Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0makA2LRfdCDhaLYMA1KMu1hG3w.roa
File: 0makA2LRfdCDhaLYMA1KMu1hG3w.roa (raw, json)
Hash identifier: ukqpGwR9pVXqNFT3QNlPqrFa4dPeATs4sglNXBRAyOc=
Subject key identifier: D2:66:A4:03:62:D1:7D:D0:83:85:A2:D8:30:0D:4A:32:ED:61:1B:7C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B1004113F8BF3A6023D7F67E9AB863984
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0makA2LRfdCDhaLYMA1KMu1hG3w.roa
Signing time: Sun 08 Oct 2023 15:59:43 +0000
ROA not before: Sun 08 Oct 2023 15:59:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216200
IP address blocks: 109.176.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:10:04:11:3f:8b:f3:a6:02:3d:7f:67:e9:ab:86:39:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 8 15:59:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d266a40362d17dd08385a2d8300d4a32ed611b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6e:10:21:d5:49:3e:e3:d6:48:35:90:83:e8:
cb:c8:eb:3d:3e:f3:91:27:4e:1a:ed:de:26:c9:bd:
36:a9:65:ef:ef:21:b9:49:75:07:ed:79:8c:a0:5b:
0c:fc:b0:80:c8:8f:73:39:98:07:a8:a0:60:60:90:
95:c7:07:c3:08:ae:95:fd:ee:6c:ba:4e:69:06:84:
68:ee:db:be:5a:23:ec:a0:46:d3:66:4a:1f:97:6b:
76:d7:03:e7:ce:ef:b1:17:43:e3:74:55:bf:b4:ab:
2d:1e:05:00:41:69:d6:6c:a1:d8:14:1f:91:0a:51:
b2:06:25:f5:c2:7e:1b:e0:65:79:7b:f5:42:ee:ad:
06:93:d6:4a:a6:a0:53:12:5d:79:76:6c:a3:bb:7f:
c5:09:54:7d:0a:d7:b5:24:fc:07:9c:7b:41:d4:1a:
ab:64:94:38:e7:6a:e6:b5:d2:fc:63:fd:3e:94:92:
3d:db:6d:1f:25:65:6b:45:6a:67:4e:69:ac:af:ba:
5b:be:06:25:9f:01:8f:5e:b7:18:50:19:13:a2:02:
08:58:2b:3c:ea:5b:a9:e7:e6:48:e5:93:0b:f3:7d:
95:8e:39:90:2d:f5:31:90:8f:47:09:9d:c4:5e:a5:
84:24:06:93:ee:52:5b:32:ee:e0:73:46:ed:6f:ab:
00:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:66:A4:03:62:D1:7D:D0:83:85:A2:D8:30:0D:4A:32:ED:61:1B:7C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0makA2LRfdCDhaLYMA1KMu1hG3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.240.0/24
Signature Algorithm: sha256WithRSAEncryption
20:ce:4d:96:74:4e:4e:92:a1:fb:d0:dc:65:ee:4d:fb:3e:c4:
0c:67:a2:b9:ac:af:4d:6a:5b:c4:2f:06:84:1e:ea:a7:50:dd:
46:83:17:d3:ab:62:4d:07:e1:3a:4a:d4:75:e8:7d:87:54:d7:
31:47:8f:a4:01:a6:d3:b2:b5:98:82:31:dd:ed:5c:af:07:21:
5c:ea:38:77:84:f4:8b:c6:50:37:e3:c1:f6:74:bf:25:ef:2a:
eb:df:ae:76:cf:7e:58:02:01:b4:9f:6c:3e:28:05:a7:91:c4:
2b:56:c6:71:c3:a5:24:aa:40:89:d8:6b:25:9f:81:71:42:49:
5d:f3:26:c9:22:4c:be:38:c6:9c:c4:3c:bf:b4:58:51:24:81:
8f:53:a0:e8:79:16:94:47:36:25:72:ee:ff:c5:f3:64:62:a2:
e0:44:8a:fd:7a:4e:0a:3c:b4:83:83:46:fb:92:b2:5f:ec:3b:
dd:6b:60:9f:8f:e0:f6:69:53:46:b1:da:89:39:0b:a0:b7:43:
6b:96:eb:19:6a:20:7f:32:60:d4:81:58:b0:2c:f3:7f:a1:72:
82:63:3d:04:6a:0c:f9:1e:a4:4c:ed:69:b9:ab:43:59:d0:e7:
ca:20:3d:91:cf:bc:5e:27:1d:80:16:dc:be:9a:a7:12:11:e6:
2d:a7:78:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsQBBE/i/OmAj1/Z+mrhjmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDA4MTU1OTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY2YTQwMzYyZDE3ZGQwODM4NWEyZDgzMDBkNGEzMmVkNjExYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm4QIdVJPuPWSDWQg+jLyOs9PvOR
J04a7d4myb02qWXv7yG5SXUH7XmMoFsM/LCAyI9zOZgHqKBgYJCVxwfDCK6V/e5s
uk5pBoRo7tu+WiPsoEbTZkofl2t21wPnzu+xF0PjdFW/tKstHgUAQWnWbKHYFB+R
ClGyBiX1wn4b4GV5e/VC7q0Gk9ZKpqBTEl15dmyju3/FCVR9Cte1JPwHnHtB1Bqr
ZJQ452rmtdL8Y/0+lJI9220fJWVrRWpnTmmsr7pbvgYlnwGPXrcYUBkTogIIWCs8
6lup5+ZI5ZML832VjjmQLfUxkI9HCZ3EXqWEJAaT7lJbMu7gc0btb6sAowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJmpANi0X3Qg4Wi2DANSjLtYRt8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMG1ha0EyTFJmZENEaGFMWU1BMUtNdTFoRzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDwMA0G
CSqGSIb3DQEBCwUAA4IBAQAgzk2WdE5OkqH70Nxl7k37PsQMZ6K5rK9NalvELwaE
HuqnUN1GgxfTq2JNB+E6StR16H2HVNcxR4+kAabTsrWYgjHd7VyvByFc6jh3hPSL
xlA348H2dL8l7yrr3652z35YAgG0n2w+KAWnkcQrVsZxw6UkqkCJ2Gsln4FxQkld
8ybJIky+OMacxDy/tFhRJIGPU6DoeRaURzYlcu7/xfNkYqLgRIr9ek4KPLSDg0b7
krJf7Dvda2Cfj+D2aVNGsdqJOQugt0NrlusZaiB/MmDUgViwLPN/oXKCYz0Eagz5
HqRM7Wm5q0NZ0OfKID2Rz7xeJx2AFty+mqcSEeYtp3jJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:12 2025 by rpki-client