Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/dA_9asbjew4D5DcFBS-ge9HyXVg.roa
File: dA_9asbjew4D5DcFBS-ge9HyXVg.roa (raw, json)
Hash identifier: e9UdwIXfLVQ3hL640cQwhyztdoePhdlpA36IUbvKXVc=
Subject key identifier: 74:0F:FD:6A:C6:E3:7B:0E:03:E4:37:05:05:2F:A0:7B:D1:F2:5D:58
Certificate issuer: /CN=8d842656177b4267ab55e4ba165a5ec00f5084bc
Certificate serial: 01856C25AF9F28F0705B7669201ED480F391
Authority key identifier: 8D:84:26:56:17:7B:42:67:AB:55:E4:BA:16:5A:5E:C0:0F:50:84:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/dA_9asbjew4D5DcFBS-ge9HyXVg.roa
Signing time: Sun 01 Jan 2023 07:04:47 +0000
ROA not before: Sun 01 Jan 2023 07:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31183
IP address blocks: 109.235.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:af:9f:28:f0:70:5b:76:69:20:1e:d4:80:f3:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d842656177b4267ab55e4ba165a5ec00f5084bc
Validity
Not Before: Jan 1 07:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=740ffd6ac6e37b0e03e43705052fa07bd1f25d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bb:35:b7:57:10:69:26:68:46:2f:05:39:28:
0a:5d:c4:00:04:30:24:a7:30:f4:1b:41:48:ee:1b:
36:67:5f:ae:c7:4d:5a:e3:b5:60:a1:64:c9:3f:89:
dc:68:39:8b:e9:30:11:1b:4f:d7:e5:cf:75:c1:ad:
0f:6b:0a:5d:26:ab:18:27:0e:81:70:d8:60:1e:d4:
1b:fa:01:cc:26:7b:e6:c8:72:8f:0c:21:79:f5:59:
a9:ce:08:30:8d:b4:a4:11:b9:2e:94:ca:81:27:d9:
f2:22:18:69:1d:75:92:fa:eb:9e:c4:ad:b8:31:87:
a8:4b:45:94:41:26:d7:a1:3b:48:7e:84:77:95:aa:
31:8f:34:7c:ef:7a:50:1f:8d:3f:3e:58:99:63:28:
93:93:5f:53:74:da:1c:9d:9b:13:b6:1e:fe:c5:23:
8c:da:dc:94:58:7c:6e:6f:43:1f:74:34:00:b2:8a:
2d:e7:85:7f:11:23:6b:2f:b5:7f:b3:85:2a:4a:73:
2e:0a:57:d9:65:10:83:d6:9c:a4:ca:03:65:3e:fb:
c1:a6:f8:a8:7c:c7:d9:b2:87:dd:d4:bb:57:28:f0:
7f:3a:22:50:54:1f:5e:c5:62:df:97:1a:41:af:a0:
c8:ca:f8:06:d2:06:ec:e6:0d:89:c2:d4:b6:c1:4a:
02:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0F:FD:6A:C6:E3:7B:0E:03:E4:37:05:05:2F:A0:7B:D1:F2:5D:58
X509v3 Authority Key Identifier:
keyid:8D:84:26:56:17:7B:42:67:AB:55:E4:BA:16:5A:5E:C0:0F:50:84:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/dA_9asbjew4D5DcFBS-ge9HyXVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/jYQmVhd7QmerVeS6FlpewA9QhLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.208.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e1:c8:f1:56:be:7c:d8:b6:35:4f:f8:fc:0f:ec:00:36:1e:
