Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/ER7XFDJyhrhtimrEouVO8rRoREU.roa
File: ER7XFDJyhrhtimrEouVO8rRoREU.roa (raw, json)
Hash identifier: qFXwZdBondSkAOJ3csc/lVo1TvVKBPSop07S467ZRrc=
Subject key identifier: 11:1E:D7:14:32:72:86:B8:6D:8A:6A:C4:A2:E5:4E:F2:B4:68:44:45
Certificate issuer: /CN=67cc3a523bea224a74bc96a4af4164c24786b82e
Certificate serial: 034A1949
Authority key identifier: 67:CC:3A:52:3B:EA:22:4A:74:BC:96:A4:AF:41:64:C2:47:86:B8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8w6UjvqIkp0vJakr0FkwkeGuC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/ER7XFDJyhrhtimrEouVO8rRoREU.roa
Signing time: Sat 01 Jan 2022 08:05:11 +0000
ROA not before: Sat 01 Jan 2022 08:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39305
IP address blocks: 109.206.228.0/22 maxlen: 22
2a0d:c440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55187785 (0x34a1949)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cc3a523bea224a74bc96a4af4164c24786b82e
Validity
Not Before: Jan 1 08:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=111ed714327286b86d8a6ac4a2e54ef2b4684445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:8f:37:ba:c5:f3:2c:40:e9:2c:82:9d:65:
6d:bf:69:66:3f:9a:19:a2:d1:69:87:6e:d1:bb:a9:
13:73:9b:26:e2:a6:48:89:72:4f:45:b7:32:35:be:
aa:52:09:65:67:66:7e:ac:9f:6b:54:e0:8c:eb:0d:
85:7e:01:8d:06:56:bc:af:6d:5a:5d:18:05:92:a9:
e4:15:12:71:95:94:96:b6:d7:cf:47:a8:2d:1f:d1:
0b:96:b5:36:a7:b4:f8:84:3d:ac:db:2a:d3:68:a6:
62:6a:f8:38:1b:2e:a9:82:30:a9:52:e7:7d:b9:c6:
3d:79:30:6a:8a:24:6f:89:03:34:25:ab:6b:f9:27:
02:51:a9:e9:1d:24:e4:54:41:6e:75:e2:dd:66:af:
6e:74:a0:76:cb:c0:eb:df:ef:70:b2:de:ad:d1:1d:
91:93:72:6f:f0:f0:72:cf:90:8e:14:8a:a5:93:9b:
ba:d8:ff:48:3c:5a:29:1c:23:99:fd:bb:0c:da:29:
ba:3b:27:31:f2:9e:de:8a:76:71:28:66:ef:cb:73:
5a:39:9c:27:7d:bb:6e:49:ee:6d:c7:b3:15:f2:d3:
59:00:ae:79:8d:8b:f1:6b:84:25:b5:12:19:5d:07:
a0:cd:1c:da:bb:23:2c:dc:67:ef:bf:ef:8b:64:6c:
92:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1E:D7:14:32:72:86:B8:6D:8A:6A:C4:A2:E5:4E:F2:B4:68:44:45
X509v3 Authority Key Identifier:
keyid:67:CC:3A:52:3B:EA:22:4A:74:BC:96:A4:AF:41:64:C2:47:86:B8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8w6UjvqIkp0vJakr0FkwkeGuC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/ER7XFDJyhrhtimrEouVO8rRoREU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bc9174-a3d1-4058-aa0a-7cfb19f6e133/1/Z8w6UjvqIkp0vJakr0FkwkeGuC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.228.0/22
IPv6:
2a0d:c440::/29
