Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/jdZekAkrW1Zvyz1_8u3oXGOFMxs.roa
File: jdZekAkrW1Zvyz1_8u3oXGOFMxs.roa (raw, json)
Hash identifier: XohZIhe8FGOk7iCXTjcCslJToimh4P8+QhMdf1qPm6w=
Subject key identifier: 8D:D6:5E:90:09:2B:5B:56:6F:CB:3D:7F:F2:ED:E8:5C:63:85:33:1B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018378C7E16889AB99D88D4C942F5736B7DC
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/jdZekAkrW1Zvyz1_8u3oXGOFMxs.roa
Signing time: Mon 26 Sep 2022 07:51:48 +0000
ROA not before: Mon 26 Sep 2022 07:51:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210878
IP address blocks: 109.207.140.0/23 maxlen: 23
64.43.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:78:c7:e1:68:89:ab:99:d8:8d:4c:94:2f:57:36:b7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 26 07:51:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dd65e90092b5b566fcb3d7ff2ede85c6385331b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a2:e7:4f:18:eb:3d:70:53:05:81:c3:24:79:
49:31:aa:24:29:35:17:05:e7:48:b3:71:d1:66:dc:
bf:e9:cb:38:82:ea:91:bb:ae:48:04:12:fd:6c:e7:
86:fd:46:20:65:aa:fb:26:e9:ad:f0:07:a1:f5:e9:
37:10:48:aa:10:2b:73:4c:34:52:61:7f:fa:11:6e:
a2:05:24:cd:12:8a:3b:eb:17:6c:b3:c5:3e:dc:68:
d6:e0:ee:93:e7:c9:87:5c:ea:1e:46:de:14:54:16:
22:13:0d:02:e1:b7:f6:c7:ed:b0:a6:f7:12:62:03:
6b:e3:af:ad:0a:71:57:b9:68:63:0d:65:10:1a:ab:
09:aa:fc:9f:b4:81:07:bf:e6:64:87:74:c9:fb:a5:
f9:bc:25:c9:37:53:e6:6d:d7:15:f4:84:44:f7:7d:
ca:92:b6:e9:93:ca:e8:9c:8b:2d:00:5d:f5:1f:38:
fe:44:ea:de:c8:ba:ba:2c:c1:2b:d7:ca:06:e2:2f:
34:03:22:0d:7b:18:c7:f9:fb:ac:51:73:41:2e:e2:
a5:0f:ef:0e:4c:c8:a5:00:65:6c:72:e0:91:7b:d2:
f6:40:f7:d5:b7:ea:1d:61:45:22:20:bf:b2:99:e4:
1b:f8:d1:95:a2:21:19:46:21:21:3f:12:4c:a6:08:
0d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D6:5E:90:09:2B:5B:56:6F:CB:3D:7F:F2:ED:E8:5C:63:85:33:1B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/jdZekAkrW1Zvyz1_8u3oXGOFMxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.92.0/22
109.207.140.0/23
Signature Algorithm: sha256WithRSAEncryption
02:09:ac:cc:88:3a:32:fe:98:d1:d0:d2:03:73:cc:18:05:6e:
5e:e2:5e:ff:49:52:8e:46:67:5c:2a:ba:c7:f5:a3:fe:38:2f:
0f:f5:a2:b2:23:79:d6:08:97:84:ee:7d:18:5c:e2:81:5f:0a:
4e:60:d3:60:54:0d:b5:e8:04:c6:42:30:2a:27:d1:99:da:50:
24:42:40:05:34:a4:31:fa:72:bb:5a:4d:81:38:6f:e5:a3:4e:
e0:49:4f:e1:7a:5b:f9:73:94:b6:c7:c7:50:ec:92:d0:57:47:
73:bd:ad:f3:75:a9:84:37:95:04:68:ca:4e:53:6a:7c:9c:be:
c6:f2:df:82:8e:b0:50:69:0d:cb:2c:58:d3:b2:80:b0:b6:55:
16:d6:f1:96:54:fa:89:f3:34:aa:6f:2a:1e:38:7c:58:78:e3:
de:25:af:3c:0e:d0:e5:f0:2d:6d:22:65:e3:d9:7a:f6:92:e1:
9d:48:bd:cc:a3:b8:a7:d7:8b:44:fa:a3:d1:55:79:53:2d:ac:
34:c0:55:39:a8:8b:df:5f:5c:34:fc:44:69:f2:3c:a9:a0:38:
22:ac:68:bd:c3:02:30:a3:6c:b8:39:ef:a3:14:63:0b:23:22:
9a:92:bd:bd:99:53:24:21:17:6e:5d:39:67:55:e7:29:3e:7d:
69:52:64:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYN4x+FoiauZ2I1MlC9XNrfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwOTI2MDc1MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGQ2NWU5MDA5MmI1YjU2NmZjYjNkN2ZmMmVkZTg1YzYzODUzMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKLnTxjrPXBTBYHDJHlJMaokKTUX
BedIs3HRZty/6cs4guqRu65IBBL9bOeG/UYgZar7Jumt8Aeh9ek3EEiqECtzTDRS
YX/6EW6iBSTNEoo76xdss8U+3GjW4O6T58mHXOoeRt4UVBYiEw0C4bf2x+2wpvcS
YgNr46+tCnFXuWhjDWUQGqsJqvyftIEHv+Zkh3TJ+6X5vCXJN1PmbdcV9IRE933K
krbpk8ronIstAF31Hzj+ROreyLq6LMEr18oG4i80AyINexjH+fusUXNBLuKlD+8O
TMilAGVscuCRe9L2QPfVt+odYUUiIL+ymeQb+NGVoiEZRiEhPxJMpggNJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI3WXpAJK1tWb8s9f/Lt6FxjhTMbMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvamRaZWtBa3JXMVp2eXoxXzh1M29YR09GTXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCQCtcAwQB
bc+MMA0GCSqGSIb3DQEBCwUAA4IBAQACCazMiDoy/pjR0NIDc8wYBW5e4l7/SVKO
RmdcKrrH9aP+OC8P9aKyI3nWCJeE7n0YXOKBXwpOYNNgVA216ATGQjAqJ9GZ2lAk
QkAFNKQx+nK7Wk2BOG/lo07gSU/helv5c5S2x8dQ7JLQV0dzva3zdamEN5UEaMpO
U2p8nL7G8t+CjrBQaQ3LLFjTsoCwtlUW1vGWVPqJ8zSqbyoeOHxYeOPeJa88DtDl
8C1tImXj2Xr2kuGdSL3Mo7in14tE+qPRVXlTLaw0wFU5qIvfX1w0/ERp8jypoDgi
rGi9wwIwo2y4Oe+jFGMLIyKakr29mVMkIRduXTlnVecpPn1pUmSO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org