Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/35y949ZtBZEJlSqrZU2yiDlhJNc.roa
File: 35y949ZtBZEJlSqrZU2yiDlhJNc.roa (raw, json)
Hash identifier: wHf6v9O9em6BsTGBBSKOEHE+5OyVRkk5ftDR4wYNQ9M=
Subject key identifier: DF:9C:BD:E3:D6:6D:05:91:09:95:2A:AB:65:4D:B2:88:39:61:24:D7
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 027B4941
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/35y949ZtBZEJlSqrZU2yiDlhJNc.roa
Signing time: Tue 26 Apr 2022 08:30:46 +0000
ROA not before: Tue 26 Apr 2022 08:30:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 109.105.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41634113 (0x27b4941)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Apr 26 08:30:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df9cbde3d66d059109952aab654db288396124d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f2:3a:9c:c9:a4:85:66:bb:bd:89:6b:fc:67:
f0:ce:34:77:4d:4d:bf:d0:59:bb:60:f0:01:e9:d3:
34:92:97:b8:9f:f1:9d:fd:d7:42:c0:b9:ee:c2:0c:
1f:c3:93:66:53:a0:08:3c:be:b8:e8:b0:2a:30:f6:
be:e6:52:4a:cd:6e:63:ad:19:61:a9:6a:58:cd:48:
21:11:39:de:3e:71:98:1a:10:58:55:e0:07:2e:78:
79:35:ed:5d:dd:16:bc:04:eb:40:51:be:eb:90:c5:
a1:08:fa:76:80:ed:f5:90:30:1f:4a:b8:87:64:57:
83:8c:01:22:34:2a:2d:98:ca:5f:36:d8:32:bf:c3:
4f:63:4e:84:3c:fd:f7:e8:d5:4a:50:cd:05:6b:9d:
11:5d:e2:7a:eb:17:e5:63:fc:49:14:10:06:15:5f:
40:0e:f3:36:1d:00:f4:f6:ad:7b:4b:58:ab:f8:78:
5f:dd:fa:ef:f5:a7:2c:ee:ca:6e:8b:f8:00:3f:4b:
24:d3:fc:6f:d0:70:5e:41:cd:e6:18:eb:cd:9f:20:
49:54:09:52:c8:31:f6:fc:f3:d9:70:a3:63:fb:1a:
4d:a6:8b:d9:52:33:28:b8:1a:bd:63:fb:cb:9d:51:
64:d0:3f:76:ce:8b:6a:18:09:1f:41:5f:a0:da:bc:
a0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9C:BD:E3:D6:6D:05:91:09:95:2A:AB:65:4D:B2:88:39:61:24:D7
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/35y949ZtBZEJlSqrZU2yiDlhJNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.195.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ad:97:de:37:12:c1:56:85:e4:3a:22:38:27:30:88:be:18:
3e:73:2b:4f:d5:d8:00:06:19:9d:ac:3a:3c:00:86:b1:47:ce:
b8:05:fd:1b:72:c6:61:63:72:cb:b6:0b:f9:c8:32:35:dd:32:
40:12:82:9f:73:49:43:18:95:48:b3:0f:b1:3f:07:db:94:f5:
40:fb:26:e4:01:46:9e:40:17:94:ed:eb:c8:52:f6:83:3e:fe:
ec:8e:63:69:ed:72:ad:73:d5:9d:0f:2c:5d:c8:a3:33:33:22:
63:b8:14:5d:fc:3c:cb:5a:3c:9b:6a:1a:33:a3:96:63:b8:04:
c8:8b:1c:c3:54:63:4f:3e:0c:3e:78:a4:2e:46:42:c8:43:8d:
1a:a0:c5:56:4d:0b:96:43:02:40:06:ab:77:62:fa:5f:4d:27:
30:b9:f9:f9:7b:96:68:6c:8a:ad:3d:01:b2:01:67:9e:04:b4:
75:ee:01:6a:72:b6:72:8a:f5:09:48:66:49:32:ad:d1:53:89:
c5:5e:af:3e:e1:3c:c5:01:01:ec:de:d1:f0:23:02:8d:ec:89:
ea:92:d8:5c:ef:a5:52:ee:de:d6:a6:34:d4:87:89:94:7f:ce:
13:04:d7:42:7f:b4:11:c6:b9:03:b8:dc:27:c3:63:32:c8:5e:
66:a9:63:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAntJQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDQy
NjA4MzA0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY5Y2JkZTNkNjZk
MDU5MTA5OTUyYWFiNjU0ZGIyODgzOTYxMjRkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPyOpzJpIVmu72Ja/xn8M40d01Nv9BZu2DwAenTNJKXuJ/x
nf3XQsC57sIMH8OTZlOgCDy+uOiwKjD2vuZSSs1uY60ZYalqWM1IIRE53j5xmBoQ
WFXgBy54eTXtXd0WvATrQFG+65DFoQj6doDt9ZAwH0q4h2RXg4wBIjQqLZjKXzbY
Mr/DT2NOhDz99+jVSlDNBWudEV3ieusX5WP8SRQQBhVfQA7zNh0A9Pate0tYq/h4
X9367/WnLO7Kbov4AD9LJNP8b9BwXkHN5hjrzZ8gSVQJUsgx9vzz2XCjY/saTaaL
2VIzKLgavWP7y51RZNA/ds6LahgJH0FfoNq8oM0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTfnL3j1m0FkQmVKqtlTbKIOWEk1zAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
LzM1eTk0OVp0QlpFSmxTcXJaVTJ5aURsaEpOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1pwzANBgkqhkiG9w0BAQsFAAOC
AQEAI62X3jcSwVaF5DoiOCcwiL4YPnMrT9XYAAYZnaw6PACGsUfOuAX9G3LGYWNy
y7YL+cgyNd0yQBKCn3NJQxiVSLMPsT8H25T1QPsm5AFGnkAXlO3ryFL2gz7+7I5j
ae1yrXPVnQ8sXcijMzMiY7gUXfw8y1o8m2oaM6OWY7gEyIscw1RjTz4MPnikLkZC
yEONGqDFVk0LlkMCQAard2L6X00nMLn5+XuWaGyKrT0BsgFnngS0de4BanK2cor1
CUhmSTKt0VOJxV6vPuE8xQEB7N7R8CMCjeyJ6pLYXO+lUu7e1qY01IeJlH/OEwTX
Qn+0Eca5A7jcJ8NjMsheZqljdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org