Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/y0PeNQKNxVjXf_mqxiX_VPjMYxc.roa
File: y0PeNQKNxVjXf_mqxiX_VPjMYxc.roa (raw, json)
Hash identifier: eQJ+UXr1JUQjdDmfDEwkwQRVIMuh1kYLQFI3r9cCdK0=
Subject key identifier: CB:43:DE:35:02:8D:C5:58:D7:7F:F9:AA:C6:25:FF:54:F8:CC:63:17
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 0184ADA5BCBC52C3B696DC17687F2C9F9BB3
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/y0PeNQKNxVjXf_mqxiX_VPjMYxc.roa
Signing time: Fri 25 Nov 2022 07:17:10 +0000
ROA not before: Fri 25 Nov 2022 07:17:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57093
IP address blocks: 109.237.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:a5:bc:bc:52:c3:b6:96:dc:17:68:7f:2c:9f:9b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Nov 25 07:17:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb43de35028dc558d77ff9aac625ff54f8cc6317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3d:b4:62:39:6e:f7:6a:4f:ac:f6:c9:ad:cd:
69:f8:14:d3:66:ed:11:24:0d:57:ec:88:44:aa:10:
2d:e5:c0:0b:d8:79:a4:42:43:b8:ef:58:5e:f2:5a:
59:2d:20:01:0f:77:eb:38:53:9e:b4:14:2d:70:1f:
32:8b:33:79:97:b9:1a:a1:dc:09:a1:b1:64:56:af:
8a:b0:22:24:ef:f6:32:9c:c9:bc:76:a6:41:f3:5f:
9e:8f:53:c8:1d:5f:ed:1d:e8:bc:14:be:b5:85:2e:
ac:4b:68:b1:03:cb:9b:ba:89:47:81:dc:80:23:dd:
2d:3f:39:66:e0:ee:56:52:2d:ab:96:bc:c2:41:a3:
36:6b:72:68:91:6d:c8:2b:6f:58:58:cc:76:bc:b4:
ec:68:ee:b4:81:41:44:51:e8:ae:99:66:cb:a6:6c:
05:92:10:a7:b0:28:b4:9a:e2:91:a5:93:bd:d4:b3:
8c:78:de:28:27:3d:e2:ac:c4:0c:7a:f5:85:08:62:
bd:d8:5d:5b:7f:b9:d0:9b:ee:ab:e7:bc:e6:da:4a:
63:9e:90:e6:3a:8e:3e:e7:70:6f:27:b4:a7:55:cf:
4d:78:46:ba:4d:5e:87:64:56:1e:71:9b:ed:cd:04:
4e:cc:08:42:5d:f1:ba:da:a9:e0:11:48:60:9b:d7:
0c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:43:DE:35:02:8D:C5:58:D7:7F:F9:AA:C6:25:FF:54:F8:CC:63:17
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/y0PeNQKNxVjXf_mqxiX_VPjMYxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:b3:69:44:58:60:6b:24:dc:8a:9b:33:79:a5:9d:db:2c:97:
f4:c6:41:ec:7d:47:22:b9:e8:58:78:c0:1c:b4:02:6a:78:c1:
91:39:5f:d3:f2:78:4d:4b:6d:89:ec:83:c1:e7:40:38:89:bd:
92:6f:41:30:04:08:46:95:35:18:33:5f:fa:39:79:a8:e5:a6:
0b:6c:6c:6f:88:77:eb:e3:3f:56:3e:fb:c2:50:57:79:d7:a7:
48:71:4c:b2:dd:63:0d:37:61:6a:ca:6a:d3:0d:66:2b:fb:e4:
24:2a:e6:6f:bf:e6:13:e5:3e:ba:e3:c9:e8:99:9f:ff:67:07:
df:9b:1f:75:56:09:1a:88:75:af:f5:60:f6:f0:76:e2:0b:3d:
a3:57:6c:20:f9:29:5a:45:2a:d7:a0:a8:0d:c6:41:33:1e:59:
1b:0c:89:40:55:4f:c9:76:df:f7:8c:a9:7f:54:20:a0:ad:24:
9a:3e:c9:0d:75:b0:bf:0c:34:47:55:87:c0:34:6d:ba:6d:20:
0c:5c:59:59:e3:a6:1d:be:97:8e:69:54:1c:1a:1a:c0:d0:72:
59:dd:27:9b:09:7d:15:30:9d:c0:d7:f8:2e:ae:8e:41:41:da:
e0:1f:16:98:ec:f2:f1:fd:23:b3:97:b7:ac:32:cd:b4:b6:8a:
7c:93:75:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYStpby8UsO2ltwXaH8sn5uzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjIxMTI1MDcxNzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjQzZGUzNTAyOGRjNTU4ZDc3ZmY5YWFjNjI1ZmY1NGY4Y2M2MzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD20Yjlu92pPrPbJrc1p+BTTZu0R
JA1X7IhEqhAt5cAL2HmkQkO471he8lpZLSABD3frOFOetBQtcB8yizN5l7kaodwJ
obFkVq+KsCIk7/YynMm8dqZB81+ej1PIHV/tHei8FL61hS6sS2ixA8ubuolHgdyA
I90tPzlm4O5WUi2rlrzCQaM2a3JokW3IK29YWMx2vLTsaO60gUFEUeiumWbLpmwF
khCnsCi0muKRpZO91LOMeN4oJz3irMQMevWFCGK92F1bf7nQm+6r57zm2kpjnpDm
Oo4+53BvJ7SnVc9NeEa6TV6HZFYecZvtzQROzAhCXfG62qngEUhgm9cMyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtD3jUCjcVY13/5qsYl/1T4zGMXMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEveTBQZU5RS054VmpYZl9tcXhpWF9WUGpNWXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbe1kMA0G
CSqGSIb3DQEBCwUAA4IBAQCis2lEWGBrJNyKmzN5pZ3bLJf0xkHsfUciuehYeMAc
tAJqeMGROV/T8nhNS22J7IPB50A4ib2Sb0EwBAhGlTUYM1/6OXmo5aYLbGxviHfr
4z9WPvvCUFd516dIcUyy3WMNN2FqymrTDWYr++QkKuZvv+YT5T6648nomZ//Zwff
mx91VgkaiHWv9WD28HbiCz2jV2wg+SlaRSrXoKgNxkEzHlkbDIlAVU/Jdt/3jKl/
VCCgrSSaPskNdbC/DDRHVYfANG26bSAMXFlZ46YdvpeOaVQcGhrA0HJZ3SebCX0V
MJ3A1/guro5BQdrgHxaY7PLx/SOzl7esMs20top8k3VS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:14 2025 by rpki-client