Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/X9CUzKOdomG0MputbyvPhvqxwDw.roa
File: X9CUzKOdomG0MputbyvPhvqxwDw.roa (raw, json)
Hash identifier: LhV66OygbGujGnRRZhgfStJP2hTcrcosWhxPvgaWvHk=
Subject key identifier: 5F:D0:94:CC:A3:9D:A2:61:B4:32:9B:AD:6F:2B:CF:86:FA:B1:C0:3C
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0185061BAD52F397165A5EE1902A99717377
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/X9CUzKOdomG0MputbyvPhvqxwDw.roa
Signing time: Mon 12 Dec 2022 11:32:35 +0000
ROA not before: Mon 12 Dec 2022 11:32:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 109.111.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:1b:ad:52:f3:97:16:5a:5e:e1:90:2a:99:71:73:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 12 11:32:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fd094cca39da261b4329bad6f2bcf86fab1c03c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9c:4a:f7:44:58:df:1f:99:99:de:01:d4:71:
51:e8:3d:4d:82:51:10:e2:eb:0e:1a:8c:3f:d6:b8:
6d:ca:8e:4b:b6:4d:4f:e1:e9:62:bd:81:2e:0c:49:
48:a4:27:10:11:8b:f9:52:19:d0:75:06:51:ac:01:
cf:80:14:12:e6:73:45:58:d9:0e:a6:82:6b:2f:a4:
6d:13:cb:07:10:85:3e:44:53:bd:d6:03:de:c6:4f:
27:11:02:71:15:7a:a5:08:41:cb:21:f1:6e:7c:d2:
19:d5:4d:21:c9:f9:23:27:4d:4f:56:1c:6f:e7:db:
ad:8c:b5:19:dc:c5:be:d0:d9:94:eb:ed:d1:25:19:
e2:6d:c4:3e:2a:c1:6d:91:66:43:7f:4f:d4:ca:96:
3f:87:2b:f7:06:b5:90:6b:5e:89:96:08:40:54:a4:
0c:37:5f:6f:bf:f9:ae:3e:e0:cf:e0:07:08:d2:04:
7c:71:a4:a4:5b:43:98:24:76:15:e8:20:09:4d:78:
6d:c0:81:53:05:a3:3b:78:4d:5e:b6:85:10:23:40:
f9:81:62:a0:38:27:01:d4:53:d4:f1:ba:8b:ed:5e:
92:fb:01:14:20:1e:14:1a:2e:de:9d:8a:21:81:c8:
10:cc:71:b0:7b:01:3b:ad:0d:37:01:2f:63:5b:c4:
bd:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D0:94:CC:A3:9D:A2:61:B4:32:9B:AD:6F:2B:CF:86:FA:B1:C0:3C
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/X9CUzKOdomG0MputbyvPhvqxwDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.48.0/22
Signature Algorithm: sha256WithRSAEncryption
44:52:b5:d0:62:94:f5:37:b4:68:63:dd:7b:ff:4e:82:d6:8a:
76:67:33:d4:06:c1:e3:4c:76:6a:06:df:b1:30:bf:0d:8f:37:
a8:00:c1:7c:d9:55:76:09:b7:33:6b:4c:5c:fd:d9:9a:5a:64:
c5:62:f3:60:ac:17:70:59:02:14:cc:71:bc:c5:a6:db:d4:b4:
89:04:91:61:b2:97:e6:30:20:33:b1:d7:cd:22:db:8f:61:2e:
8f:2d:cc:3a:fb:a4:55:d7:a2:8b:30:a8:0f:5f:52:36:cd:05:
ba:37:93:9e:86:6d:13:eb:be:66:fd:87:e1:ab:a1:d4:93:69:
52:51:78:99:14:d6:fe:9e:b7:db:9b:51:8c:26:0b:57:5d:66:
27:57:95:14:be:a8:74:99:7f:a1:22:00:a1:93:8d:0c:26:3e:
ff:77:d7:89:c1:5e:cc:84:a4:f4:2f:80:ef:1d:1a:59:89:c7:
c2:b3:89:71:64:99:6e:98:62:27:4e:91:ce:24:2a:39:5d:e3:
08:4b:f1:22:57:72:3c:5f:a2:83:a4:b3:cc:f3:ec:ec:69:9d:
a4:a9:6e:47:67:9d:8c:d2:ff:ce:81:40:58:b4:4e:c1:3e:6f:
d2:08:94:a2:2c:0d:28:2a:59:0d:a6:bf:dc:fc:bf:b8:96:99:
21:8e:15:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUGG61S85cWWl7hkCqZcXN3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjIxMjEyMTEzMjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQwOTRjY2EzOWRhMjYxYjQzMjliYWQ2ZjJiY2Y4NmZhYjFjMDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJxK90RY3x+Zmd4B1HFR6D1NglEQ
4usOGow/1rhtyo5Ltk1P4elivYEuDElIpCcQEYv5UhnQdQZRrAHPgBQS5nNFWNkO
poJrL6RtE8sHEIU+RFO91gPexk8nEQJxFXqlCEHLIfFufNIZ1U0hyfkjJ01PVhxv
59utjLUZ3MW+0NmU6+3RJRnibcQ+KsFtkWZDf0/UypY/hyv3BrWQa16JlghAVKQM
N19vv/muPuDP4AcI0gR8caSkW0OYJHYV6CAJTXhtwIFTBaM7eE1etoUQI0D5gWKg
OCcB1FPU8bqL7V6S+wEUIB4UGi7enYohgcgQzHGwewE7rQ03AS9jW8S9HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/QlMyjnaJhtDKbrW8rz4b6scA8MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvWDlDVXpLT2RvbUcwTXB1dGJ5dlBodnF4d0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbW8wMA0G
CSqGSIb3DQEBCwUAA4IBAQBEUrXQYpT1N7RoY917/06C1op2ZzPUBsHjTHZqBt+x
ML8NjzeoAMF82VV2Cbcza0xc/dmaWmTFYvNgrBdwWQIUzHG8xabb1LSJBJFhspfm
MCAzsdfNItuPYS6PLcw6+6RV16KLMKgPX1I2zQW6N5Oehm0T675m/Yfhq6HUk2lS
UXiZFNb+nrfbm1GMJgtXXWYnV5UUvqh0mX+hIgChk40MJj7/d9eJwV7MhKT0L4Dv
HRpZicfCs4lxZJlumGInTpHOJCo5XeMIS/EiV3I8X6KDpLPM8+zsaZ2kqW5HZ52M
0v/OgUBYtE7BPm/SCJSiLA0oKlkNpr/c/L+4lpkhjhWE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:48 2025 by rpki-client