Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/49XwbKIHNQKL12AZQJU2d3_LIyQ.roa
File: 49XwbKIHNQKL12AZQJU2d3_LIyQ.roa (raw, json)
Hash identifier: S/z9ort/kcq3VZcmXtZhNAd4mdO9VK+Ljiqsxm9P5o0=
Subject key identifier: E3:D5:F0:6C:A2:07:35:02:8B:D7:60:19:40:95:36:77:7F:CB:23:24
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 3742B643
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/49XwbKIHNQKL12AZQJU2d3_LIyQ.roa
Signing time: Sat 01 Jan 2022 02:56:21 +0000
ROA not before: Sat 01 Jan 2022 02:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2603
IP address blocks: 109.105.120.0/22 maxlen: 22
109.105.96.0/20 maxlen: 20
185.174.116.0/22 maxlen: 22
109.105.112.0/21 maxlen: 21
2001:948::/29 maxlen: 29
2001:948:feed::/48 maxlen: 48
2001:948::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927118915 (0x3742b643)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Jan 1 02:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3d5f06ca20735028bd76019409536777fcb2324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f6:99:15:75:57:5e:c1:7f:4e:87:35:79:ac:
2c:e4:e4:17:ba:44:35:4a:bb:bf:e0:1f:7b:2f:dc:
a2:11:9f:48:73:aa:02:d5:a3:97:37:e3:63:56:dc:
4e:a9:54:a7:73:ba:13:cc:64:09:9c:e4:f8:c2:0f:
09:02:a2:1b:31:ef:de:5e:b8:4b:38:8e:77:bc:f7:
dc:fb:99:5f:88:8c:4b:19:3c:3b:49:7c:47:0e:6f:
b5:43:87:d2:99:92:a3:0c:28:ff:f2:8d:c4:03:c6:
44:66:f6:2f:40:cf:8e:29:25:86:37:1e:65:b8:80:
b9:64:7a:96:30:f7:45:33:4a:cd:78:8d:4a:7b:37:
0a:a7:34:c7:67:fe:b9:80:75:43:73:b1:a5:25:89:
9a:fe:d9:b5:09:bd:27:f8:3b:23:28:05:2b:e1:c0:
63:ff:9c:04:0b:55:5c:04:79:e9:23:7f:cd:db:22:
4c:e6:08:77:c5:b6:00:4f:50:17:be:f6:5e:5d:12:
eb:45:ef:2b:e2:9e:fe:b7:41:2c:dd:95:47:88:0c:
e4:1d:eb:de:d9:e3:62:f9:aa:20:59:cc:74:76:de:
42:96:1d:09:8f:db:44:54:94:53:59:a6:3f:84:12:
8b:8f:c1:23:0a:48:16:7d:a0:62:90:cf:d1:0b:9a:
6f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D5:F0:6C:A2:07:35:02:8B:D7:60:19:40:95:36:77:7F:CB:23:24
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/49XwbKIHNQKL12AZQJU2d3_LIyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.96.0-109.105.123.255
185.174.116.0/22
IPv6:
2001:948::/29
Signature Algorithm: sha256WithRSAEncryption
aa:9c:d9:4d:49:c1:64:f7:a3:ab:1a:ff:7b:a9:64:c4:72:2c:
22:d2:e9:95:55:47:2f:60:80:7a:a1:ad:60:48:7e:f3:02:2b:
b7:9d:7a:30:36:b7:e7:82:57:55:d9:c0:04:2f:2c:ec:c4:f9:
