Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/C1cs9LeomaqCBbwTQWh0mGayPLw.roa
File: C1cs9LeomaqCBbwTQWh0mGayPLw.roa (raw, json)
Hash identifier: p/NPyRnKVVBEOqj5zC333b12fqgTeg9F9W7rsT5GY0c=
Subject key identifier: 0B:57:2C:F4:B7:A8:99:AA:82:05:BC:13:41:68:74:98:66:B2:3C:BC
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 021AB6DC
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/C1cs9LeomaqCBbwTQWh0mGayPLw.roa
Signing time: Mon 14 Mar 2022 23:07:12 +0000
ROA not before: Mon 14 Mar 2022 23:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60588
IP address blocks: 109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.205.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
109.105.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35305180 (0x21ab6dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Mar 14 23:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b572cf4b7a899aa8205bc134168749866b23cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:dd:ff:72:35:d1:39:01:b4:60:ce:c7:fa:74:
90:e4:5e:10:fb:7a:57:bc:28:d4:74:0c:fd:57:29:
9f:c6:bc:67:49:a0:41:54:0c:cc:32:a2:d1:30:1f:
73:a2:30:d7:07:82:bd:a0:8e:58:d9:dd:fe:1d:f7:
24:4a:42:29:b3:bc:d6:2c:40:b8:7b:8b:52:28:bf:
d0:a8:42:82:a8:34:6d:23:88:ff:91:f3:a9:94:87:
3b:14:80:55:a8:07:ab:a8:b3:dc:e4:64:45:f1:3c:
21:8f:fa:8b:b7:4c:ea:b7:0b:d5:1d:f7:5e:fd:ca:
8d:b1:7b:ab:13:f9:23:46:d5:6f:58:53:d5:89:f3:
e7:f3:90:a5:29:37:9b:f9:76:83:47:58:e6:1c:58:
76:09:0e:1d:bb:bc:ee:89:aa:65:19:71:44:e0:6e:
d1:9f:b0:a7:ae:06:04:84:9d:b3:b1:57:96:e5:1f:
78:92:58:38:cb:2c:79:1f:69:42:a5:98:00:2d:4c:
6c:71:28:c0:e3:6e:04:43:4e:63:33:91:d2:92:f2:
5e:62:1f:71:fa:1d:08:90:96:22:88:d5:04:1a:6f:
e4:6e:d1:0a:cd:61:3b:13:2e:73:d5:ff:6d:c1:3a:
87:c8:8e:1a:4e:e8:d9:be:48:d9:56:91:16:bf:77:
2d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:57:2C:F4:B7:A8:99:AA:82:05:BC:13:41:68:74:98:66:B2:3C:BC
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/C1cs9LeomaqCBbwTQWh0mGayPLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.200.0/21
Signature Algorithm: sha256WithRSAEncryption
21:8c:fd:81:9e:2a:8a:99:f1:01:ad:21:bc:5e:d8:70:e1:39:
c9:bb:47:75:d2:29:39:0d:9a:c5:3f:a8:88:28:15:92:2f:7c:
b3:d0:f9:9a:ca:48:04:67:38:a7:00:7c:1a:1f:d6:31:ee:ac:
c7:62:00:7b:bb:77:42:28:08:9b:98:b4:70:38:c5:75:41:f3:
67:93:2d:ca:53:3f:39:fd:52:a6:7d:24:54:96:61:42:cb:b3:
98:4b:f2:f3:3d:81:34:a3:bb:f4:d5:52:9e:dd:68:d2:78:3f:
f7:bf:85:b8:fe:dc:b9:1b:f1:45:93:b8:3b:fb:83:43:2a:5b:
5d:b4:1d:0c:d9:23:99:33:84:70:d8:19:e8:a7:6c:26:5a:4a:
df:38:c6:92:88:76:ff:cc:06:e5:4b:97:9b:98:bd:94:a4:99:
1a:19:df:84:d7:e6:d4:1c:8c:e3:d5:39:4b:82:95:34:50:17:
46:43:59:dc:ab:78:71:78:d3:bc:fb:9c:9d:aa:94:0d:3e:df:
76:5e:d6:39:1b:c1:4a:a7:83:fe:ea:c6:fc:a5:09:df:8e:cf:
df:5a:3d:88:1c:58:9b:78:37:86:24:5a:52:b3:5f:cb:07:99:
80:73:6a:a3:e3:c8:80:69:15:89:0f:a4:cb:de:5a:a0:ea:c3:
4f:f9:92:bd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAhq23DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGM2MGEwZDJkNzBhOTMzN2QwYmRhNTZkMWFkNTk2YWMxZjY5Y2RhMB4XDTIyMDMx
NDIzMDcxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI1NzJjZjRiN2E4
OTlhYTgyMDViYzEzNDE2ODc0OTg2NmIyM2NiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObd/3I10TkBtGDOx/p0kOReEPt6V7wo1HQM/Vcpn8a8Z0mg
QVQMzDKi0TAfc6Iw1weCvaCOWNnd/h33JEpCKbO81ixAuHuLUii/0KhCgqg0bSOI
/5HzqZSHOxSAVagHq6iz3ORkRfE8IY/6i7dM6rcL1R33Xv3KjbF7qxP5I0bVb1hT
1Ynz5/OQpSk3m/l2g0dY5hxYdgkOHbu87omqZRlxROBu0Z+wp64GBISds7FXluUf
eJJYOMsseR9pQqWYAC1MbHEowONuBENOYzOR0pLyXmIfcfodCJCWIojVBBpv5G7R
Cs1hOxMuc9X/bcE6h8iOGk7o2b5I2VaRFr93LXECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLVyz0t6iZqoIFvBNBaHSYZrI8vDAfBgNVHSMEGDAWgBTYxgoNLXCpM30L
2lbRrVlqwfac2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJNWUtEUzF3cVROOUM5cFcwYTFaYXNIMm5Oby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvYjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8x
L0MxY3M5TGVvbWFxQ0Jid1RRV2gwbUdheVBMdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
YjUxYTg1LWY5OWYtNDIzZi05ZmFlLWRkMjk0YzM3OGY2Yy8xLzJNWUtEUzF3cVRO
OUM5cFcwYTFaYXNIMm5Oby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA21pyDANBgkqhkiG9w0BAQsFAAOC
AQEAIYz9gZ4qipnxAa0hvF7YcOE5ybtHddIpOQ2axT+oiCgVki98s9D5mspIBGc4
pwB8Gh/WMe6sx2IAe7t3QigIm5i0cDjFdUHzZ5MtylM/Of1Spn0kVJZhQsuzmEvy
8z2BNKO79NVSnt1o0ng/97+FuP7cuRvxRZO4O/uDQypbXbQdDNkjmTOEcNgZ6Kds
JlpK3zjGkoh2/8wG5UuXm5i9lKSZGhnfhNfm1ByM49U5S4KVNFAXRkNZ3Kt4cXjT
vPucnaqUDT7fdl7WORvBSqeD/urG/KUJ347P31o9iBxYm3g3hiRaUrNfyweZgHNq
o+PIgGkViQ+ky95aoOrDT/mSvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org