Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/OjW9Hijk_bw-9bMRtQep_1DtfH8.roa
File: OjW9Hijk_bw-9bMRtQep_1DtfH8.roa (raw, json)
Hash identifier: 9r56Hvfc1E/VTOYaeK/iuK/U7tmi84siCjYB83S+eiE=
Subject key identifier: 3A:35:BD:1E:28:E4:FD:BC:3E:F5:B3:11:B5:07:A9:FF:50:ED:7C:7F
Certificate issuer: /CN=26425863c309f2655b884c1600394c4338e7fb41
Certificate serial: 018C5E0AD27FFA3097764176DFF79FE45C41
Authority key identifier: 26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/OjW9Hijk_bw-9bMRtQep_1DtfH8.roa
Signing time: Tue 12 Dec 2023 12:40:16 +0000
ROA not before: Tue 12 Dec 2023 12:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210511
IP address blocks: 109.107.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:0a:d2:7f:fa:30:97:76:41:76:df:f7:9f:e4:5c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26425863c309f2655b884c1600394c4338e7fb41
Validity
Not Before: Dec 12 12:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a35bd1e28e4fdbc3ef5b311b507a9ff50ed7c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:68:d4:68:39:dc:e4:2a:4b:79:46:1d:af:51:
8a:fc:62:1a:82:10:7f:25:f7:ac:dd:28:a3:fd:1a:
e0:24:98:12:26:b2:5c:27:3d:ab:bb:60:e2:00:66:
8b:e0:c8:1a:63:95:05:83:53:05:d4:9b:f8:60:b4:
a6:e9:9a:d9:1c:a9:c0:31:41:2b:73:9a:ea:06:9e:
5f:fc:db:52:e3:2c:b6:b7:0f:f6:58:ab:94:9b:d2:
82:40:f8:ba:41:61:9e:fa:6c:c2:53:d4:89:ad:86:
67:6e:03:7e:32:05:2c:1b:17:46:37:de:0e:45:19:
2b:78:7e:49:39:98:6d:da:9f:be:3b:e5:21:9f:44:
a6:f8:16:27:d1:ad:8b:59:84:c4:15:72:d4:72:af:
0b:d1:8a:9a:88:ca:10:4b:9e:ba:9c:78:ca:59:01:
e1:d0:f8:04:0b:54:e9:cc:f7:b4:80:46:be:3d:40:
53:e1:6b:30:b4:6e:c4:b5:0d:78:30:f3:a8:60:19:
0c:b6:ae:e3:8a:e7:e6:63:4d:1f:84:12:4f:fe:33:
a1:6f:b4:c2:5b:62:90:b1:68:ea:90:7b:83:1d:83:
93:76:ba:ff:70:ec:42:25:89:a5:94:e2:ea:5f:76:
e5:1f:81:0b:bd:21:01:a5:61:1c:c7:e9:64:17:94:
9f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:35:BD:1E:28:E4:FD:BC:3E:F5:B3:11:B5:07:A9:FF:50:ED:7C:7F
X509v3 Authority Key Identifier:
keyid:26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/OjW9Hijk_bw-9bMRtQep_1DtfH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.154.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:4d:a5:ce:86:88:21:1d:67:de:34:cc:dc:74:ba:83:d9:43:
a5:52:88:8d:2f:02:8c:1e:3a:0c:c3:c2:44:a3:f5:d8:43:5c:
69:c9:ab:07:a8:68:c9:9e:3a:95:26:4c:56:11:71:70:69:ed:
54:83:a5:48:39:57:2d:7a:7c:88:7b:de:2d:e6:8e:cc:74:0e:
1b:fd:bb:30:ef:99:1a:a1:15:6c:d5:d0:0b:ff:3a:24:20:c9:
f1:41:04:94:71:b0:5f:11:43:0b:e0:f0:aa:bd:0f:a9:8e:fd:
14:b7:f0:e5:7b:cf:37:9e:dd:04:0e:dc:d0:9b:db:16:46:9c:
d9:3a:31:7d:3e:0e:63:71:a2:9e:f6:18:c1:89:d2:0d:f7:fc:
90:1c:68:07:36:3d:a0:89:63:2c:9f:1d:b0:42:43:36:8e:8a:
34:f5:16:94:e0:a1:ad:88:14:4b:fe:30:9f:63:3d:e0:81:aa:
31:e5:81:c1:77:40:15:58:d3:b7:87:fd:de:45:08:2f:54:fa:
c6:8d:da:1e:ed:ef:c0:0e:b9:71:69:d4:69:1c:44:78:c8:fa:
fe:43:15:b5:41:64:bf:7b:a5:21:cd:14:50:51:3f:b0:12:4c:
49:54:2d:13:80:ff:c0:6a:05:1a:47:e9:a9:1e:91:fa:b5:9a:
4b:17:cc:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxeCtJ/+jCXdkF23/ef5FxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDI1ODYzYzMwOWYyNjU1Yjg4NGMxNjAwMzk0YzQzMzhl
N2ZiNDEwHhcNMjMxMjEyMTI0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM1YmQxZTI4ZTRmZGJjM2VmNWIzMTFiNTA3YTlmZjUwZWQ3YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWjUaDnc5CpLeUYdr1GK/GIaghB/
Jfes3Sij/RrgJJgSJrJcJz2ru2DiAGaL4MgaY5UFg1MF1Jv4YLSm6ZrZHKnAMUEr
c5rqBp5f/NtS4yy2tw/2WKuUm9KCQPi6QWGe+mzCU9SJrYZnbgN+MgUsGxdGN94O
RRkreH5JOZht2p++O+Uhn0Sm+BYn0a2LWYTEFXLUcq8L0YqaiMoQS566nHjKWQHh
0PgEC1TpzPe0gEa+PUBT4WswtG7EtQ14MPOoYBkMtq7jiufmY00fhBJP/jOhb7TC
W2KQsWjqkHuDHYOTdrr/cOxCJYmllOLqX3blH4ELvSEBpWEcx+lkF5SfMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDo1vR4o5P28PvWzEbUHqf9Q7Xx/MB8GA1UdIwQY
MBaAFCZCWGPDCfJlW4hMFgA5TEM45/tBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMt
YzE0ZjZiYTI1Y2IwLzEvT2pXOUhpamtfYnctOWJNUnRRZXBfMUR0Zkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMtYzE0ZjZiYTI1Y2Iw
LzEvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWuaMA0G
CSqGSIb3DQEBCwUAA4IBAQCfTaXOhoghHWfeNMzcdLqD2UOlUoiNLwKMHjoMw8JE
o/XYQ1xpyasHqGjJnjqVJkxWEXFwae1Ug6VIOVctenyIe94t5o7MdA4b/bsw75ka
oRVs1dAL/zokIMnxQQSUcbBfEUML4PCqvQ+pjv0Ut/Dle883nt0EDtzQm9sWRpzZ
OjF9Pg5jcaKe9hjBidIN9/yQHGgHNj2giWMsnx2wQkM2joo09RaU4KGtiBRL/jCf
Yz3ggaox5YHBd0AVWNO3h/3eRQgvVPrGjdoe7e/ADrlxadRpHER4yPr+QxW1QWS/
e6UhzRRQUT+wEkxJVC0TgP/AagUaR+mpHpH6tZpLF8zh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:02 2025 by rpki-client