Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/dS1E5kXr3RDSL9vwx9rFq5TsKos.roa
File: dS1E5kXr3RDSL9vwx9rFq5TsKos.roa (raw, json)
Hash identifier: OH0eavyvyxzfXufB4t4W7zoPpjF1oX5YTyvqjvpDCOo=
Subject key identifier: 75:2D:44:E6:45:EB:DD:10:D2:2F:DB:F0:C7:DA:C5:AB:94:EC:2A:8B
Certificate issuer: /CN=c2f5fd3023055249f213d15cba000ca026bb6fa3
Certificate serial: 3430A9A5
Authority key identifier: C2:F5:FD:30:23:05:52:49:F2:13:D1:5C:BA:00:0C:A0:26:BB:6F:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvX9MCMFUknyE9FcugAMoCa7b6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/dS1E5kXr3RDSL9vwx9rFq5TsKos.roa
Signing time: Sat 01 Jan 2022 16:02:14 +0000
ROA not before: Sat 01 Jan 2022 16:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29479
IP address blocks: 109.233.56.0/24 maxlen: 24
109.233.58.0/24 maxlen: 24
109.233.57.0/24 maxlen: 24
109.233.63.0/24 maxlen: 24
109.233.59.0/24 maxlen: 24
109.233.62.0/24 maxlen: 24
109.233.61.0/24 maxlen: 24
109.233.60.0/24 maxlen: 24
2a01:8dc0:112::/48 maxlen: 48
2a01:8dc0:110::/48 maxlen: 48
2a01:8dc0:109::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 875604389 (0x3430a9a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2f5fd3023055249f213d15cba000ca026bb6fa3
Validity
Not Before: Jan 1 16:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=752d44e645ebdd10d22fdbf0c7dac5ab94ec2a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f6:64:47:ce:cc:24:3d:21:22:5c:b2:6e:8d:
ef:95:b4:bc:37:e9:74:22:82:9f:c0:f3:f6:be:24:
6e:a3:8b:23:73:39:1c:52:f1:8d:22:5d:40:47:59:
02:9c:4f:f7:5e:75:ed:d6:ce:a2:79:9d:81:b1:cc:
02:c9:42:d1:e8:ac:87:0c:aa:95:59:b8:89:0f:c9:
01:3f:13:d5:a8:f6:57:c3:5f:93:36:a2:b4:54:a3:
ce:5d:ae:17:fa:f3:b0:96:65:18:cf:64:26:8f:48:
d7:06:f9:71:e4:af:83:08:f6:f6:56:00:83:c5:55:
7b:21:84:cc:64:2c:79:b6:67:9b:8d:52:14:01:a3:
98:8c:ed:05:c0:53:f3:7d:4a:05:cc:53:5e:66:a5:
0c:05:52:5a:29:9b:1c:e6:a7:67:bf:ad:7c:aa:65:
5e:97:40:73:26:51:01:5c:7b:39:64:88:fb:7f:d0:
d4:a3:d5:06:79:96:9d:74:02:bc:13:70:f4:2f:b2:
fd:b1:8c:a3:b2:e2:5a:cf:56:42:67:4f:f0:86:95:
ac:6a:e8:2f:c0:ba:7f:10:e9:55:15:b7:0c:c8:59:
f1:d7:bf:05:d9:b3:48:77:57:77:80:c7:fd:4c:b1:
92:86:4c:74:44:59:71:41:22:bd:40:18:86:a3:85:
c5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2D:44:E6:45:EB:DD:10:D2:2F:DB:F0:C7:DA:C5:AB:94:EC:2A:8B
X509v3 Authority Key Identifier:
keyid:C2:F5:FD:30:23:05:52:49:F2:13:D1:5C:BA:00:0C:A0:26:BB:6F:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvX9MCMFUknyE9FcugAMoCa7b6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/dS1E5kXr3RDSL9vwx9rFq5TsKos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/wvX9MCMFUknyE9FcugAMoCa7b6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.56.0/21
