Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/zBQhb7-EoMg7vWLm9p0ix6X02fk.roa
File: zBQhb7-EoMg7vWLm9p0ix6X02fk.roa (raw, json)
Hash identifier: oSAmxwnNNTrv2VHErH0BYRBY55gVvEPhhGQ7ge6Ho/U=
Subject key identifier: CC:14:21:6F:BF:84:A0:C8:3B:BD:62:E6:F6:9D:22:C7:A5:F4:D9:F9
Certificate issuer: /CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Certificate serial: 03E1D4EE
Authority key identifier: 9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/zBQhb7-EoMg7vWLm9p0ix6X02fk.roa
Signing time: Sat 01 Jan 2022 14:06:26 +0000
ROA not before: Sat 01 Jan 2022 14:06:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43510
IP address blocks: 109.239.4.0/24 maxlen: 24
109.239.0.0/23 maxlen: 23
109.239.0.0/20 maxlen: 20
109.239.3.0/24 maxlen: 24
109.239.2.0/24 maxlen: 24
109.239.5.0/24 maxlen: 24
109.239.11.0/24 maxlen: 24
109.239.7.0/24 maxlen: 24
109.239.6.0/24 maxlen: 24
109.239.8.0/24 maxlen: 24
109.239.10.0/24 maxlen: 24
109.239.9.0/24 maxlen: 24
109.239.12.0/24 maxlen: 24
109.239.13.0/24 maxlen: 24
109.239.15.0/24 maxlen: 24
109.239.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65131758 (0x3e1d4ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Validity
Not Before: Jan 1 14:06:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc14216fbf84a0c83bbd62e6f69d22c7a5f4d9f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:0c:b3:4e:f1:5a:4a:a2:72:2e:ec:0d:5d:
c1:52:e5:3b:e9:95:d6:2a:95:3e:34:0c:34:04:c1:
98:7a:51:62:23:ff:2e:9c:73:cf:ab:c9:e3:60:85:
c5:a2:9a:05:0b:63:d1:95:86:1a:88:6d:6a:80:9b:
7f:a2:27:87:e3:d9:b8:35:d4:b8:05:cf:68:ee:65:
88:e3:61:d5:d7:75:a1:14:89:df:e1:18:12:8d:02:
50:f9:74:7e:95:84:56:40:4a:4c:a6:bd:97:cc:db:
ea:41:04:9f:81:4a:ba:0a:47:40:78:a6:4f:53:78:
78:47:0c:f3:c6:a0:4b:6d:d5:3d:68:43:18:1b:d4:
3c:dc:6c:4b:bd:2e:b0:4e:7b:22:b7:48:4c:3d:90:
1b:c5:4d:77:ab:7f:29:6b:3b:4e:92:ad:99:3e:b5:
0b:cd:25:82:aa:03:ad:b2:5e:d4:84:46:49:98:64:
0c:6f:5f:85:b4:d7:bc:5c:b7:af:e0:65:71:ff:6b:
13:9f:f5:67:bf:d1:fc:ce:ec:2f:57:e2:6a:85:32:
2f:f9:b9:cd:bb:eb:9e:e7:86:81:ad:ed:fe:91:cc:
62:5f:ff:15:a9:90:a4:b6:7f:3f:b6:66:2c:e4:b9:
8f:9f:dc:39:4e:84:ee:dc:ab:4f:f6:6f:b2:0e:5d:
d8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:14:21:6F:BF:84:A0:C8:3B:BD:62:E6:F6:9D:22:C7:A5:F4:D9:F9
X509v3 Authority Key Identifier:
keyid:9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/zBQhb7-EoMg7vWLm9p0ix6X02fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.239.0.0/20
Signature Algorithm: sha256WithRSAEncryption
