Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/RpRGm4cPpoWAY-LKjJs0oWtTgDI.roa
File: RpRGm4cPpoWAY-LKjJs0oWtTgDI.roa (raw, json)
Hash identifier: z1mG9dUbv5p0P8cUSHgTkPB9rgrpyZ/lnhaqF+kNR6c=
Subject key identifier: 46:94:46:9B:87:0F:A6:85:80:63:E2:CA:8C:9B:34:A1:6B:53:80:32
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 37416E02
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/RpRGm4cPpoWAY-LKjJs0oWtTgDI.roa
Signing time: Sat 01 Jan 2022 02:56:21 +0000
ROA not before: Sat 01 Jan 2022 02:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1653
IP address blocks: 109.105.126.0/25 maxlen: 25
109.105.126.128/25 maxlen: 25
2001:948:58::/48 maxlen: 48
2001:948:59::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927034882 (0x37416e02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Jan 1 02:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4694469b870fa6858063e2ca8c9b34a16b538032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:41:14:d0:1e:3a:67:0b:3c:cc:16:1e:a7:be:
5c:26:f2:b4:1a:98:ca:77:5a:9f:31:c8:9e:fd:48:
c2:a4:a5:31:6b:c1:26:ee:61:57:4a:a8:0c:f6:2c:
53:b4:16:df:03:90:36:19:15:bf:24:41:a7:29:c6:
2a:5b:ff:0c:71:d2:e5:ce:9a:73:8c:f0:d5:42:34:
93:7e:aa:16:e2:8a:6a:d9:cd:af:8c:20:14:fd:a9:
bd:6e:d1:10:e2:84:5d:07:da:48:aa:aa:8c:7a:04:
80:74:55:97:63:fc:00:ee:06:79:95:4a:4b:32:d9:
9d:c6:22:56:c6:ea:9b:9c:ba:f7:c9:fb:ec:44:10:
70:d9:4b:b0:84:ed:57:67:e8:f3:6a:2a:6e:3f:3f:
aa:1b:12:06:ec:e7:30:b2:fd:f4:27:75:cb:2b:0b:
a2:76:7e:60:ff:d7:2a:9c:98:e8:a2:31:18:a5:1d:
7a:34:8b:76:6d:6d:0d:58:8c:7e:8a:d3:91:d2:6b:
1d:ee:16:1a:e4:96:80:f1:70:c2:31:25:db:47:7b:
4e:bc:8b:2a:c9:41:fd:95:08:66:4a:89:61:2e:a7:
6f:70:87:68:d3:95:f9:11:4c:58:c4:7d:c9:9c:c9:
d3:8e:30:b1:7a:73:53:03:6c:58:0b:bd:24:69:82:
52:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:94:46:9B:87:0F:A6:85:80:63:E2:CA:8C:9B:34:A1:6B:53:80:32
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/RpRGm4cPpoWAY-LKjJs0oWtTgDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.126.0/24
IPv6:
2001:948:58::/47
Signature Algorithm: sha256WithRSAEncryption
a1:4f:af:bb:8c:b1:3b:98:4c:8a:65:5e:01:e7:99:c7:6b:35:
40:80:ec:84:05:ad:16:0a:10:42:e5:b9:d8:5f:94:fe:37:8a:
60:44:51:32:2c:44:36:86:f4:0f:cb:9f:e8:ba:ed:b5:ef:9b:
39:ac:d6:49:c0:eb:b1:c3:f7:8e:89:47:c7:0b:0e:01:3d:ec:
5d:bd:b2:96:1a:8e:55:1f:ff:08:b9:cf:43:cb:03:3f:c4:92:
3c:a0:7b:36:b3:3e:97:b0:97:97:b8:d7:e9:90:e1:1b:7e:f6:
55:41:68:8a:95:6a:43:44:69:f4:8a:94:10:1c:2b:0d:8c:c8:
bc:20:0c:7c:19:e0:dd:e3:76:4a:5e:1d:ff:f6:d8:2d:b6:07:
d4:b9:35:29:fd:0d:e3:15:c5:79:96:d0:16:41:e9:16:d3:55:
33:2b:67:7b:b3:cf:a4:d2:73:fe:ca:e1:39:44:9b:dd:62:a6:
40:b9:74:b9:e6:58:22:12:04:5a:74:49:fc:b1:62:11:1f:df:
03:68:eb:28:ae:aa:06:a8:c9:ca:9b:c5:b5:43:02:ef:cd:46:
a7:62:94:ec:e8:92:9f:25:50:2b:71:18:57:3e:a6:39:66:0f:
42:48:88:6e:e2:94:3a:fb:0a:f8:c1:16:cd:b2:ea:13:ed:83:
ac:49:8c:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEN0FuAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzU2YWU2MjVkOTUwNmRmNGEzZTU3N2IyNGE4NmZjZTNjNzNhOGY4MB4XDTIyMDEw
MTAyNTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY5NDQ2OWI4NzBm
YTY4NTgwNjNlMmNhOGM5YjM0YTE2YjUzODAzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1BFNAeOmcLPMwWHqe+XCbytBqYyndanzHInv1IwqSlMWvB
Ju5hV0qoDPYsU7QW3wOQNhkVvyRBpynGKlv/DHHS5c6ac4zw1UI0k36qFuKKatnN
r4wgFP2pvW7REOKEXQfaSKqqjHoEgHRVl2P8AO4GeZVKSzLZncYiVsbqm5y698n7
7EQQcNlLsITtV2fo82oqbj8/qhsSBuznMLL99Cd1yysLonZ+YP/XKpyY6KIxGKUd
ejSLdm1tDViMforTkdJrHe4WGuSWgPFwwjEl20d7TryLKslB/ZUIZkqJYS6nb3CH
aNOV+RFMWMR9yZzJ044wsXpzUwNsWAu9JGmCUkkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRGlEabhw+mhYBj4sqMmzSha1OAMjAfBgNVHSMEGDAWgBTTVq5iXZUG30o+
V3skqG/OPHOo+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAxYXVZbDJWQnQ5S1BsZDdKS2h2emp4enFQZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvN2E2NTQ1LTUyNzctNDBmMy1iMzY2LTJlYTg3ZTZlYTJhMC8x
L1JwUkdtNGNQcG9XQVktTEtqSnMwb1d0VGdESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
N2E2NTQ1LTUyNzctNDBmMy1iMzY2LTJlYTg3ZTZlYTJhMC8xLzAxYXVZbDJWQnQ5
S1BsZDdKS2h2emp4enFQZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAG1pfjAPBAIAAjAJAwcBIAEJSABY
MA0GCSqGSIb3DQEBCwUAA4IBAQChT6+7jLE7mEyKZV4B55nHazVAgOyEBa0WChBC
5bnYX5T+N4pgRFEyLEQ2hvQPy5/ouu2175s5rNZJwOuxw/eOiUfHCw4BPexdvbKW
Go5VH/8Iuc9DywM/xJI8oHs2sz6XsJeXuNfpkOEbfvZVQWiKlWpDRGn0ipQQHCsN
jMi8IAx8GeDd43ZKXh3/9tgttgfUuTUp/Q3jFcV5ltAWQekW01UzK2d7s8+k0nP+
yuE5RJvdYqZAuXS55lgiEgRadEn8sWIRH98DaOsorqoGqMnKm8W1QwLvzUanYpTs
6JKfJVArcRhXPqY5Zg9CSIhu4pQ6+wr4wRbNsuoT7YOsSYwJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:13 2025 by rpki-client