Signature Algorithm: sha256WithRSAEncryption
59:29:de:53:0f:c1:78:cb:97:d8:c0:0a:e0:dd:f9:0b:d5:70:
7b:f7:65:7e:02:a3:53:7a:bb:e7:1a:8a:68:cc:f6:3e:e6:ee:
8a:98:46:4e:8e:df:8d:0c:42:a0:08:a7:19:fa:00:55:8a:71:
9e:74:f6:96:80:54:40:3c:30:da:88:c8:d7:8f:06:94:07:6b:
c1:b7:dc:d4:b6:b7:7c:87:24:aa:7c:28:86:f4:1e:15:66:0b:
45:36:1e:8f:ee:be:06:f1:30:6b:06:92:48:7b:a5:f2:a5:2a:
ed:9d:ed:85:97:63:40:c9:57:e3:0f:92:58:51:ee:92:cb:5c:
d8:a0:89:85:ec:58:51:dc:8c:81:db:0c:32:c5:89:17:8b:2c:
10:08:5f:be:2a:0d:1f:30:24:e5:e4:7b:e1:24:c6:a8:01:0f:
26:d8:c8:bd:a9:d7:da:17:8f:40:58:c4:41:1a:67:1f:7b:85:
b2:08:58:5c:2a:82:f8:87:ad:a8:86:af:ed:d6:e6:cf:eb:e5:
c6:66:6a:3d:72:68:0d:10:0a:b1:26:71:02:7b:ea:c3:ea:93:
2d:2a:23:49:6a:2a:41:9f:62:e0:a4:5d:1b:22:db:b1:4d:b6:
89:bb:60:bf:4e:88:43:45:11:df:ee:d5:bf:a7:ea:85:f7:86:
24:04:aa:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA0oZSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2NjM2E1MjNiZWEyMjRhNzRiYzk2YTRhZjQxNjRjMjQ3ODZiODJlMB4XDTIyMDEw
MTA4MDUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTExZWQ3MTQzMjcy
ODZiODZkOGE2YWM0YTJlNTRlZjJiNDY4NDQ0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJydjze6xfMsQOksgp1lbb9pZj+aGaLRaYdu0bupE3ObJuKm
SIlyT0W3MjW+qlIJZWdmfqyfa1TgjOsNhX4BjQZWvK9tWl0YBZKp5BUScZWUlrbX
z0eoLR/RC5a1Nqe0+IQ9rNsq02imYmr4OBsuqYIwqVLnfbnGPXkwaookb4kDNCWr
a/knAlGp6R0k5FRBbnXi3WavbnSgdsvA69/vcLLerdEdkZNyb/Dwcs+QjhSKpZOb
utj/SDxaKRwjmf27DNopujsnMfKe3op2cShm78tzWjmcJ327bknubcezFfLTWQCu
eY2L8WuEJbUSGV0HoM0c2rsjLNxn77/vi2RskpcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQRHtcUMnKGuG2KasSi5U7ytGhERTAfBgNVHSMEGDAWgBRnzDpSO+oiSnS8
lqSvQWTCR4a4LjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o4dzZVanZxSWtwMHZKYWtyMEZrd2tlR3VDNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvYmM5MTc0LWEzZDEtNDA1OC1hYTBhLTdjZmIxOWY2ZTEzMy8x
L0VSN1hGREp5aHJodGltckVvdVZPOHJSb1JFVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
YmM5MTc0LWEzZDEtNDA1OC1hYTBhLTdjZmIxOWY2ZTEzMy8xL1o4dzZVanZxSWtw
MHZKYWtyMEZrd2tlR3VDNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAm3O5DANBAIAAjAHAwUDKg3EQDAN
BgkqhkiG9w0BAQsFAAOCAQEAWSneUw/BeMuX2MAK4N35C9Vwe/dlfgKjU3q75xqK
aMz2PubuiphGTo7fjQxCoAinGfoAVYpxnnT2loBUQDww2ojI148GlAdrwbfc1La3
fIckqnwohvQeFWYLRTYej+6+BvEwawaSSHul8qUq7Z3thZdjQMlX4w+SWFHukstc
2KCJhexYUdyMgdsMMsWJF4ssEAhfvioNHzAk5eR74STGqAEPJtjIvanX2hePQFjE
QRpnH3uFsghYXCqC+IetqIav7dbmz+vlxmZqPXJoDRAKsSZxAnvqw+qTLSojSWoq
QZ9i4KRdGyLbsU22ibtgv06IQ0UR3+7Vv6fqhfeGJASqNg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:25 2025 by rpki-client