32:fe:7c:60:8e:7d:fc:0a:1b:05:ba:3e:ee:a9:79:a8:80:fd:
bd:26:9d:dc:de:02:c2:31:b8:90:87:d6:86:1f:55:5c:c1:43:
cd:1a:15:1e:f6:03:b5:bd:f8:b4:d1:eb:35:54:22:ac:95:5a:
af:24:55:75:e8:5c:7e:be:ef:65:7f:00:ad:be:80:be:6f:47:
80:1f:1f:40:aa:4d:4a:18:ac:14:a3:6f:f2:a7:f9:0d:40:0b:
c4:a4:7d:b8:76:88:23:6f:d0:11:3e:1d:94:3e:c5:fb:e2:94:
b7:53:c0:9e:53:eb:22:a5:e6:7a:df:54:34:a7:85:49:0f:ab:
1b:b5:9e:a7:c9:d0:f4:8b:31:95:87:58:c9:41:b9:b9:fe:93:
1b:a8:60:06:49:3d:e6:b9:eb:75:33:a1:0f:1e:1c:6b:5b:3e:
ca:16:85:84:a5:82:51:42:49:5c:b1:f8:d0:70:39:f0:7a:08:
48:a4:ec:c9:9e:ad:68:86:46:b6:4e:23:ed:0a:c5:e5:ac:ee:
13:2b:6c:7b:83:07:b9:ef:53:7a:56:ab:dd:7c:62:4e:2c:30:
69:e6:ef:36:44:c0:a4:45:0e:2b:db:0d:52:7b:56:90:28:7b:
c6:5c:03:e0:25:7b:de:e9:d1:bf:a4:b1:46:3e:f1:19:bf:dd:
e0:8d:81:c3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+HU7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWIyZjk5NzVhOTFlNzEzNzlkYTEwMGVjODRiZDQ0YTBhMjgwZDliMB4XDTIyMDEw
MTE0MDYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2MxNDIxNmZiZjg0
YTBjODNiYmQ2MmU2ZjY5ZDIyYzdhNWY0ZDlmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI0BDLNO8VpKonIu7A1dwVLlO+mV1iqVPjQMNATBmHpRYiP/
Lpxzz6vJ42CFxaKaBQtj0ZWGGohtaoCbf6Inh+PZuDXUuAXPaO5liONh1dd1oRSJ
3+EYEo0CUPl0fpWEVkBKTKa9l8zb6kEEn4FKugpHQHimT1N4eEcM88agS23VPWhD
GBvUPNxsS70usE57IrdITD2QG8VNd6t/KWs7TpKtmT61C80lgqoDrbJe1IRGSZhk
DG9fhbTXvFy3r+Blcf9rE5/1Z7/R/M7sL1fiaoUyL/m5zbvrnueGga3t/pHMYl//
FamQpLZ/P7ZmLOS5j5/cOU6E7tyrT/Zvsg5d2EcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMFCFvv4SgyDu9Yub2nSLHpfTZ+TAfBgNVHSMEGDAWgBSasvmXWpHnE3na
EA7IS9RKCigNmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21yTDVsMXFSNXhONTJoQU95RXZVU2dvb0Racy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvMDdhNDg3LTI2Y2ItNGIxOC1iYjM5LTE1ZmUwNmZmZjhiYy8x
L3pCUWhiNy1Fb01nN3ZXTG05cDBpeDZYMDJmay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
MDdhNDg3LTI2Y2ItNGIxOC1iYjM5LTE1ZmUwNmZmZjhiYy8xL21yTDVsMXFSNXhO
NTJoQU95RXZVU2dvb0Racy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBG3vADANBgkqhkiG9w0BAQsFAAOC
AQEAMv58YI59/AobBbo+7ql5qID9vSad3N4CwjG4kIfWhh9VXMFDzRoVHvYDtb34
tNHrNVQirJVaryRVdehcfr7vZX8Arb6Avm9HgB8fQKpNShisFKNv8qf5DUALxKR9
uHaII2/QET4dlD7F++KUt1PAnlPrIqXmet9UNKeFSQ+rG7Wep8nQ9IsxlYdYyUG5
uf6TG6hgBkk95rnrdTOhDx4ca1s+yhaFhKWCUUJJXLH40HA58HoISKTsyZ6taIZG
tk4j7QrF5azuEytse4MHue9Telar3XxiTiwwaebvNkTApEUOK9sNUntWkCh7xlwD
4CV73unRv6SxRj7xGb/d4I2Bww==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:22 2025 by rpki-client