Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa
File: 7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa (raw, json)
Hash identifier: ZsM2Td8jkuxFpBJgi/U9Y6barl3JsL83OLlSaMmyEmc=
Subject key identifier: ED:49:72:07:14:36:2F:06:78:0C:5C:AE:93:2A:9C:7F:AB:27:BC:36
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189CF54F4AC10B82AA885CE03E87270639F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa
Signing time: Mon 07 Aug 2023 09:29:58 +0000
ROA not before: Mon 07 Aug 2023 09:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14445
IP address blocks: 109.176.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:54:f4:ac:10:b8:2a:a8:85:ce:03:e8:72:70:63:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 09:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed49720714362f06780c5cae932a9c7fab27bc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fa:4e:0f:10:fe:5d:81:87:29:1f:c3:cb:99:
c7:bc:dc:ba:7c:24:b2:b3:3c:54:e7:10:3b:8d:da:
78:db:81:a5:2b:ee:db:67:d6:69:cb:70:07:72:67:
7a:5d:8c:b2:71:fc:23:e5:cd:cf:10:b5:ed:1c:03:
93:60:df:d3:63:dd:45:e3:aa:71:a1:6b:58:f0:ec:
f5:9d:c7:38:62:83:38:fb:4c:6a:d6:48:00:e6:e5:
ef:94:46:df:6d:8b:01:51:1e:cc:85:77:cb:c0:57:
3a:1b:61:7b:65:4a:14:06:b2:90:6f:fd:35:1a:a7:
9a:bb:0d:3d:90:85:2d:6d:ce:a1:59:a0:b2:05:b4:
e1:75:97:25:9c:4c:e7:7b:d9:d2:8c:e8:31:32:a8:
69:36:6d:18:f5:02:1e:e4:57:da:8b:2f:6f:2c:5b:
c7:f7:8b:c5:e2:00:c8:3a:48:24:48:8c:42:de:ee:
3e:3a:fa:5e:fb:96:63:8a:7f:cd:35:d4:6a:c6:de:
25:5a:c0:bc:17:d9:e8:f3:31:ed:0a:14:4c:ba:23:
f2:48:10:13:e8:41:a6:de:98:b3:d9:08:14:1e:fb:
cd:7f:a3:9b:e3:e9:7c:1e:65:7c:dc:28:a0:a4:d7:
c6:b8:39:cd:8e:e1:e3:71:85:c8:6b:d5:2b:30:91:
ff:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:49:72:07:14:36:2F:06:78:0C:5C:AE:93:2A:9C:7F:AB:27:BC:36
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7UlyBxQ2LwZ4DFyukyqcf6snvDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.244.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f5:83:c6:6a:82:35:d4:cd:e6:62:2a:a4:f5:a1:1f:33:bd:
80:d6:33:c1:80:1b:25:06:30:14:68:45:12:4b:eb:a3:e5:95:
c8:18:23:e9:77:2d:ec:60:e9:aa:49:20:b1:e5:2d:b4:a0:74:
92:19:99:66:33:8e:de:63:8b:46:e5:45:68:9f:81:8d:03:6a:
5c:7d:51:56:8f:39:62:0c:2d:fa:2e:dc:16:cc:a6:5d:24:47:
ee:7f:ad:cc:71:51:b6:a0:0b:e0:76:1d:4d:91:e5:b0:17:87:
91:46:af:13:9d:d6:37:b5:d7:3a:28:ad:b6:e0:4e:73:70:12:
72:18:b9:b5:d6:3f:4b:b2:da:f6:2b:ba:60:ef:2a:ee:cc:28:
a5:3a:0c:11:dc:bc:19:c6:3f:8b:10:f8:22:99:1b:b0:c5:3b:
64:ea:d7:1d:09:9d:b6:a0:d2:4d:3f:6f:35:d0:61:a8:9f:7f:
0e:5d:ef:5f:80:d6:a5:13:0a:df:0d:5a:d2:28:0a:97:45:e9:
f2:15:c9:91:45:76:8d:4f:54:81:fe:bf:ed:ec:4d:f9:df:3f:
e5:2b:d3:0a:d5:12:0c:33:30:95:13:c9:46:b5:66:64:77:ed:
5f:ff:a4:fe:17:3c:af:83:07:ad:4c:27:42:c3:4d:0e:42:26:
11:78:4e:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnPVPSsELgqqIXOA+hycGOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MDkyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ5NzIwNzE0MzYyZjA2NzgwYzVjYWU5MzJhOWM3ZmFiMjdiYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/pODxD+XYGHKR/Dy5nHvNy6fCSy
szxU5xA7jdp424GlK+7bZ9Zpy3AHcmd6XYyycfwj5c3PELXtHAOTYN/TY91F46px
oWtY8Oz1ncc4YoM4+0xq1kgA5uXvlEbfbYsBUR7MhXfLwFc6G2F7ZUoUBrKQb/01
Gqeauw09kIUtbc6hWaCyBbThdZclnEzne9nSjOgxMqhpNm0Y9QIe5Ffaiy9vLFvH
94vF4gDIOkgkSIxC3u4+Ovpe+5Zjin/NNdRqxt4lWsC8F9no8zHtChRMuiPySBAT
6EGm3piz2QgUHvvNf6Ob4+l8HmV83CigpNfGuDnNjuHjcYXIa9UrMJH/DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1JcgcUNi8GeAxcrpMqnH+rJ7w2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1VseUJ4UTJMd1o0REZ5dWt5cWNmNnNudkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD0MA0G
CSqGSIb3DQEBCwUAA4IBAQAW9YPGaoI11M3mYiqk9aEfM72A1jPBgBslBjAUaEUS
S+uj5ZXIGCPpdy3sYOmqSSCx5S20oHSSGZlmM47eY4tG5UVon4GNA2pcfVFWjzli
DC36LtwWzKZdJEfuf63McVG2oAvgdh1NkeWwF4eRRq8TndY3tdc6KK224E5zcBJy
GLm11j9Lstr2K7pg7yruzCilOgwR3LwZxj+LEPgimRuwxTtk6tcdCZ22oNJNP281
0GGon38OXe9fgNalEwrfDVrSKAqXRenyFcmRRXaNT1SB/r/t7E353z/lK9MK1RIM
MzCVE8lGtWZkd+1f/6T+FzyvgwetTCdCw00OQiYReE7X
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:59 2025 by rpki-client