Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/hBGYm5--Rev8xTSwS_QKY3uKhL4.roa
File: hBGYm5--Rev8xTSwS_QKY3uKhL4.roa (raw, json)
Hash identifier: sa9pZKtMQnElC/1U3kSqsNHrbuZHkvcNN4ByreMtX4M=
Subject key identifier: 84:11:98:9B:9F:BE:45:EB:FC:C5:34:B0:4B:F4:0A:63:7B:8A:84:BE
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 01878B6C473FCB4C3C697B4DBC72E16AF6A2
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/hBGYm5--Rev8xTSwS_QKY3uKhL4.roa
Signing time: Sun 16 Apr 2023 18:55:41 +0000
ROA not before: Sun 16 Apr 2023 18:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138997
IP address blocks: 109.206.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8b:6c:47:3f:cb:4c:3c:69:7b:4d:bc:72:e1:6a:f6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Apr 16 18:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8411989b9fbe45ebfcc534b04bf40a637b8a84be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e9:1c:a4:5c:bc:f4:c9:74:36:10:a1:02:82:
38:fe:7f:c5:64:44:3b:e6:05:3a:8e:8b:81:65:6c:
b3:e5:f8:f9:3e:0d:28:b0:92:a3:1a:bd:5e:17:d0:
cb:d4:b3:17:c8:1a:1b:a4:cf:6d:0b:ca:d3:1e:84:
9f:46:fb:59:8b:bb:00:12:06:34:23:7f:0d:17:ae:
1d:e6:c0:b4:94:ad:c4:0d:03:21:bb:bd:58:d3:90:
fd:ab:fb:a2:79:a0:5c:fd:7d:06:cc:36:91:98:ed:
dc:ce:6b:d2:e0:3d:55:00:2a:2a:5b:54:d2:fd:03:
04:55:dc:b3:5b:ff:ac:6c:52:37:d5:2c:ec:db:26:
9c:c0:04:9f:63:70:6e:b7:34:83:fa:55:c7:0c:4f:
fa:d1:ab:67:c3:e6:1a:1c:72:d2:9d:b2:51:44:a5:
1b:b5:54:fd:2a:e8:04:d3:df:b3:7c:42:8b:52:8c:
11:15:b5:c6:5d:f6:10:3c:91:ec:a6:da:71:ae:c0:
70:22:84:de:ca:69:b8:45:16:94:10:b9:91:af:34:
a2:8d:cd:96:1d:e9:4d:29:1c:58:7e:66:e5:de:df:
40:c1:64:38:21:02:b8:dd:33:47:d3:2a:b6:dd:b5:
bb:da:e5:9c:ba:33:b6:bb:78:97:1f:03:43:ff:39:
e6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:11:98:9B:9F:BE:45:EB:FC:C5:34:B0:4B:F4:0A:63:7B:8A:84:BE
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/hBGYm5--Rev8xTSwS_QKY3uKhL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.244.0/24
Signature Algorithm: sha256WithRSAEncryption
77:f2:b9:b4:e6:62:0c:0f:46:95:ca:14:85:a8:f8:76:ce:c8:
7c:4d:03:67:6e:77:ee:be:ca:56:34:8b:6b:44:4f:49:e6:68:
51:e7:42:24:29:92:9a:8d:70:c4:f0:97:ae:dc:0e:91:92:4b:
6e:95:44:32:cb:7a:c2:e9:09:f1:15:e9:82:63:d0:2a:e9:05:
fe:2e:14:d1:be:59:f1:f1:f5:00:19:29:dd:5a:11:ec:fe:42:
49:93:3d:ba:54:19:e7:d0:89:7d:27:6c:77:fa:4d:e9:82:6a:
f3:be:3a:66:be:9f:75:f9:ce:39:01:ed:ba:e0:39:3e:f5:db:
ff:41:41:9e:3c:8c:43:6c:94:1d:e2:0e:71:32:3c:48:90:2c:
ef:b3:1b:15:7f:f1:8d:c9:f3:0c:0b:7d:10:9f:33:48:18:5d:
86:0a:65:8e:e5:31:84:a5:6b:b7:96:4f:1b:ee:f7:66:cd:07:
6f:2f:c8:a9:39:fc:02:f9:d5:e6:2b:a4:1c:7d:2b:a4:73:8a:
b5:e7:f3:72:76:f5:e7:01:73:19:ad:cc:1b:a1:d8:b8:3b:82:
30:df:b7:a0:6a:f3:92:b6:ba:99:1a:ee:f0:c4:1b:c4:62:68:
ad:78:52:b8:98:17:f3:16:bc:8e:d7:64:3e:45:4b:51:85:5e:
da:68:e4:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeLbEc/y0w8aXtNvHLhavaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjMwNDE2MTg1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDExOTg5YjlmYmU0NWViZmNjNTM0YjA0YmY0MGE2MzdiOGE4NGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOkcpFy89Ml0NhChAoI4/n/FZEQ7
5gU6jouBZWyz5fj5Pg0osJKjGr1eF9DL1LMXyBobpM9tC8rTHoSfRvtZi7sAEgY0
I38NF64d5sC0lK3EDQMhu71Y05D9q/uieaBc/X0GzDaRmO3czmvS4D1VACoqW1TS
/QMEVdyzW/+sbFI31Szs2yacwASfY3ButzSD+lXHDE/60atnw+YaHHLSnbJRRKUb
tVT9KugE09+zfEKLUowRFbXGXfYQPJHsptpxrsBwIoTeymm4RRaUELmRrzSijc2W
HelNKRxYfmbl3t9AwWQ4IQK43TNH0yq23bW72uWcujO2u3iXHwND/znmawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQRmJufvkXr/MU0sEv0CmN7ioS+MB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvaEJHWW01LS1SZXY4eFRTd1NfUUtZM3VLaEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc70MA0G
CSqGSIb3DQEBCwUAA4IBAQB38rm05mIMD0aVyhSFqPh2zsh8TQNnbnfuvspWNItr
RE9J5mhR50IkKZKajXDE8Jeu3A6RkktulUQyy3rC6QnxFemCY9Aq6QX+LhTRvlnx
8fUAGSndWhHs/kJJkz26VBnn0Il9J2x3+k3pgmrzvjpmvp91+c45Ae264Dk+9dv/
QUGePIxDbJQd4g5xMjxIkCzvsxsVf/GNyfMMC30QnzNIGF2GCmWO5TGEpWu3lk8b
7vdmzQdvL8ipOfwC+dXmK6QcfSukc4q15/NydvXnAXMZrcwbodi4O4Iw37egavOS
trqZGu7wxBvEYmiteFK4mBfzFryO12Q+RUtRhV7aaOQ+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:12 2025 by rpki-client