IPv6:
2a01:8dc0:109::/48
2a01:8dc0:110::/48
2a01:8dc0:112::/48
Signature Algorithm: sha256WithRSAEncryption
44:a2:32:ee:2b:af:a9:ea:68:93:30:4c:98:dd:e6:6a:9b:9c:
76:85:a5:3e:7d:c1:80:16:cd:dc:9f:e2:d9:8b:ce:99:22:2b:
c8:93:40:b6:c7:41:c4:07:ba:a3:4b:27:e3:36:6e:79:b1:f0:
4a:26:ba:7b:3a:91:27:83:f1:c1:e8:f7:4e:97:eb:9f:59:8f:
a5:b8:16:3a:08:be:4b:f1:6a:79:c2:bf:e2:7a:23:a6:43:6a:
cc:d3:e6:c7:0b:18:36:dc:2c:66:b9:59:ad:89:3b:7e:74:40:
7c:dc:46:30:df:2b:98:4f:97:a7:04:27:dc:59:22:c8:82:02:
8e:6d:8f:89:65:d4:a8:37:64:c8:53:f4:5a:fa:0a:3d:c2:d4:
78:b5:44:10:8d:f0:01:74:16:dc:4c:8b:f3:c2:48:b2:6e:41:
e1:03:16:cf:2b:9a:b2:80:0d:46:e6:07:bf:cb:aa:99:e8:c5:
59:36:50:fa:66:91:b5:ff:5c:a6:54:b5:c5:72:70:85:72:4a:
56:37:9f:69:b2:fb:e0:14:57:e9:f8:04:c9:7d:be:43:b4:49:
54:e1:27:75:17:e5:31:c9:55:cf:91:af:f3:72:9c:67:9c:6e:
d0:c2:04:c2:06:e1:95:55:c3:e4:1f:6f:b8:99:aa:bb:f7:68:
f1:6a:c2:e5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIENDCppTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmY1ZmQzMDIzMDU1MjQ5ZjIxM2QxNWNiYTAwMGNhMDI2YmI2ZmEzMB4XDTIyMDEw
MTE2MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUyZDQ0ZTY0NWVi
ZGQxMGQyMmZkYmYwYzdkYWM1YWI5NGVjMmE4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANj2ZEfOzCQ9ISJcsm6N75W0vDfpdCKCn8Dz9r4kbqOLI3M5
HFLxjSJdQEdZApxP91517dbOonmdgbHMAslC0eishwyqlVm4iQ/JAT8T1aj2V8Nf
kzaitFSjzl2uF/rzsJZlGM9kJo9I1wb5ceSvgwj29lYAg8VVeyGEzGQsebZnm41S
FAGjmIztBcBT831KBcxTXmalDAVSWimbHOanZ7+tfKplXpdAcyZRAVx7OWSI+3/Q
1KPVBnmWnXQCvBNw9C+y/bGMo7LiWs9WQmdP8IaVrGroL8C6fxDpVRW3DMhZ8de/
BdmzSHdXd4DH/UyxkoZMdERZcUEivUAYhqOFxUUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBR1LUTmRevdENIv2/DH2sWrlOwqizAfBgNVHSMEGDAWgBTC9f0wIwVSSfIT
0Vy6AAygJrtvozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d2WDlNQ01GVWtueUU5RmN1Z0FNb0NhN2I2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvY2MwMmUxLThiMzYtNDJhMy1iNzU2LWJlMzQ4NTcwNmE3Zi8x
L2RTMUU1a1hyM1JEU0w5dnd4OXJGcTVUc0tvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
Y2MwMmUxLThiMzYtNDJhMy1iNzU2LWJlMzQ4NTcwNmE3Zi8xL3d2WDlNQ01GVWtu
eUU5RmN1Z0FNb0NhN2I2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEA23pODAhBAIAAjAbAwcAKgGNwAEJ
AwcAKgGNwAEQAwcAKgGNwAESMA0GCSqGSIb3DQEBCwUAA4IBAQBEojLuK6+p6miT
MEyY3eZqm5x2haU+fcGAFs3cn+LZi86ZIivIk0C2x0HEB7qjSyfjNm55sfBKJrp7
OpEng/HB6PdOl+ufWY+luBY6CL5L8Wp5wr/ieiOmQ2rM0+bHCxg23CxmuVmtiTt+
dEB83EYw3yuYT5enBCfcWSLIggKObY+JZdSoN2TIU/Ra+go9wtR4tUQQjfABdBbc
TIvzwkiybkHhAxbPK5qygA1G5ge/y6qZ6MVZNlD6ZpG1/1ymVLXFcnCFckpWN59p
svvgFFfp+ATJfb5DtElU4Sd1F+UxyVXPka/zcpxnnG7QwgTCBuGVVcPkH2+4maq7
92jxasLl
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:34:48 2025 by rpki-client