71:ac:5a:e4:3c:3f:75:34:a5:7d:05:69:5f:21:9e:0e:07:01:
25:c6:97:25:8c:08:12:c5:34:3c:f0:cd:1c:b1:0c:bf:37:7b:
c8:ac:0a:74:57:67:4c:5a:3c:07:f5:d7:79:9f:b5:00:fb:d6:
01:7a:52:02:47:9a:99:3a:71:bd:b8:1a:f2:09:95:ed:7d:26:
f0:c9:c7:32:05:32:2e:4e:52:ab:01:22:ed:78:55:45:b1:7b:
da:ac:2a:e6:86:93:40:bf:10:0b:48:71:19:68:9d:d5:6c:a5:
f3:36:83:b6:94:4d:c8:c6:3e:b5:de:59:33:c0:2d:85:85:57:
9a:12:c4:27:ee:f2:03:ec:1e:a2:35:1b:e4:69:68:ff:cd:d0:
71:19:b8:23:bd:1f:9e:48:0d:81:19:df:dd:b5:08:46:0d:6a:
3d:fb:ce:ac:1f:21:72:6d:58:7c:8f:ae:45:13:c2:f7:cc:1c:
be:67:73:ea:20:f4:12:39:61:f3:02:56:b3:5f:98:f9:cb:08:
fb:bb:3f:c9:35:d9:df:24:11:5a:ec:c3:c6:30:54:00:2e:2e:
93:33:06:78:03:57:92:6c:92:2a:b4:bb:7b:66:e5:90:b8:9b:
2b:94:b2:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJa+fKPBwW3ZpIB7UgPORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQyNjU2MTc3YjQyNjdhYjU1ZTRiYTE2NWE1ZWMwMGY1
MDg0YmMwHhcNMjMwMTAxMDcwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBmZmQ2YWM2ZTM3YjBlMDNlNDM3MDUwNTJmYTA3YmQxZjI1ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rs1t1cQaSZoRi8FOSgKXcQABDAk
pzD0G0FI7hs2Z1+ux01a47VgoWTJP4ncaDmL6TARG0/X5c91wa0PawpdJqsYJw6B
cNhgHtQb+gHMJnvmyHKPDCF59VmpzggwjbSkEbkulMqBJ9nyIhhpHXWS+uuexK24
MYeoS0WUQSbXoTtIfoR3laoxjzR873pQH40/PliZYyiTk19TdNocnZsTth7+xSOM
2tyUWHxub0MfdDQAsoot54V/ESNrL7V/s4UqSnMuClfZZRCD1pykygNlPvvBpvio
fMfZsofd1LtXKPB/OiJQVB9exWLflxpBr6DIyvgG0gbs5g2JwtS2wUoCswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQP/WrG43sOA+Q3BQUvoHvR8l1YMB8GA1UdIwQY
MBaAFI2EJlYXe0Jnq1XkuhZaXsAPUIS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallRbVZoZDdRbWVyVmVTNkZscGV3QTlRaEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS85MzYwZWMtOWNkMS00YzAwLTg2Njgt
OTRjMmY4MjY5ZTljLzEvZEFfOWFzYmpldzRENURjRkJTLWdlOUh5WFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS85MzYwZWMtOWNkMS00YzAwLTg2NjgtOTRjMmY4MjY5ZTlj
LzEvallRbVZoZDdRbWVyVmVTNkZscGV3QTlRaEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbevQMA0G
CSqGSIb3DQEBCwUAA4IBAQCN4cjxVr582LY1T/j8D+wANh5xrFrkPD91NKV9BWlf
IZ4OBwElxpcljAgSxTQ88M0csQy/N3vIrAp0V2dMWjwH9dd5n7UA+9YBelICR5qZ
OnG9uBryCZXtfSbwyccyBTIuTlKrASLteFVFsXvarCrmhpNAvxALSHEZaJ3VbKXz
NoO2lE3Ixj613lkzwC2FhVeaEsQn7vID7B6iNRvkaWj/zdBxGbgjvR+eSA2BGd/d
tQhGDWo9+86sHyFybVh8j65FE8L3zBy+Z3PqIPQSOWHzAlazX5j5ywj7uz/JNdnf
JBFa7MPGMFQALi6TMwZ4A1eSbJIqtLt7ZuWQuJsrlLL5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:16 2025 by rpki-client