj8hnfjS8NVZItY7zl2_6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.82.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:8e:f6:62:3c:89:7e:54:b4:4b:45:af:07:e6:e2:bd:91:3f:
f0:fa:e3:f2:e1:c4:28:6f:75:5f:3e:48:a1:1d:78:de:8d:45:
45:cd:d9:15:5a:4c:14:56:7d:8e:81:d9:b4:4b:62:7d:17:cc:
ce:13:4c:3b:6f:79:8b:7b:4c:06:37:43:78:fe:55:1a:a7:6d:
8c:60:7f:6d:a0:9d:d2:52:7b:18:f2:96:5d:02:0c:40:2f:71:
23:c4:51:0e:18:58:37:bc:e2:9e:e7:a4:4a:8e:77:ac:47:80:
15:36:e0:57:7a:d2:79:5b:5d:2b:95:7f:eb:3d:05:91:78:db:
23:c9:c9:30:77:1c:39:82:c5:25:57:75:cf:c1:c3:5c:b7:73:
8a:37:9c:cd:c3:cb:c4:e2:d5:69:82:cd:5e:da:25:88:95:7d:
90:c7:e9:7d:df:3d:cd:52:62:c7:31:5a:e1:2d:21:82:f3:2f:
1e:ef:28:4c:74:49:c2:4e:9b:68:ae:f7:ea:3a:a9:34:a6:46:
08:b2:2b:0c:a6:a4:af:7b:00:be:4e:79:37:93:34:e0:79:f8:
01:eb:fb:3c:79:bb:e7:d7:56:dd:6a:83:87:5c:fe:53:6a:b3:
34:ae:07:4c:9d:80:2d:c6:2c:38:cc:62:ed:ea:b5:12:f0:6f:
22:e9:85:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynt9HOy2IUM2sGBBVHlJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjMwMTAyMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmFhN2JhODg4ZmM4Njc3ZTM0YmMzNTU2NDhiNThlZjM5NzZmZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPGG0aHv7dR7DywZjTBblQPHq8Dt
n/Tg3TWZy+eOmVf55iL25LrdF45FaQHP0dx40Y90bvwqugSgYdgmGX1vQCuX8iee
tot1LYRLG2ADLkrQD7FnEDs7ZA3HghW7EGlnRVev+iDssNQ2/VVlYiuQXG0etxmT
0EUdVPvNxgBpU7lMS/1F8fg/GUYE/eW09YDTiCpfP+aaAJj8fxftNa4AMxmsYy1S
WDvCUtKh3rpJw0spqIxibD3fIEQ45USOsTi5i+VnB71MOE3t4r8uv7A1BcBj3y7X
CzHYLFG6RMayBRYeTMtqhLJTVsu5N5d2VfAyDZtVRUwGeX7SUPIQwnUbFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuqe6iI/IZ340vDVWSLWO85dv+gMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvMjZwN3FJajhobmZqUzhOVlpJdFk3emwyXzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbUpSMA0G
CSqGSIb3DQEBCwUAA4IBAQCNjvZiPIl+VLRLRa8H5uK9kT/w+uPy4cQob3VfPkih
HXjejUVFzdkVWkwUVn2Ogdm0S2J9F8zOE0w7b3mLe0wGN0N4/lUap22MYH9toJ3S
UnsY8pZdAgxAL3EjxFEOGFg3vOKe56RKjnesR4AVNuBXetJ5W10rlX/rPQWReNsj
yckwdxw5gsUlV3XPwcNct3OKN5zNw8vE4tVpgs1e2iWIlX2Qx+l93z3NUmLHMVrh
LSGC8y8e7yhMdEnCTptorvfqOqk0pkYIsisMpqSvewC+Tnk3kzTgefgB6/s8ebvn
11bdaoOHXP5TarM0rgdMnYAtxiw4zGLt6rUS8G8i6YXJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:31 2025 by rpki-client