Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/ze9B-mvVDwUFQGKt0WNMnZI7bJs.roa
File: ze9B-mvVDwUFQGKt0WNMnZI7bJs.roa (raw, json)
Hash identifier: cL/oVKdnanPbykBUWQuKiRYYQ4B8uySvPK8kdLh+048=
Subject key identifier: CD:EF:41:FA:6B:D5:0F:05:05:40:62:AD:D1:63:4C:9D:92:3B:6C:9B
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 14CC806D
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/ze9B-mvVDwUFQGKt0WNMnZI7bJs.roa
Signing time: Sat 01 Jan 2022 05:51:55 +0000
ROA not before: Sat 01 Jan 2022 05:51:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59993
IP address blocks: 109.197.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348946541 (0x14cc806d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 1 05:51:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cdef41fa6bd50f05054062add1634c9d923b6c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:38:84:88:17:c5:12:a1:43:88:ab:db:f0:fa:
03:6a:6d:49:49:51:78:44:8b:3a:24:f7:a8:75:87:
e2:87:09:ee:df:7b:e5:95:a8:46:d9:ad:b7:fe:94:
11:ee:14:c0:8e:9a:15:55:cb:34:2a:31:a5:95:56:
43:97:32:fe:ff:99:f9:61:af:a1:9a:de:24:35:70:
22:2e:03:0b:6b:ae:26:36:0c:20:09:bf:37:32:57:
03:83:ff:c4:30:fa:94:74:10:51:a6:a0:74:22:65:
bf:36:11:ed:fd:ea:90:4e:60:07:7c:9d:08:58:5b:
a8:07:0c:f6:f9:20:bb:ab:ea:5e:0b:2c:f0:f7:df:
e3:91:4a:d1:be:f3:92:a3:38:f8:95:c5:c0:d9:95:
c3:c9:81:e7:78:d1:fc:68:5e:6b:d4:24:27:3f:e2:
a3:8f:74:4b:09:00:a5:43:90:b1:a9:10:7b:d9:89:
28:8b:68:74:89:da:d4:34:7a:43:cb:2a:42:db:9c:
c5:ed:f3:ec:2a:68:49:35:6d:23:5e:b7:75:46:52:
10:3a:c0:79:16:d7:87:6c:03:f8:ed:ec:6e:ee:fe:
58:18:74:be:d2:ef:a3:9f:97:81:1c:47:f4:7e:5c:
a4:9d:fc:7b:ce:b0:e7:fd:7e:89:60:a1:70:12:ae:
5d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:EF:41:FA:6B:D5:0F:05:05:40:62:AD:D1:63:4C:9D:92:3B:6C:9B
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/ze9B-mvVDwUFQGKt0WNMnZI7bJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.209.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6f:8c:29:89:22:16:df:30:a8:da:48:60:a6:c0:48:ba:5e:
59:8e:bc:04:30:56:bc:88:0e:d5:a6:c0:be:24:29:f2:f1:a9:
be:2f:18:15:99:2d:a7:5d:3e:70:ba:27:55:4d:eb:c4:e6:aa:
eb:33:0e:65:84:2e:06:c6:33:80:56:69:64:5f:b5:83:e6:c8:
7c:64:ba:1d:e2:b7:c5:86:c6:fb:00:c8:76:1a:8e:c1:94:ed:
11:18:09:ee:50:d8:9d:df:f8:92:3c:1d:b9:c0:df:a7:42:9c:
db:67:b1:b4:5c:0b:a9:88:03:c6:d6:d5:2f:e6:bd:ff:27:7e:
9b:3f:ba:f5:81:65:24:27:f4:98:46:f2:89:dd:01:d3:f4:8f:
eb:01:87:24:43:f6:de:39:ee:bc:b9:f5:19:33:0d:c4:79:41:
06:cc:d3:e5:92:5a:39:6b:1d:d5:e4:09:16:92:7e:13:01:0e:
22:f0:c9:c0:a3:9f:e0:de:cd:9e:5b:64:e8:1c:c7:59:cb:7c:
2a:fe:35:69:7c:58:89:4a:7e:3b:76:7c:64:d4:46:cf:62:13:
7e:09:fc:8d:4c:93:dc:54:18:40:a2:97:89:01:f4:9e:84:50:
b4:b0:50:43:f4:1f:7f:e1:36:1c:81:8d:77:ab:aa:38:0e:f7:
69:f4:99:7c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFMyAbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2RlZjQxZmE2YmQ1
MGYwNTA1NDA2MmFkZDE2MzRjOWQ5MjNiNmM5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ4hIgXxRKhQ4ir2/D6A2ptSUlReESLOiT3qHWH4ocJ7t97
5ZWoRtmtt/6UEe4UwI6aFVXLNCoxpZVWQ5cy/v+Z+WGvoZreJDVwIi4DC2uuJjYM
IAm/NzJXA4P/xDD6lHQQUaagdCJlvzYR7f3qkE5gB3ydCFhbqAcM9vkgu6vqXgss
8Pff45FK0b7zkqM4+JXFwNmVw8mB53jR/Ghea9QkJz/io490SwkApUOQsakQe9mJ
KItodIna1DR6Q8sqQtucxe3z7CpoSTVtI163dUZSEDrAeRbXh2wD+O3sbu7+WBh0
vtLvo5+XgRxH9H5cpJ38e86w5/1+iWChcBKuXecCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTN70H6a9UPBQVAYq3RY0ydkjtsmzAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
L3plOUItbXZWRHdVRlFHS3QwV05NblpJN2JKcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3F0TANBgkqhkiG9w0BAQsFAAOC
AQEAKW+MKYkiFt8wqNpIYKbASLpeWY68BDBWvIgO1abAviQp8vGpvi8YFZktp10+
cLonVU3rxOaq6zMOZYQuBsYzgFZpZF+1g+bIfGS6HeK3xYbG+wDIdhqOwZTtERgJ
7lDYnd/4kjwducDfp0Kc22extFwLqYgDxtbVL+a9/yd+mz+69YFlJCf0mEbyid0B
0/SP6wGHJEP23jnuvLn1GTMNxHlBBszT5ZJaOWsd1eQJFpJ+EwEOIvDJwKOf4N7N
nltk6BzHWct8Kv41aXxYiUp+O3Z8ZNRGz2ITfgn8jUyT3FQYQKKXiQH0noRQtLBQ
Q/Qff+E2HIGNd6uqOA73afSZfA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org