Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/dM_IQmXwX0F5ntz5WgCeeK76wck.roa
File: dM_IQmXwX0F5ntz5WgCeeK76wck.roa (raw, json)
Hash identifier: 3c25x7t0u40U1M79xdqwSMUHd836O3BbvZS7tzdBDyM=
Subject key identifier: 74:CF:C8:42:65:F0:5F:41:79:9E:DC:F9:5A:00:9E:78:AE:FA:C1:C9
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01856C65ED56BCFB3947EA91D75156076611
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/dM_IQmXwX0F5ntz5WgCeeK76wck.roa
Signing time: Sun 01 Jan 2023 08:14:57 +0000
ROA not before: Sun 01 Jan 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38971
IP address blocks: 109.196.132.0/24 maxlen: 24
178.57.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ed:56:bc:fb:39:47:ea:91:d7:51:56:07:66:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74cfc84265f05f41799edcf95a009e78aefac1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3a:11:af:e1:8f:fd:11:5e:b7:55:94:96:c8:
cc:4b:b0:e6:73:12:f5:6c:5d:51:63:62:fc:bb:c7:
a4:e6:32:69:4b:28:8f:4f:6a:d4:25:8e:e7:31:08:
8e:7b:62:fc:19:9a:7a:d2:06:d8:de:96:74:03:a6:
aa:da:d6:06:f5:48:37:2b:2e:fe:fa:ef:d1:1a:b8:
10:8f:38:1e:c3:4f:45:d7:77:f1:43:8e:ea:7a:b6:
cc:57:7e:88:77:67:bf:8e:15:24:1a:8d:70:e7:2b:
19:8c:92:07:e0:f7:ab:f9:f9:e2:d3:1d:b8:e6:ae:
39:fe:70:1d:02:14:17:42:04:95:6a:54:f4:00:a8:
5e:bc:6a:08:8a:3a:83:0d:56:8d:0f:fc:af:21:f7:
28:70:9b:6a:5a:b0:94:c0:54:50:2a:d2:56:ba:c1:
b2:36:2b:2b:96:ce:69:57:84:16:eb:95:8e:c5:18:
32:0b:28:3d:32:0a:6e:0c:40:f1:46:18:43:fd:ed:
5d:53:da:54:36:eb:a7:be:9a:39:0e:c8:c9:cb:ee:
31:5c:cb:2a:18:94:04:11:0d:46:54:4d:f1:b1:11:
20:9d:04:59:de:ed:64:fc:ac:ba:89:15:e7:91:f6:
d5:26:ba:87:84:e6:92:34:82:7e:98:e6:59:8d:6f:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CF:C8:42:65:F0:5F:41:79:9E:DC:F9:5A:00:9E:78:AE:FA:C1:C9
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/dM_IQmXwX0F5ntz5WgCeeK76wck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.132.0/24
178.57.71.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:86:ec:98:f4:72:b6:1d:a2:65:7e:2b:89:b4:8f:08:d9:d4:
04:02:c8:30:e4:c9:4b:6f:d2:e6:e4:4e:e1:f9:83:4e:01:11:
21:ed:9b:f4:d7:e5:cd:b4:3a:bc:8d:11:ee:3c:85:47:3e:6e:
0d:61:d6:36:d2:f4:0f:ad:2e:e6:56:80:24:f2:94:aa:f7:21:
ad:b4:ea:e5:3f:44:b2:4d:8d:31:9e:91:e4:9d:d0:91:81:12:
c5:0e:c7:c5:85:c7:17:ab:b1:72:73:8c:ed:40:c6:ef:ac:01:
94:b1:cb:14:ff:53:d7:17:1d:ef:4b:48:a5:42:ef:63:52:ce:
e8:96:6f:e2:96:31:28:c0:e4:a7:10:28:b2:10:2c:71:e3:d2:
52:3d:24:1d:68:67:7c:b2:8c:2c:f6:12:66:52:de:dd:5b:0d:
46:67:aa:1f:db:31:c0:3d:45:01:cf:27:76:f8:14:85:89:a4:
06:59:96:4e:6a:c5:1f:fc:cf:a1:78:0d:bf:6c:6d:aa:4c:f6:
0d:11:f4:4d:c8:b5:67:dd:d1:f1:78:93:a9:ad:34:d4:31:a4:
04:24:7c:f3:00:41:33:d3:3a:a8:a8:30:97:f9:d4:22:f5:30:
e7:9f:90:9b:be:bb:3a:28:1a:97:44:e7:59:8a:c3:94:60:54:
1e:81:c0:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsZe1WvPs5R+qR11FWB2YRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjMwMTAxMDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGNmYzg0MjY1ZjA1ZjQxNzk5ZWRjZjk1YTAwOWU3OGFlZmFjMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjToRr+GP/RFet1WUlsjMS7DmcxL1
bF1RY2L8u8ek5jJpSyiPT2rUJY7nMQiOe2L8GZp60gbY3pZ0A6aq2tYG9Ug3Ky7+
+u/RGrgQjzgew09F13fxQ47qerbMV36Id2e/jhUkGo1w5ysZjJIH4Per+fni0x24
5q45/nAdAhQXQgSValT0AKhevGoIijqDDVaND/yvIfcocJtqWrCUwFRQKtJWusGy
Nisrls5pV4QW65WOxRgyCyg9MgpuDEDxRhhD/e1dU9pUNuunvpo5DsjJy+4xXMsq
GJQEEQ1GVE3xsREgnQRZ3u1k/Ky6iRXnkfbVJrqHhOaSNIJ+mOZZjW9VOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTPyEJl8F9BeZ7c+VoAnniu+sHJMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvZE1fSVFtWHdYMEY1bnR6NVdnQ2VlSzc2d2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbcSEAwQA
sjlHMA0GCSqGSIb3DQEBCwUAA4IBAQBNhuyY9HK2HaJlfiuJtI8I2dQEAsgw5MlL
b9Lm5E7h+YNOAREh7Zv01+XNtDq8jRHuPIVHPm4NYdY20vQPrS7mVoAk8pSq9yGt
tOrlP0SyTY0xnpHkndCRgRLFDsfFhccXq7Fyc4ztQMbvrAGUscsU/1PXFx3vS0il
Qu9jUs7olm/iljEowOSnECiyECxx49JSPSQdaGd8sows9hJmUt7dWw1GZ6of2zHA
PUUBzyd2+BSFiaQGWZZOasUf/M+heA2/bG2qTPYNEfRNyLVn3dHxeJOprTTUMaQE
JHzzAEEz0zqoqDCX+dQi9TDnn5Cbvrs6KBqXROdZisOUYFQegcDW
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:30:35 2025 by rpki-client