Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/nMlRylvIp7yhE2Yo1fNfU0vY9rQ.roa
File: nMlRylvIp7yhE2Yo1fNfU0vY9rQ.roa (raw, json)
Hash identifier: 2Sn9tbRymDrxYACtA5qGsNhjkQiZpZFyXbU/N+bDhvc=
Subject key identifier: 9C:C9:51:CA:5B:C8:A7:BC:A1:13:66:28:D5:F3:5F:53:4B:D8:F6:B4
Certificate issuer: /CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Certificate serial: 03703CAA
Authority key identifier: 9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/nMlRylvIp7yhE2Yo1fNfU0vY9rQ.roa
Signing time: Mon 20 Jun 2022 10:24:47 +0000
ROA not before: Mon 20 Jun 2022 10:24:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207251
IP address blocks: 109.235.194.0/23 maxlen: 23
109.235.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57687210 (0x3703caa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Validity
Not Before: Jun 20 10:24:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cc951ca5bc8a7bca1136628d5f35f534bd8f6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:67:6b:6b:01:15:c9:2b:a5:9c:d9:e0:a0:
a0:9c:e2:bd:53:7b:a6:83:de:65:70:a1:b6:d2:d3:
41:24:2d:d6:f2:c3:53:24:c7:21:3b:76:25:3c:49:
b2:95:b4:bb:da:39:67:6d:76:75:71:d5:2b:64:2c:
ce:2a:4b:6a:cb:b2:a7:50:d3:f6:29:1c:4e:97:6c:
07:7b:71:31:78:31:24:8d:64:3a:81:99:7c:57:78:
39:0c:0d:5a:89:a5:05:ce:d5:e2:bc:60:63:fd:36:
36:fd:36:1b:65:b1:0f:05:7f:bf:e1:49:ce:0d:cd:
26:51:69:b5:d9:fa:51:6a:7f:76:78:48:ed:1f:f8:
c4:f6:93:01:81:96:ec:cb:04:5d:17:fc:3a:46:3b:
c5:97:37:5e:48:36:1d:8c:66:46:02:2f:4f:fe:1c:
73:9b:f7:41:f4:b2:2d:41:80:63:28:21:25:9e:1d:
d8:07:c5:f5:d2:e7:50:ed:8c:2b:17:99:01:df:b9:
cf:91:f1:76:6c:2e:95:35:3e:36:60:81:ec:b7:88:
39:0f:37:2d:28:c8:ea:a7:b7:67:3c:47:d4:1d:99:
c2:21:40:85:0c:19:d0:97:0c:c6:0f:1f:62:63:c2:
0a:b9:fb:54:21:30:f4:11:30:5a:bc:81:69:98:42:
a1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C9:51:CA:5B:C8:A7:BC:A1:13:66:28:D5:F3:5F:53:4B:D8:F6:B4
X509v3 Authority Key Identifier:
keyid:9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/nMlRylvIp7yhE2Yo1fNfU0vY9rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.194.0-109.235.196.255
Signature Algorithm: sha256WithRSAEncryption
83:07:a8:1a:c2:cd:34:52:93:91:23:03:0c:2c:b1:b6:8f:8d:
6a:89:cf:36:6c:df:f6:51:52:be:8f:8e:83:e2:1d:74:25:e7:
28:5e:2e:aa:42:0d:60:f8:c4:7f:eb:ab:ee:31:16:d4:1b:15:
61:aa:56:69:9d:b3:82:14:55:4f:18:fe:5c:18:c6:55:78:5f:
ea:9c:e2:4d:a8:56:9b:24:07:7a:a7:82:d0:23:f6:a6:f7:51:
b8:2b:d7:61:2a:68:b3:c2:f6:a4:5e:ed:bb:3a:c8:5d:08:ae:
d6:9b:37:c7:e7:86:65:78:31:c8:20:99:4f:ca:9a:f1:72:fd:
ea:72:59:06:1c:48:30:f5:bf:fa:e8:30:1e:a5:19:27:af:ed:
f7:35:4f:be:f1:a9:07:3e:7b:ca:ca:1d:7b:b5:c4:74:32:93:
28:8f:bd:ae:1c:5b:06:68:68:b0:23:26:d9:1a:77:48:d4:65:
b8:06:7f:df:7c:db:9d:47:11:a4:39:e2:5b:85:95:9c:9e:86:
de:42:02:69:a9:36:c4:4b:aa:f5:dc:3c:1c:b3:d0:3a:29:b0:
dc:10:ef:48:c5:a2:93:bc:9b:57:ef:23:51:82:ff:38:47:bf:
4b:0b:2b:34:8f:71:e9:15:2c:2b:8a:f7:ba:50:bc:eb:cb:c6:
2f:d0:5d:d1
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA3A8qjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmVkMzZhZjEzZGE0ODJmZGY3OWZiNTQwM2U1MDc0ODYwZWVjZDBkMB4XDTIyMDYy
MDEwMjQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNjOTUxY2E1YmM4
YTdiY2ExMTM2NjI4ZDVmMzVmNTM0YmQ4ZjZiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPxZ2trARXJK6Wc2eCgoJzivVN7poPeZXChttLTQSQt1vLD
UyTHITt2JTxJspW0u9o5Z212dXHVK2QszipLasuyp1DT9ikcTpdsB3txMXgxJI1k
OoGZfFd4OQwNWomlBc7V4rxgY/02Nv02G2WxDwV/v+FJzg3NJlFptdn6UWp/dnhI
7R/4xPaTAYGW7MsEXRf8OkY7xZc3Xkg2HYxmRgIvT/4cc5v3QfSyLUGAYyghJZ4d
2AfF9dLnUO2MKxeZAd+5z5HxdmwulTU+NmCB7LeIOQ83LSjI6qe3ZzxH1B2ZwiFA
hQwZ0JcMxg8fYmPCCrn7VCEw9BEwWryBaZhCoS0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBScyVHKW8invKETZijV819TS9j2tDAfBgNVHSMEGDAWgBSb7TavE9pIL995
+1QD5QdIYO7NDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20tMDJyeFBhU0NfZmVmdFVBLVVIU0dEdXpRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNGIwMjgzLWE5MGMtNGQ2NC04MzAxLWQyMjFlYmQwODE4ZC8x
L25NbFJ5bHZJcDd5aEUyWW8xZk5mVTB2WTlyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NGIwMjgzLWE5MGMtNGQ2NC04MzAxLWQyMjFlYmQwODE4ZC8xL20tMDJyeFBhU0Nf
ZmVmdFVBLVVIU0dEdXpRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBbevCAwQAbevEMA0GCSqGSIb3
DQEBCwUAA4IBAQCDB6gaws00UpORIwMMLLG2j41qic82bN/2UVK+j46D4h10Jeco
Xi6qQg1g+MR/66vuMRbUGxVhqlZpnbOCFFVPGP5cGMZVeF/qnOJNqFabJAd6p4LQ
I/am91G4K9dhKmizwvakXu27OshdCK7WmzfH54ZleDHIIJlPyprxcv3qclkGHEgw
9b/66DAepRknr+33NU++8akHPnvKyh17tcR0MpMoj72uHFsGaGiwIybZGndI1GW4
Bn/ffNudRxGkOeJbhZWcnobeQgJpqTbES6r13Dwcs9A6KbDcEO9IxaKTvJtX7yNR
gv84R79LCys0j3HpFSwrive6ULzry8Yv0F3R
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:11 2025 by rpki-client