Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/2PSJng3FH8EbHBJCshBaMfdsf6o.roa
File: 2PSJng3FH8EbHBJCshBaMfdsf6o.roa (raw, json)
Hash identifier: 2u7V38w5m5qpsVh0zsOPpT1LgMooowIB4sHi93lMCBY=
Subject key identifier: D8:F4:89:9E:0D:C5:1F:C1:1B:1C:12:42:B2:10:5A:31:F7:6C:7F:AA
Certificate issuer: /CN=9241ad0e7fc22bfbab567be89f63d9805e5eb9aa
Certificate serial: 0183C3839490AD33C736D71677CB9B153112
Authority key identifier: 92:41:AD:0E:7F:C2:2B:FB:AB:56:7B:E8:9F:63:D9:80:5E:5E:B9:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkGtDn_CK_urVnvon2PZgF5euao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/2PSJng3FH8EbHBJCshBaMfdsf6o.roa
Signing time: Mon 10 Oct 2022 20:08:43 +0000
ROA not before: Mon 10 Oct 2022 20:08:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202477
IP address blocks: 109.205.199.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c3:83:94:90:ad:33:c7:36:d7:16:77:cb:9b:15:31:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9241ad0e7fc22bfbab567be89f63d9805e5eb9aa
Validity
Not Before: Oct 10 20:08:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8f4899e0dc51fc11b1c1242b2105a31f76c7faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:1d:fd:4b:0a:de:d5:e3:e4:da:cf:b0:5b:
c7:7b:29:c8:fc:f0:85:87:d5:2f:d7:d1:24:9f:fd:
82:f7:fd:15:5e:df:4e:9e:53:e3:dc:8e:32:ff:2c:
00:4d:28:98:31:4f:1d:65:91:7e:a4:38:ac:2c:c1:
86:10:19:44:5a:c4:69:c4:20:b1:f2:a1:0f:ef:ef:
7a:e0:e9:29:e0:4e:fa:33:2b:8f:f2:f0:0a:bf:ad:
93:83:1f:b0:52:ee:31:b1:8c:49:56:ca:65:74:f8:
0b:10:36:aa:da:7d:a4:af:72:91:43:a6:72:53:93:
84:9b:2d:24:83:ae:d1:1c:0f:e2:e3:89:94:ca:b3:
08:a7:8a:15:82:b6:2e:cf:ba:ce:11:f5:b0:39:61:
26:e8:2d:f0:56:66:a5:ad:74:66:97:4e:3e:67:64:
a6:71:aa:43:e7:0d:f2:d0:16:74:25:7e:2d:44:89:
81:ad:fe:4c:38:1e:a0:c6:86:fb:93:38:45:d2:57:
a9:af:c5:ae:e4:6a:07:11:13:87:42:3e:88:3c:ad:
0c:9a:e8:e9:7b:51:8d:10:3d:2b:6d:a3:29:31:8d:
b0:34:a2:12:6b:78:eb:cc:64:d0:0f:5c:cb:60:fd:
a1:5a:f3:f2:02:a0:43:f7:b1:00:8b:ac:2f:95:ab:
79:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F4:89:9E:0D:C5:1F:C1:1B:1C:12:42:B2:10:5A:31:F7:6C:7F:AA
X509v3 Authority Key Identifier:
keyid:92:41:AD:0E:7F:C2:2B:FB:AB:56:7B:E8:9F:63:D9:80:5E:5E:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkGtDn_CK_urVnvon2PZgF5euao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/2PSJng3FH8EbHBJCshBaMfdsf6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/kkGtDn_CK_urVnvon2PZgF5euao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.199.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:64:35:d3:8a:fd:18:67:fc:99:47:d4:d9:1f:59:cf:c2:ab:
