Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/RRJrqfyZXVZb-LRSRCuiw_eYKl8.roa
File: RRJrqfyZXVZb-LRSRCuiw_eYKl8.roa (raw, json)
Hash identifier: YuexBKngri0UvpKU9q6qO9tSaAm5LrfbPydyT71m5Z4=
Subject key identifier: 45:12:6B:A9:FC:99:5D:56:5B:F8:B4:52:44:2B:A2:C3:F7:98:2A:5F
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 01856D4191C084A51763031BAA3EBFC455DE
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/RRJrqfyZXVZb-LRSRCuiw_eYKl8.roa
Signing time: Sun 01 Jan 2023 12:14:51 +0000
ROA not before: Sun 01 Jan 2023 12:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208323
IP address blocks: 109.70.100.0/24 maxlen: 24
2a03:e600:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:91:c0:84:a5:17:63:03:1b:aa:3e:bf:c4:55:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 12:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45126ba9fc995d565bf8b452442ba2c3f7982a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cc:2e:04:b9:be:18:85:7d:5c:1c:c8:d6:29:
07:f6:e8:ef:e6:f1:d1:b1:c5:9e:2a:5b:b1:d2:20:
08:e2:4e:37:a6:8e:9c:01:b9:c4:e8:7f:76:ce:b6:
54:fa:1b:3f:12:7e:4a:1d:2e:20:04:be:8f:72:ee:
8b:d9:b7:d8:47:52:fb:a7:bb:2b:57:eb:82:46:2c:
10:4a:95:1c:a9:4d:cb:21:24:32:2f:eb:12:44:79:
d8:b1:34:b4:2c:6a:4b:42:b8:0b:88:fb:6c:a9:06:
8a:10:68:9a:15:3e:bd:65:84:a1:ad:ed:a1:64:c9:
bf:63:72:52:84:ac:d0:e1:98:5e:a9:08:1b:45:af:
62:6b:34:1c:7d:50:15:8b:a7:52:d7:54:16:01:e6:
68:76:d0:d8:7d:c8:d6:2c:9b:c2:0c:2f:eb:e7:1c:
1b:ae:86:3a:79:5b:8a:ac:7b:09:1a:d0:e7:16:4d:
9a:bc:e1:8b:96:95:7b:08:b9:1c:7d:68:16:0a:1b:
9b:d5:c7:62:3b:3b:96:01:99:fd:91:5a:a1:06:55:
e1:5a:ce:ac:11:49:95:b2:ad:f7:17:aa:70:77:70:
82:23:fa:4b:90:97:47:f5:4e:b6:5d:7c:a6:d4:68:
78:db:b8:a4:66:a9:a0:7a:e7:87:74:f9:c8:96:b6:
76:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:12:6B:A9:FC:99:5D:56:5B:F8:B4:52:44:2B:A2:C3:F7:98:2A:5F
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/RRJrqfyZXVZb-LRSRCuiw_eYKl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.100.0/24
IPv6:
2a03:e600:100::/48
Signature Algorithm: sha256WithRSAEncryption
ca:3a:93:6b:6b:5d:9e:d7:77:20:1d:7f:e3:09:72:75:77:15:
17:95:ab:8f:a7:0c:aa:ed:7f:15:9f:5d:29:b8:60:a8:18:ef:
96:da:3c:14:4e:b6:96:ea:73:b5:17:dd:33:c8:bf:3a:4d:81:
32:c8:b9:be:aa:56:a3:96:ad:f3:bd:4f:2d:f4:49:88:35:21:
08:a1:fa:3c:d1:95:1d:5d:9d:cf:3e:51:69:fa:c5:b2:62:a3:
0a:47:bc:9c:83:4a:e5:f2:39:88:14:61:5d:ff:3b:7e:d4:a4:
14:c3:d7:91:87:b8:d0:f9:47:b8:7c:2f:e0:f1:a2:7b:e1:92:
ac:f5:1a:38:b9:9a:d0:ce:c0:10:e6:b1:e0:0d:1c:ec:45:21:
00:08:5c:25:9f:ca:76:92:90:88:86:c7:1e:e8:a0:1b:c1:4e:
b6:42:50:4b:d2:00:34:78:34:fa:73:e4:0a:35:d7:22:7d:f2:
99:e1:a1:98:af:ee:3b:23:ff:85:b0:c0:19:b4:41:5f:fb:24:
44:76:d9:9e:5d:63:b2:3a:df:4b:0f:58:73:1f:72:55:68:f6:
c5:8a:13:65:8c:37:c2:e2:63:26:d6:9e:33:db:0e:7b:c7:95:
8e:4a:4e:c2:cc:20:df:0c:1a:e1:30:9f:b2:ea:75:cf:5b:1a:
91:50:8a:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtQZHAhKUXYwMbqj6/xFXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjMwMTAxMTIxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTEyNmJhOWZjOTk1ZDU2NWJmOGI0NTI0NDJiYTJjM2Y3OTgyYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiswuBLm+GIV9XBzI1ikH9ujv5vHR
scWeKlux0iAI4k43po6cAbnE6H92zrZU+hs/En5KHS4gBL6Pcu6L2bfYR1L7p7sr
V+uCRiwQSpUcqU3LISQyL+sSRHnYsTS0LGpLQrgLiPtsqQaKEGiaFT69ZYShre2h
ZMm/Y3JShKzQ4ZheqQgbRa9iazQcfVAVi6dS11QWAeZodtDYfcjWLJvCDC/r5xwb
roY6eVuKrHsJGtDnFk2avOGLlpV7CLkcfWgWChub1cdiOzuWAZn9kVqhBlXhWs6s
EUmVsq33F6pwd3CCI/pLkJdH9U62XXym1Gh427ikZqmgeueHdPnIlrZ2jwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEUSa6n8mV1WW/i0UkQrosP3mCpfMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvUlJKcnFmeVpYVlpiLUxSU1JDdWl3X2VZS2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAbUZkMA8E
AgACMAkDBwAqA+YAAQAwDQYJKoZIhvcNAQELBQADggEBAMo6k2trXZ7XdyAdf+MJ
cnV3FReVq4+nDKrtfxWfXSm4YKgY75baPBROtpbqc7UX3TPIvzpNgTLIub6qVqOW
rfO9Ty30SYg1IQih+jzRlR1dnc8+UWn6xbJiowpHvJyDSuXyOYgUYV3/O37UpBTD
15GHuND5R7h8L+Dxonvhkqz1Gji5mtDOwBDmseANHOxFIQAIXCWfynaSkIiGxx7o
oBvBTrZCUEvSADR4NPpz5Ao11yJ98pnhoZiv7jsj/4WwwBm0QV/7JER22Z5dY7I6
30sPWHMfclVo9sWKE2WMN8LiYybWnjPbDnvHlY5KTsLMIN8MGuEwn7Lqdc9bGpFQ
isA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:50:18 2025 by rpki-client