Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/e8-J1NWZ8CduRBpYwK8m6PG1umM.roa
File: e8-J1NWZ8CduRBpYwK8m6PG1umM.roa (raw, json)
Hash identifier: py3aX5qmP5L4h0h2PTB8Fmg+bIMk6AdObjXdv15ALNw=
Subject key identifier: 7B:CF:89:D4:D5:99:F0:27:6E:44:1A:58:C0:AF:26:E8:F1:B5:BA:63
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018B135610EB5AA518A84C3E61141466A19D
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/e8-J1NWZ8CduRBpYwK8m6PG1umM.roa
Signing time: Mon 09 Oct 2023 07:28:09 +0000
ROA not before: Mon 09 Oct 2023 07:28:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13347
IP address blocks: 109.111.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:56:10:eb:5a:a5:18:a8:4c:3e:61:14:14:66:a1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 9 07:28:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bcf89d4d599f0276e441a58c0af26e8f1b5ba63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:88:85:f1:a7:a5:09:8b:76:a6:f1:5f:cf:6a:
d2:b8:ed:29:d6:c6:32:6a:94:78:f6:94:ea:7c:0e:
03:28:f4:dd:13:e6:ab:94:87:ac:c3:c2:3c:34:25:
96:69:de:90:6b:60:e3:4c:8d:86:fa:ed:92:83:43:
22:2f:7c:cc:ed:85:ca:95:2f:72:eb:4c:e5:65:8a:
fa:62:43:3d:2a:24:41:df:6d:c2:bf:cf:47:66:85:
8c:4f:11:e1:ae:ed:cb:bf:d7:59:31:de:33:b4:91:
3e:6c:e7:64:40:1c:84:16:3c:d8:e0:a8:7a:34:4b:
9e:94:65:4d:1b:1c:9d:38:c6:19:c7:72:23:a4:c3:
69:80:cd:8d:ba:89:da:5c:82:f3:da:97:12:eb:6a:
df:2b:4b:ee:01:5c:4b:db:0e:2c:bc:02:9b:c2:c0:
0d:87:98:72:32:8e:bf:3b:b8:78:de:05:65:e3:3b:
50:b4:65:10:44:f3:01:0f:fe:d3:3c:f9:fe:b3:09:
c4:1d:4b:32:ef:a4:9b:3b:7a:3c:b0:f8:ba:17:8e:
e9:87:aa:1c:17:1a:ec:b9:db:8f:b9:0d:12:9b:40:
23:cd:b0:80:b1:00:d0:be:4c:d9:08:75:43:1f:ff:
6c:83:0e:24:ae:37:13:87:eb:3b:e2:e9:a1:7c:c5:
7d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CF:89:D4:D5:99:F0:27:6E:44:1A:58:C0:AF:26:E8:F1:B5:BA:63
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/e8-J1NWZ8CduRBpYwK8m6PG1umM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:31:3f:88:1c:27:25:bf:0e:56:0f:8a:52:2f:d4:63:6b:62:
a3:8d:5a:66:f6:00:ee:67:33:3c:d4:9b:f8:05:08:88:15:02:
71:01:c1:28:ef:f9:83:25:6c:91:e7:0c:6a:0f:db:9d:3e:e3:
61:8e:b9:98:bd:3d:5b:e1:20:9a:77:e1:00:d7:4d:6a:1d:4d:
10:de:81:a9:12:94:0a:32:14:79:d6:2d:5a:1e:0d:25:fd:22:
c4:0b:9a:4d:af:24:9c:db:34:35:74:35:bb:3a:5b:1d:b5:67:
29:49:a1:5c:83:41:99:eb:98:9c:61:5f:c1:23:cd:a0:68:5f:
c0:bb:9b:1e:76:93:7c:fd:11:bd:02:8c:c4:9a:f7:82:a9:c4:
3c:97:d4:f8:20:54:7d:bb:78:84:17:68:2b:5a:da:71:04:0c:
75:18:b6:25:01:d6:b1:c5:98:5d:e2:b2:3d:50:d0:44:2d:d8:
63:d8:8a:6c:e3:c2:e3:c4:0d:f5:58:1c:c6:64:3a:01:f5:3e:
cf:f1:7a:dc:6c:90:c9:44:87:68:bb:6f:d7:24:de:06:39:be:
e8:19:fd:f9:f7:8e:05:07:23:85:87:0b:7c:af:50:eb:77:ac:
fd:49:bc:be:37:f0:e0:9f:03:0c:a5:37:15:57:d2:7d:92:e0:
da:dc:39:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsTVhDrWqUYqEw+YRQUZqGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMDA5MDcyODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmNmODlkNGQ1OTlmMDI3NmU0NDFhNThjMGFmMjZlOGYxYjViYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooiF8aelCYt2pvFfz2rSuO0p1sYy
apR49pTqfA4DKPTdE+arlIesw8I8NCWWad6Qa2DjTI2G+u2Sg0MiL3zM7YXKlS9y
60zlZYr6YkM9KiRB323Cv89HZoWMTxHhru3Lv9dZMd4ztJE+bOdkQByEFjzY4Kh6
NEuelGVNGxydOMYZx3IjpMNpgM2NuonaXILz2pcS62rfK0vuAVxL2w4svAKbwsAN
h5hyMo6/O7h43gVl4ztQtGUQRPMBD/7TPPn+swnEHUsy76SbO3o8sPi6F47ph6oc
FxrsuduPuQ0Sm0AjzbCAsQDQvkzZCHVDH/9sgw4krjcTh+s74umhfMV9yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvPidTVmfAnbkQaWMCvJujxtbpjMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZTgtSjFOV1o4Q2R1UkJwWXdLOG02UEcxdW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbW8gMA0G
CSqGSIb3DQEBCwUAA4IBAQClMT+IHCclvw5WD4pSL9Rja2KjjVpm9gDuZzM81Jv4
BQiIFQJxAcEo7/mDJWyR5wxqD9udPuNhjrmYvT1b4SCad+EA101qHU0Q3oGpEpQK
MhR51i1aHg0l/SLEC5pNrySc2zQ1dDW7OlsdtWcpSaFcg0GZ65icYV/BI82gaF/A
u5sedpN8/RG9AozEmveCqcQ8l9T4IFR9u3iEF2grWtpxBAx1GLYlAdaxxZhd4rI9
UNBELdhj2Ips48LjxA31WBzGZDoB9T7P8XrcbJDJRIdou2/XJN4GOb7oGf35944F
ByOFhwt8r1Drd6z9Sby+N/DgnwMMpTcVV9J9kuDa3DkC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:55 2025 by rpki-client