9a:4c:2a:3f:00:3a:55:d7:f7:ee:9e:1b:1b:94:5d:c3:34:69:
8f:3a:44:9a:7b:ac:69:02:5a:4b:a3:88:1c:0e:87:63:51:2b:
d3:7c:84:9c:ab:e2:79:01:c8:c0:93:8e:c1:41:5a:e1:28:7a:
7b:8c:9b:98:84:12:0f:a8:8b:5d:43:66:89:ff:f1:3d:9d:3f:
ba:0b:9e:2f:49:60:ce:59:10:14:e4:44:66:b9:d0:fa:d0:69:
9a:b6:fc:08:33:11:c1:68:13:22:1d:96:3c:90:b3:bd:e3:c1:
fb:ea:d9:de:7a:5d:58:e5:a9:83:7c:4f:74:be:7f:e3:ee:45:
8a:8c:a6:57:a2:3e:87:fc:65:0d:6a:bf:e6:7b:f2:e7:20:0b:
88:73:60:08:b4:5f:c1:96:bf:9d:1b:b7:64:b7:8d:05:eb:fe:
31:3f:6d:66:ab:80:9b:8b:8a:a6:b3:dc:87:51:60:6d:52:fb:
79:8b:80:f8:a0:38:86:b8:c5:26:b4:64:5b:e6:93:13:33:ae:
a6:8e:5e:d9:c4:5b:2f:3e:59:71:b0:93:66:5c:ba:3c:f9:fb:
d2:ac:bd:71:b6:96:f7:e6:7e:23:52:55:98:e5:12:a1:ed:16:
7a:72:14:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPDg5SQrTPHNtcWd8ubFTESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDFhZDBlN2ZjMjJiZmJhYjU2N2JlODlmNjNkOTgwNWU1
ZWI5YWEwHhcNMjIxMDEwMjAwODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGY0ODk5ZTBkYzUxZmMxMWIxYzEyNDJiMjEwNWEzMWY3NmM3ZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSAd/UsK3tXj5NrPsFvHeynI/PCF
h9Uv19Ekn/2C9/0VXt9OnlPj3I4y/ywATSiYMU8dZZF+pDisLMGGEBlEWsRpxCCx
8qEP7+964Okp4E76MyuP8vAKv62Tgx+wUu4xsYxJVspldPgLEDaq2n2kr3KRQ6Zy
U5OEmy0kg67RHA/i44mUyrMIp4oVgrYuz7rOEfWwOWEm6C3wVmalrXRml04+Z2Sm
capD5w3y0BZ0JX4tRImBrf5MOB6gxob7kzhF0lepr8Wu5GoHEROHQj6IPK0Mmujp
e1GNED0rbaMpMY2wNKISa3jrzGTQD1zLYP2hWvPyAqBD97EAi6wvlat5CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNj0iZ4NxR/BGxwSQrIQWjH3bH+qMB8GA1UdIwQY
MBaAFJJBrQ5/wiv7q1Z76J9j2YBeXrmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tHdERuX0NLX3VyVm52b24yUFpnRjVldWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mYjFhNmQtNDEzOC00YzRmLWFlZDkt
NDU0NGM2MTA5NzI5LzEvMlBTSm5nM0ZIOEViSEJKQ3NoQmFNZmRzZjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9mYjFhNmQtNDEzOC00YzRmLWFlZDktNDU0NGM2MTA5NzI5
LzEva2tHdERuX0NLX3VyVm52b24yUFpnRjVldWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc3HMA0G
CSqGSIb3DQEBCwUAA4IBAQA/ZDXTiv0YZ/yZR9TZH1nPwquaTCo/ADpV1/funhsb
lF3DNGmPOkSae6xpAlpLo4gcDodjUSvTfIScq+J5AcjAk47BQVrhKHp7jJuYhBIP
qItdQ2aJ//E9nT+6C54vSWDOWRAU5ERmudD60GmatvwIMxHBaBMiHZY8kLO948H7
6tneel1Y5amDfE90vn/j7kWKjKZXoj6H/GUNar/me/LnIAuIc2AItF/Blr+dG7dk
t40F6/4xP21mq4Cbi4qms9yHUWBtUvt5i4D4oDiGuMUmtGRb5pMTM66mjl7ZxFsv
PllxsJNmXLo8+fvSrL1xtpb35n4jUlWY5RKh7RZ6chTy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:20 2024 by rpki-client on console-ams.rpki-client.org