75:1f:62:b6:7a:b4:d2:7c:4c:97:75:14:2b:55:7d:e6:18:be:
5e:66:cc:4d:5e:3b:a1:13:1d:7a:bc:33:f1:df:ed:ee:c5:07:
c7:0d:7b:90:16:80:87:0f:96:37:1c:80:ed:c3:d8:ff:ef:4f:
2b:6f:b2:f5:64:a6:6b:34:9d:b0:34:fa:ce:70:16:ac:a3:6b:
2c:94:a6:70:41:e8:1d:23:93:ef:59:87:36:d1:0e:d0:64:0c:
24:d1:9b:93:87:23:75:18:3c:99:b8:22:d8:b7:71:43:e7:33:
46:e6:4d:4b:bf:63:c7:6f:90:06:e0:ae:2d:69:f2:e7:82:f1:
c0:c2:7f:be:a2:43:b7:5a:c7:fa:31:dd:84:92:07:82:6b:4a:
f6:54:33:6b:6e:be:c7:26:55:cb:92:43:85:3a:3b:1a:30:7c:
0c:1e:f7:9c:b1:3f:db:4e:c9:5f:14:d1:be:1b:19:17:af:9a:
08:51:ea:20:0f:2e:2a:1d:61:d6:83:a8:dd:97:16:6b:7b:90:
77:32:0b:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEN0K2QzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzU2YWU2MjVkOTUwNmRmNGEzZTU3N2IyNGE4NmZjZTNjNzNhOGY4MB4XDTIyMDEw
MTAyNTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTNkNWYwNmNhMjA3
MzUwMjhiZDc2MDE5NDA5NTM2Nzc3ZmNiMjMyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOD2mRV1V17Bf06HNXmsLOTkF7pENUq7v+Afey/cohGfSHOq
AtWjlzfjY1bcTqlUp3O6E8xkCZzk+MIPCQKiGzHv3l64SziOd7z33PuZX4iMSxk8
O0l8Rw5vtUOH0pmSowwo//KNxAPGRGb2L0DPjiklhjceZbiAuWR6ljD3RTNKzXiN
Sns3Cqc0x2f+uYB1Q3OxpSWJmv7ZtQm9J/g7IygFK+HAY/+cBAtVXAR56SN/zdsi
TOYId8W2AE9QF772Xl0S60XvK+Ke/rdBLN2VR4gM5B3r3tnjYvmqIFnMdHbeQpYd
CY/bRFSUU1mmP4QSi4/BIwpIFn2gYpDP0Quab7sCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTj1fBsogc1AovXYBlAlTZ3f8sjJDAfBgNVHSMEGDAWgBTTVq5iXZUG30o+
V3skqG/OPHOo+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAxYXVZbDJWQnQ5S1BsZDdKS2h2emp4enFQZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvN2E2NTQ1LTUyNzctNDBmMy1iMzY2LTJlYTg3ZTZlYTJhMC8x
LzQ5WHdiS0lITlFLTDEyQVpRSlUyZDNfTEl5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
N2E2NTQ1LTUyNzctNDBmMy1iMzY2LTJlYTg3ZTZlYTJhMC8xLzAxYXVZbDJWQnQ5
S1BsZDdKS2h2emp4enFQZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQFbWlgAwQCbWl4AwQCua50MA0E
AgACMAcDBQMgAQlIMA0GCSqGSIb3DQEBCwUAA4IBAQCqnNlNScFk96OrGv97qWTE
ciwi0umVVUcvYIB6oa1gSH7zAiu3nXowNrfngldV2cAELyzsxPl1H2K2erTSfEyX
dRQrVX3mGL5eZsxNXjuhEx16vDPx3+3uxQfHDXuQFoCHD5Y3HIDtw9j/708rb7L1
ZKZrNJ2wNPrOcBaso2sslKZwQegdI5PvWYc20Q7QZAwk0ZuThyN1GDyZuCLYt3FD
5zNG5k1Lv2PHb5AG4K4tafLngvHAwn++okO3Wsf6Md2EkgeCa0r2VDNrbr7HJlXL
kkOFOjsaMHwMHvecsT/bTslfFNG+GxkXr5oIUeogDy4qHWHWg6jdlxZre5B3MguY
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:32 2025 by rpki-client