Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/sOrP1sr6vf_zdxnaNaFex36hiWc.roa
File: sOrP1sr6vf_zdxnaNaFex36hiWc.roa (raw, json)
Hash identifier: E6PQmF42x/u+YkWgr5odUCPuozAPA+sXf15JnHdqdD0=
Subject key identifier: B0:EA:CF:D6:CA:FA:BD:FF:F3:77:19:DA:35:A1:5E:C7:7E:A1:89:67
Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4
Certificate serial: 018535BD34E2B6B84D7DDCF2728195A6BB76
Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/sOrP1sr6vf_zdxnaNaFex36hiWc.roa
Signing time: Wed 21 Dec 2022 17:31:10 +0000
ROA not before: Wed 21 Dec 2022 17:31:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42346
IP address blocks: 109.106.32.0/21 maxlen: 21
109.106.40.0/22 maxlen: 22
2a00:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:bd:34:e2:b6:b8:4d:7d:dc:f2:72:81:95:a6:bb:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4
Validity
Not Before: Dec 21 17:31:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0eacfd6cafabdfff37719da35a15ec77ea18967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:9d:f7:99:9a:ef:7b:a4:af:37:f4:2d:3a:
ed:5c:cc:30:e6:dd:29:5e:8d:60:da:2c:2a:32:3e:
11:2c:65:cc:34:12:12:60:34:7e:de:a8:f0:f7:b5:
44:96:c2:b0:90:ce:15:10:f2:bd:95:8d:0b:bd:83:
7a:0f:df:29:75:34:d7:b5:18:bb:46:5f:a3:78:b8:
fd:fc:33:a8:4b:ce:64:02:ed:39:c4:26:cd:8b:e4:
c2:94:9e:34:78:f2:bb:2b:43:80:55:38:89:ae:3d:
66:45:e8:4a:93:df:d2:65:ee:08:30:77:1a:2e:52:
62:73:89:68:7f:b7:1b:e4:b9:2c:4e:ba:8a:38:5c:
b3:d8:87:82:7d:b7:41:f1:21:08:cd:57:63:b7:5a:
d3:d1:d7:a9:aa:f7:a9:77:88:b8:22:5c:ba:20:01:
e2:45:16:de:b2:83:90:25:94:b4:ae:38:45:16:75:
e6:2c:c4:53:a5:bf:d1:01:c0:7c:73:34:19:19:7b:
6a:25:cd:c1:c9:b9:ed:2a:c7:00:a0:8f:f5:e0:08:
b6:55:46:4b:56:5d:09:af:e0:dd:f7:85:69:5b:ed:
9c:ff:9c:6f:6a:dc:e6:7f:21:ca:5e:32:aa:3b:71:
52:96:f1:af:44:dc:4f:5a:82:73:2c:75:e0:e6:5b:
cd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EA:CF:D6:CA:FA:BD:FF:F3:77:19:DA:35:A1:5E:C7:7E:A1:89:67
X509v3 Authority Key Identifier:
keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/sOrP1sr6vf_zdxnaNaFex36hiWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.32.0-109.106.43.255
IPv6:
2a00:5480::/29
Signature Algorithm: sha256WithRSAEncryption
2d:0a:42:4a:37:26:65:78:e4:f3:01:97:e6:08:bb:b0:63:6d:
0e:d7:7a:0b:7f:62:b3:c7:74:7b:70:7c:60:b2:83:56:6e:46:
1e:5f:a2:6b:ba:f5:8a:8f:49:fa:cf:db:7a:09:3c:29:7d:bf:
3f:12:4d:54:a2:c8:9d:85:42:e2:f8:08:33:2f:9d:7b:07:2d:
6b:e4:1e:16:17:22:b5:11:0c:1e:21:59:06:c6:36:3b:0a:51:
5a:63:8a:54:54:3d:cb:6c:ee:4c:9c:8f:c4:15:78:73:51:0e:
8b:63:43:34:00:c3:fb:30:4e:b2:87:95:1a:64:a5:b7:dd:f0:
1a:63:84:71:1f:4b:85:08:a3:1d:5d:e0:f8:26:f1:1e:53:35:
49:b8:a7:4d:d9:74:bc:bb:f9:c2:23:a5:0c:8d:34:8b:dd:c6:
73:71:e2:59:3c:10:c0:04:43:61:bc:70:bc:89:68:de:3d:7c:
68:04:15:62:be:d6:37:b8:30:49:7c:2c:a8:6a:18:0c:73:6a:
a9:81:e4:0c:ea:31:5e:cc:19:2f:d7:94:82:5d:ed:a4:83:79:
20:a4:f6:51:af:f3:9a:5e:72:82:2d:b0:5d:6e:0e:49:20:be:
0a:6e:1d:be:e7:99:67:84:69:e5:d1:40:66:86:87:19:f8:03:
b0:62:6b:08
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYU1vTTitrhNfdzycoGVprt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz
ZmZhZjQwHhcNMjIxMjIxMTczMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGVhY2ZkNmNhZmFiZGZmZjM3NzE5ZGEzNWExNWVjNzdlYTE4OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Od95ma73ukrzf0LTrtXMww5t0p
Xo1g2iwqMj4RLGXMNBISYDR+3qjw97VElsKwkM4VEPK9lY0LvYN6D98pdTTXtRi7
Rl+jeLj9/DOoS85kAu05xCbNi+TClJ40ePK7K0OAVTiJrj1mRehKk9/SZe4IMHca
LlJic4lof7cb5LksTrqKOFyz2IeCfbdB8SEIzVdjt1rT0depqvepd4i4Ily6IAHi
RRbesoOQJZS0rjhFFnXmLMRTpb/RAcB8czQZGXtqJc3BybntKscAoI/14Ai2VUZL
Vl0Jr+Dd94VpW+2c/5xvatzmfyHKXjKqO3FSlvGvRNxPWoJzLHXg5lvNRwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLDqz9bK+r3/83cZ2jWhXsd+oYlnMB8GA1UdIwQY
MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt
MjI2OGU5N2E4YmMxLzEvc09yUDFzcjZ2Zl96ZHhuYU5hRmV4MzZoaVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx
LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAVtaiAD
BAJtaigwDQQCAAIwBwMFAyoAVIAwDQYJKoZIhvcNAQELBQADggEBAC0KQko3JmV4
5PMBl+YIu7BjbQ7Xegt/YrPHdHtwfGCyg1ZuRh5fomu69YqPSfrP23oJPCl9vz8S
TVSiyJ2FQuL4CDMvnXsHLWvkHhYXIrURDB4hWQbGNjsKUVpjilRUPcts7kycj8QV
eHNRDotjQzQAw/swTrKHlRpkpbfd8BpjhHEfS4UIox1d4Pgm8R5TNUm4p03ZdLy7
+cIjpQyNNIvdxnNx4lk8EMAEQ2G8cLyJaN49fGgEFWK+1je4MEl8LKhqGAxzaqmB
5AzqMV7MGS/XlIJd7aSDeSCk9lGv85pecoItsF1uDkkgvgpuHb7nmWeEaeXRQGaG
hxn4A7Biawg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org