Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/c295b-k3n7-xsuR_OL60RvtfY18.roa
File: c295b-k3n7-xsuR_OL60RvtfY18.roa (raw, json)
Hash identifier: 7S4PQe7p5SdJsSlIECCpzHjnSfjLi2FTbx3+oyhH/AE=
Subject key identifier: 73:6F:79:6F:E9:37:9F:BF:B1:B2:E4:7F:38:BE:B4:46:FB:5F:63:5F
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 01856E82123C15081EDC7E5428D4699DFCD0
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/c295b-k3n7-xsuR_OL60RvtfY18.roa
Signing time: Sun 01 Jan 2023 18:04:56 +0000
ROA not before: Sun 01 Jan 2023 18:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205950
IP address blocks: 109.235.245.0/24 maxlen: 32
109.235.244.0/24 maxlen: 32
109.235.246.0/24 maxlen: 32
109.235.247.0/24 maxlen: 32
2001:1b28:800::/37 maxlen: 128
2001:1b28:406::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:12:3c:15:08:1e:dc:7e:54:28:d4:69:9d:fc:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Jan 1 18:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=736f796fe9379fbfb1b2e47f38beb446fb5f635f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:46:c1:ec:14:9d:a0:aa:02:25:e1:6d:38:56:
63:16:e5:62:21:52:1a:39:bb:98:ac:3d:c7:e5:8f:
d5:52:c7:a6:db:ee:f7:ac:a1:89:00:53:61:23:70:
fa:78:58:ed:5a:97:22:a5:f6:af:ab:ea:e1:3a:e2:
59:5d:fd:0d:91:63:c1:b7:17:70:48:2c:fe:fd:80:
11:67:9c:7a:ae:8a:4b:93:63:83:3a:ff:17:89:55:
ca:bc:19:d5:3c:fd:bf:62:a4:94:d1:83:3d:74:97:
3c:e8:ea:2e:2e:47:60:ba:e5:70:81:07:52:0c:dc:
be:a9:2d:b6:19:bc:f5:b3:e6:e9:4a:d3:92:f0:46:
63:b6:4c:96:6d:a5:83:94:d3:7c:36:0e:33:87:31:
43:2e:32:4d:dc:34:63:18:d2:b0:8f:00:5f:4c:19:
7b:7c:9c:b7:27:39:3d:44:91:1a:e1:66:90:1c:48:
67:d7:ac:0b:1e:9f:37:51:15:ea:a5:3e:aa:1e:2a:
e2:9c:74:18:91:dc:10:66:1d:51:2b:ab:72:bd:70:
4c:3a:a4:63:79:7c:0b:66:f5:df:54:e8:51:f3:f6:
9f:89:83:18:db:93:81:c9:21:f0:79:12:f0:1d:13:
14:53:30:54:44:35:f2:b0:b8:2f:c8:6f:22:2d:41:
bf:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6F:79:6F:E9:37:9F:BF:B1:B2:E4:7F:38:BE:B4:46:FB:5F:63:5F
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/c295b-k3n7-xsuR_OL60RvtfY18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.244.0/22
IPv6:
2001:1b28:406::/48
2001:1b28:800::/37
Signature Algorithm: sha256WithRSAEncryption
33:ac:19:16:02:a5:ef:50:cc:00:a6:40:1f:62:9f:4a:55:6c:
45:74:7f:81:62:07:92:ab:26:7c:6c:63:df:6a:08:ca:12:d7:
2a:9e:76:2d:43:09:0e:d4:93:6e:82:9c:6f:a1:63:2a:f7:83:
05:52:f8:2c:1f:5d:3f:37:cf:64:24:d6:78:1e:dc:35:19:11:
2c:3c:8c:ae:63:b7:c4:5b:60:6a:15:af:ff:1a:23:be:aa:7c:
d9:fd:dc:b2:03:ec:4c:2c:82:b6:26:d5:76:f4:e6:8d:e9:67:
92:b8:04:4e:a4:df:94:e4:84:0a:9a:38:17:a2:80:96:3f:e9:
23:db:16:1e:25:67:aa:5a:df:b5:e9:45:95:25:24:5b:7b:27:
08:98:b0:31:31:58:f2:c5:95:2d:6c:7f:8a:78:eb:1c:59:ce:
a8:a4:82:e0:0f:54:1d:dc:14:31:c8:cc:a5:5f:b2:54:61:aa:
e6:27:f9:23:81:1b:53:52:f5:b1:62:37:6b:38:31:1c:27:fb:
8d:db:41:6e:6e:f6:b9:d3:f0:47:47:e9:77:8b:49:c3:7b:a3:
79:12:60:53:da:f3:a3:61:7d:2a:ee:4c:65:ae:68:f4:a9:95:
f8:7a:01:90:cd:64:9f:16:4a:54:5e:a6:c5:20:4d:7f:28:1c:
30:75:7a:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVughI8FQge3H5UKNRpnfzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDAzMThmMjY4NWUzMmQyZGJhOTIzZjY2NjI3NzE0Mjcz
NTk3MzgwHhcNMjMwMTAxMTgwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZmNzk2ZmU5Mzc5ZmJmYjFiMmU0N2YzOGJlYjQ0NmZiNWY2MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkbB7BSdoKoCJeFtOFZjFuViIVIa
ObuYrD3H5Y/VUsem2+73rKGJAFNhI3D6eFjtWpcipfavq+rhOuJZXf0NkWPBtxdw
SCz+/YARZ5x6ropLk2ODOv8XiVXKvBnVPP2/YqSU0YM9dJc86OouLkdguuVwgQdS
DNy+qS22Gbz1s+bpStOS8EZjtkyWbaWDlNN8Ng4zhzFDLjJN3DRjGNKwjwBfTBl7
fJy3Jzk9RJEa4WaQHEhn16wLHp83URXqpT6qHirinHQYkdwQZh1RK6tyvXBMOqRj
eXwLZvXfVOhR8/afiYMY25OBySHweRLwHRMUUzBURDXysLgvyG8iLUG/rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNveW/pN5+/sbLkfzi+tEb7X2NfMB8GA1UdIwQY
MBaAFNnQMY8mheMtLbqSP2ZidxQnNZc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEt
OTZkZGQ1YTAyMzlkLzEvYzI5NWItazNuNy14c3VSX09MNjBSdnRmWTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEtOTZkZGQ1YTAyMzlk
LzEvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCbev0MBcE
AgACMBEDBwAgARsoBAYDBgMgARsoCDANBgkqhkiG9w0BAQsFAAOCAQEAM6wZFgKl
71DMAKZAH2KfSlVsRXR/gWIHkqsmfGxj32oIyhLXKp52LUMJDtSTboKcb6FjKveD
BVL4LB9dPzfPZCTWeB7cNRkRLDyMrmO3xFtgahWv/xojvqp82f3csgPsTCyCtibV
dvTmjelnkrgETqTflOSECpo4F6KAlj/pI9sWHiVnqlrftelFlSUkW3snCJiwMTFY
8sWVLWx/injrHFnOqKSC4A9UHdwUMcjMpV+yVGGq5if5I4EbU1L1sWI3azgxHCf7
jdtBbm72udPwR0fpd4tJw3ujeRJgU9rzo2F9Ku5MZa5o9KmV+HoBkM1knxZKVF6m
xSBNfygcMHV6aw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:45 2025 by rpki-client