Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/durDirPS2Sf-rRoubb17b_W6mHM.roa
File: durDirPS2Sf-rRoubb17b_W6mHM.roa (raw, json)
Hash identifier: /+yqHMJ+98BSyqr3aYq95H3v/mJVu+8V0A0mrx9gi4o=
Subject key identifier: 76:EA:C3:8A:B3:D2:D9:27:FE:AD:1A:2E:6D:BD:7B:6F:F5:BA:98:73
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018921BF44FB173AAFA7D7A64C6FB4DF0D6B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/durDirPS2Sf-rRoubb17b_W6mHM.roa
Signing time: Tue 04 Jul 2023 16:32:10 +0000
ROA not before: Tue 04 Jul 2023 16:32:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 109.176.213.0/24 maxlen: 24
109.176.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:bf:44:fb:17:3a:af:a7:d7:a6:4c:6f:b4:df:0d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 4 16:32:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76eac38ab3d2d927fead1a2e6dbd7b6ff5ba9873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:13:63:cb:5f:27:d4:a3:e1:49:ff:9f:3f:9d:
c5:99:a5:1c:b9:0f:68:df:7d:88:93:17:a6:56:e6:
0f:4c:69:08:f3:5e:58:e5:14:82:31:46:0a:ab:ae:
52:5e:24:bd:7f:5a:54:0b:2c:56:a0:36:4b:92:f5:
6d:2f:de:6e:ae:83:12:b2:e1:6e:f7:68:a7:63:7c:
2a:d1:1b:4f:1d:17:3c:68:09:c8:47:46:8b:8a:d1:
34:8c:65:e5:17:f0:6d:01:d9:5d:03:3e:0a:3e:cc:
ad:7d:0c:19:10:22:ee:b8:b0:d9:ad:8d:91:a2:88:
de:d2:f3:7c:f6:ff:50:70:44:5a:04:5d:53:7a:e3:
f8:f7:b5:b3:6d:af:2d:a9:ee:57:bd:e1:0b:a8:16:
85:a9:3d:2c:e9:3e:fc:14:71:51:17:79:93:78:fb:
0e:0a:1b:f5:1b:77:45:7b:f7:9e:30:34:52:56:ed:
0c:49:cc:7b:20:14:43:8d:60:83:f0:51:44:09:8d:
03:e3:32:bf:c1:f1:48:2b:11:ec:08:d2:f6:32:ba:
bf:d6:b5:f8:19:c1:d9:6b:cc:92:8a:f6:92:ef:67:
e2:15:aa:d7:e6:ce:5e:a9:0c:6b:f7:49:79:d3:17:
be:aa:97:60:06:7a:c3:02:d2:62:18:30:f5:33:e4:
93:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EA:C3:8A:B3:D2:D9:27:FE:AD:1A:2E:6D:BD:7B:6F:F5:BA:98:73
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/durDirPS2Sf-rRoubb17b_W6mHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.210.0/24
109.176.213.0/24
Signature Algorithm: sha256WithRSAEncryption
90:2d:6f:73:37:e7:31:4f:39:81:0d:f6:db:dc:15:11:01:e3:
8d:2c:eb:eb:8f:8d:7c:74:eb:7a:12:67:85:44:8f:d4:f7:d7:
b0:b7:9f:3c:ff:89:2d:24:90:aa:9e:11:74:e0:0c:70:ef:67:
aa:24:75:6b:9e:fc:8a:7a:ec:b0:7a:7a:fd:df:43:23:2b:7a:
bc:29:66:de:ed:59:3e:e5:e6:32:da:3b:1e:15:5f:91:c6:84:
32:dd:75:ca:84:05:31:94:d1:9b:c4:e6:68:70:ab:dc:b7:11:
79:7c:73:69:08:0f:e1:b7:6e:29:da:d1:1b:e2:a6:1a:21:23:
57:41:4a:45:89:02:90:a4:e1:52:0f:5c:45:06:b4:7d:0a:ca:
ac:14:db:19:bc:3a:94:4a:07:ad:16:4c:18:b7:1d:7d:0f:65:
6e:35:d7:35:91:ed:87:34:a0:dc:66:96:1d:8b:1b:b7:82:1c:
95:f2:ef:b6:d7:c6:50:b9:2a:f3:e9:ca:bc:f7:11:5b:10:1a:
3e:08:49:8a:e3:05:48:b3:cc:74:aa:7f:99:da:59:77:3d:56:
fc:2b:b6:23:52:68:b8:9b:58:16:de:46:15:b0:ba:a6:57:bc:
ba:84:0e:ee:67:e1:c0:75:e2:96:00:4a:35:1a:09:f6:dd:0b:
77:6d:b0:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkhv0T7Fzqvp9emTG+03w1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA0MTYzMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVhYzM4YWIzZDJkOTI3ZmVhZDFhMmU2ZGJkN2I2ZmY1YmE5ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhNjy18n1KPhSf+fP53FmaUcuQ9o
332IkxemVuYPTGkI815Y5RSCMUYKq65SXiS9f1pUCyxWoDZLkvVtL95uroMSsuFu
92inY3wq0RtPHRc8aAnIR0aLitE0jGXlF/BtAdldAz4KPsytfQwZECLuuLDZrY2R
ooje0vN89v9QcERaBF1TeuP497Wzba8tqe5XveELqBaFqT0s6T78FHFRF3mTePsO
Chv1G3dFe/eeMDRSVu0MScx7IBRDjWCD8FFECY0D4zK/wfFIKxHsCNL2Mrq/1rX4
GcHZa8ySivaS72fiFarX5s5eqQxr90l50xe+qpdgBnrDAtJiGDD1M+ST7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHbqw4qz0tkn/q0aLm29e2/1uphzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHVyRGlyUFMyU2YtclJvdWJiMTdiX1c2bUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbDSAwQA
bbDVMA0GCSqGSIb3DQEBCwUAA4IBAQCQLW9zN+cxTzmBDfbb3BURAeONLOvrj418
dOt6EmeFRI/U99ewt588/4ktJJCqnhF04Axw72eqJHVrnvyKeuywenr930MjK3q8
KWbe7Vk+5eYy2jseFV+RxoQy3XXKhAUxlNGbxOZocKvctxF5fHNpCA/ht24p2tEb
4qYaISNXQUpFiQKQpOFSD1xFBrR9CsqsFNsZvDqUSgetFkwYtx19D2VuNdc1ke2H
NKDcZpYdixu3ghyV8u+218ZQuSrz6cq89xFbEBo+CEmK4wVIs8x0qn+Z2ll3PVb8
K7YjUmi4m1gW3kYVsLqmV7y6hA7uZ+HAdeKWAEo1Ggn23Qt3bbCM
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:08 2025 by rpki-client