Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/BeA8w-CfrSdcwv_J1Vi0IJ8GVs0.roa
File: BeA8w-CfrSdcwv_J1Vi0IJ8GVs0.roa (raw, json)
Hash identifier: 114Bgd0kpE+lbZPm2P+qZg+4YMoeTtm+mwYd/VGiM1s=
Subject key identifier: 05:E0:3C:C3:E0:9F:AD:27:5C:C2:FF:C9:D5:58:B4:20:9F:06:56:CD
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0185685112120D04D766252D45D53830A01F
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/BeA8w-CfrSdcwv_J1Vi0IJ8GVs0.roa
Signing time: Sat 31 Dec 2022 13:13:41 +0000
ROA not before: Sat 31 Dec 2022 13:13:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211584
IP address blocks: 109.111.52.0/22 maxlen: 24
109.111.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:68:51:12:12:0d:04:d7:66:25:2d:45:d5:38:30:a0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 31 13:13:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05e03cc3e09fad275cc2ffc9d558b4209f0656cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:04:52:b6:ef:81:88:a9:fd:f2:16:6b:aa:ae:
30:0e:77:a1:3b:0e:6f:81:e5:00:77:07:e1:27:e3:
eb:4a:10:49:4e:eb:b3:2a:7d:d6:7a:97:de:ba:05:
df:61:93:74:5a:1a:58:99:39:e5:5f:e8:98:33:79:
59:95:1c:b8:4c:89:85:61:d1:e4:f0:3a:e6:3a:9d:
a9:e9:09:66:98:04:2b:73:1a:c7:db:f3:f9:88:b0:
ca:2a:50:b5:d9:cc:f7:79:a8:6b:21:65:23:f6:64:
22:bb:d1:94:d6:33:e8:fc:c3:c2:3b:c0:75:4f:28:
d0:47:64:34:3f:ce:a1:59:e1:bb:98:0a:45:01:fa:
56:66:47:d2:18:46:e4:73:74:23:98:22:65:d6:59:
f9:a1:16:b7:65:21:08:2d:61:a3:de:fb:12:57:dd:
26:94:b3:01:0c:03:10:98:16:6f:12:c4:ee:64:86:
f7:01:72:51:91:a9:69:10:03:6e:85:26:ff:e5:f4:
0f:ab:1a:bf:1e:6e:33:b1:44:39:16:51:45:88:93:
37:29:fa:3e:5e:1c:f4:53:a6:32:b7:57:7f:37:e3:
b6:2a:4b:7e:61:1d:fe:93:ee:1b:f3:13:41:55:80:
11:75:aa:bd:ee:d2:37:f5:01:a8:22:8c:5f:98:da:
bd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E0:3C:C3:E0:9F:AD:27:5C:C2:FF:C9:D5:58:B4:20:9F:06:56:CD
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/BeA8w-CfrSdcwv_J1Vi0IJ8GVs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.52.0/22
109.111.60.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:1c:c2:9c:50:ff:67:8c:66:98:df:eb:af:c1:30:c1:34:71:
4b:44:0f:58:8f:92:7d:b9:da:93:70:d5:55:3b:8d:4d:21:6f:
20:77:03:1b:4c:4e:ed:f9:86:05:52:2f:c6:f2:0e:a8:5f:23:
4b:a5:54:a4:4e:f3:ce:d7:25:ac:c4:7f:23:a0:70:9a:37:e0:
5f:4b:53:9d:09:e0:f5:26:6c:73:d1:20:95:1b:dc:02:81:b4:
39:72:bd:c8:69:86:04:58:b7:e7:a9:05:90:5e:73:df:80:ea:
e5:44:cc:ed:89:6a:4e:e4:9e:3e:c9:d5:be:f9:71:c1:60:89:
86:0d:3b:b3:89:e7:4b:e4:fa:54:7d:92:6f:29:df:38:7a:c4:
4a:40:3a:ef:58:be:7b:f3:2a:55:33:9c:24:64:21:b0:8f:d2:
ff:ea:e4:57:a3:29:d8:bf:c8:69:1f:45:9f:47:8c:d8:97:08:
50:4d:38:d7:71:05:39:b3:a5:c9:93:b5:ad:75:ca:b1:87:70:
37:45:b4:e6:e7:14:b3:57:ad:23:96:f5:4d:fe:01:91:23:d1:
eb:b7:0b:27:e1:f4:37:da:29:60:da:22:e9:7d:12:61:68:a4:
2d:fb:d0:48:db:b9:91:99:8d:ce:1e:36:90:d7:51:1f:ce:17:
09:62:32:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVoURISDQTXZiUtRdU4MKAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjIxMjMxMTMxMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWUwM2NjM2UwOWZhZDI3NWNjMmZmYzlkNTU4YjQyMDlmMDY1NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqARStu+BiKn98hZrqq4wDnehOw5v
geUAdwfhJ+PrShBJTuuzKn3WepfeugXfYZN0WhpYmTnlX+iYM3lZlRy4TImFYdHk
8DrmOp2p6QlmmAQrcxrH2/P5iLDKKlC12cz3eahrIWUj9mQiu9GU1jPo/MPCO8B1
TyjQR2Q0P86hWeG7mApFAfpWZkfSGEbkc3QjmCJl1ln5oRa3ZSEILWGj3vsSV90m
lLMBDAMQmBZvEsTuZIb3AXJRkalpEANuhSb/5fQPqxq/Hm4zsUQ5FlFFiJM3Kfo+
Xhz0U6Yyt1d/N+O2Kkt+YR3+k+4b8xNBVYARdaq97tI39QGoIoxfmNq98wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAXgPMPgn60nXML/ydVYtCCfBlbNMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvQmVBOHctQ2ZyU2Rjd3ZfSjFWaTBJSjhHVnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbW80AwQC
bW88MA0GCSqGSIb3DQEBCwUAA4IBAQC4HMKcUP9njGaY3+uvwTDBNHFLRA9Yj5J9
udqTcNVVO41NIW8gdwMbTE7t+YYFUi/G8g6oXyNLpVSkTvPO1yWsxH8joHCaN+Bf
S1OdCeD1Jmxz0SCVG9wCgbQ5cr3IaYYEWLfnqQWQXnPfgOrlRMztiWpO5J4+ydW+
+XHBYImGDTuziedL5PpUfZJvKd84esRKQDrvWL578ypVM5wkZCGwj9L/6uRXoynY
v8hpH0WfR4zYlwhQTTjXcQU5s6XJk7Wtdcqxh3A3RbTm5xSzV60jlvVN/gGRI9Hr
twsn4fQ32ilg2iLpfRJhaKQt+9BI27mRmY3OHjaQ11EfzhcJYjL9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:38 2025 by rpki-client