Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Crb77nOSQFRGse8QyQjU3rdBjFo.roa
File: Crb77nOSQFRGse8QyQjU3rdBjFo.roa (raw, json)
Hash identifier: Vt3Cjn40DTQrxHyJ71INRiMxcBmNo1Q0Jv6KY27pxwc=
Subject key identifier: 0A:B6:FB:EE:73:92:40:54:46:B1:EF:10:C9:08:D4:DE:B7:41:8C:5A
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0181ED73A43A31D6BFBE520267E27EEE220D
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Crb77nOSQFRGse8QyQjU3rdBjFo.roa
Signing time: Mon 11 Jul 2022 13:29:47 +0000
ROA not before: Mon 11 Jul 2022 13:29:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51775
IP address blocks: 109.111.32.0/19 maxlen: 19
109.111.32.0/20 maxlen: 20
109.111.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:73:a4:3a:31:d6:bf:be:52:02:67:e2:7e:ee:22:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 11 13:29:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ab6fbee7392405446b1ef10c908d4deb7418c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:88:01:2b:0b:21:35:1f:15:df:a2:d5:d8:9c:
38:6e:8c:d3:71:3f:6c:d4:95:f9:ab:9c:db:f8:89:
ec:da:37:64:24:49:82:37:13:5e:9f:ba:fa:e3:4f:
d5:c8:ad:07:42:a9:8d:a7:2c:c0:64:74:70:5b:ff:
d6:90:ab:af:22:48:f3:c5:52:20:09:12:4c:2d:9d:
43:5a:05:06:5c:27:fd:6c:64:e2:7b:e2:8d:73:66:
88:0b:4d:8e:96:2e:bd:47:bf:5d:b3:a1:bb:6a:63:
34:81:8b:be:b8:10:92:10:35:dd:63:ef:a0:dc:a8:
01:77:0c:9e:f8:f5:5e:57:cc:b9:46:66:e2:6c:f4:
78:57:88:a0:3d:74:2c:43:4e:17:5a:53:d2:22:01:
ba:76:e2:e4:25:b5:37:81:ce:a6:c6:12:fb:9b:80:
d3:e8:33:ce:4a:48:31:bc:7c:e1:64:3e:35:e6:99:
0f:60:bd:5c:b7:cb:12:a6:2c:f7:6e:09:a8:91:59:
be:36:88:14:4e:c6:8f:42:a7:75:85:a8:e4:14:c7:
22:01:7a:2d:b5:69:71:77:9a:e1:d4:5c:85:5c:ac:
38:08:1f:c1:83:75:91:20:38:1a:45:7c:14:8c:8e:
c6:23:6e:40:2b:b5:0b:2b:69:68:be:d0:a4:d0:8e:
c0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B6:FB:EE:73:92:40:54:46:B1:EF:10:C9:08:D4:DE:B7:41:8C:5A
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Crb77nOSQFRGse8QyQjU3rdBjFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:c5:a0:31:2e:a9:5a:e9:01:7f:f8:db:a3:e8:ea:cb:56:03:
bb:e4:23:38:4a:f3:44:8d:57:3f:5f:38:fa:5d:da:15:54:31:
4b:4a:9e:8c:12:1a:7a:00:5c:ad:96:06:d5:f8:f1:37:3e:2f:
4b:88:50:e1:05:ed:b6:23:ed:db:33:47:ad:b4:21:5b:d2:67:
fe:2f:c2:da:dc:6e:e7:64:4c:11:67:8a:03:bf:b2:56:dd:b2:
26:ac:be:9f:b3:b4:b5:7e:98:07:04:8f:79:d8:30:06:cc:59:
b6:1e:09:fc:ad:ab:0c:fe:b7:9a:99:d1:84:a4:bb:3a:ef:f2:
63:3f:ba:94:03:fc:37:1e:37:cb:5a:b3:d3:0d:dd:93:36:d8:
93:b5:a0:50:d1:d2:b8:f3:42:f8:e0:11:ef:98:15:bf:af:f7:
7b:c0:12:b3:84:79:ab:fc:88:a2:60:da:9a:26:0b:89:d7:e5:
b4:0d:08:e7:4c:91:f8:db:01:e1:dc:87:d0:a6:d9:23:2f:9e:
2c:a9:a8:69:0e:ca:a5:21:78:3d:52:61:75:fe:61:7f:d0:20:
6c:04:05:76:3f:a5:e4:6d:79:fd:fe:ce:85:69:77:82:16:c3:
c2:97:4c:76:cd:df:ab:3a:ec:8f:1b:26:c0:1b:5a:74:05:c6:
87:2a:ef:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHtc6Q6Mda/vlICZ+J+7iINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjIwNzExMTMyOTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI2ZmJlZTczOTI0MDU0NDZiMWVmMTBjOTA4ZDRkZWI3NDE4YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4gBKwshNR8V36LV2Jw4bozTcT9s
1JX5q5zb+Ins2jdkJEmCNxNen7r640/VyK0HQqmNpyzAZHRwW//WkKuvIkjzxVIg
CRJMLZ1DWgUGXCf9bGTie+KNc2aIC02Oli69R79ds6G7amM0gYu+uBCSEDXdY++g
3KgBdwye+PVeV8y5RmbibPR4V4igPXQsQ04XWlPSIgG6duLkJbU3gc6mxhL7m4DT
6DPOSkgxvHzhZD415pkPYL1ct8sSpiz3bgmokVm+NogUTsaPQqd1hajkFMciAXot
tWlxd5rh1FyFXKw4CB/Bg3WRIDgaRXwUjI7GI25AK7ULK2lovtCk0I7AMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAq2++5zkkBURrHvEMkI1N63QYxaMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvQ3JiNzduT1NRRlJHc2U4UXlRalUzcmRCakZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFbW8gMA0G
CSqGSIb3DQEBCwUAA4IBAQCKxaAxLqla6QF/+Nuj6OrLVgO75CM4SvNEjVc/Xzj6
XdoVVDFLSp6MEhp6AFytlgbV+PE3Pi9LiFDhBe22I+3bM0ettCFb0mf+L8La3G7n
ZEwRZ4oDv7JW3bImrL6fs7S1fpgHBI952DAGzFm2Hgn8rasM/reamdGEpLs67/Jj
P7qUA/w3HjfLWrPTDd2TNtiTtaBQ0dK480L44BHvmBW/r/d7wBKzhHmr/IiiYNqa
JguJ1+W0DQjnTJH42wHh3IfQptkjL54sqahpDsqlIXg9UmF1/mF/0CBsBAV2P6Xk
bXn9/s6FaXeCFsPCl0x2zd+rOuyPGybAG1p0BcaHKu9q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:12 2025 by rpki-client