Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/xEmIHAHGUMkrFa9D6LmEwLyvOso.roa
File: xEmIHAHGUMkrFa9D6LmEwLyvOso.roa (raw, json)
Hash identifier: 9eo8p/Gha6YrWdO3fEYPnct2LB+34JL95j7RdPhmRS8=
Subject key identifier: C4:49:88:1C:01:C6:50:C9:2B:15:AF:43:E8:B9:84:C0:BC:AF:3A:CA
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 020D31
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/xEmIHAHGUMkrFa9D6LmEwLyvOso.roa
Signing time: Tue 01 Feb 2022 08:33:01 +0000
ROA not before: Tue 01 Feb 2022 08:33:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44400
IP address blocks: 109.162.253.0/24 maxlen: 24
109.162.252.0/24 maxlen: 24
109.162.251.0/24 maxlen: 24
109.162.250.0/24 maxlen: 24
109.162.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134449 (0x20d31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Feb 1 08:33:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c449881c01c650c92b15af43e8b984c0bcaf3aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:94:b7:be:ef:16:73:2a:21:20:3a:1a:48:46:
03:d3:0a:b0:0e:7d:ce:f6:50:32:23:4b:82:26:10:
1a:1c:fe:d8:ec:e4:f7:a4:f3:6b:c3:97:e2:4d:c4:
5d:97:c6:02:48:83:bd:f2:d3:2f:39:1f:7e:66:77:
44:da:c1:38:65:8a:94:10:89:26:b7:b0:54:07:f1:
11:7f:e7:23:ad:2e:91:a7:1b:c1:26:bd:f3:ab:45:
78:0d:e6:a7:df:23:7e:15:be:9c:66:b9:c4:67:a7:
0d:71:3a:36:6d:e5:a8:92:df:dc:f0:e9:da:8d:db:
eb:a5:00:9f:30:80:d8:23:e5:06:72:68:c7:ff:87:
1f:d3:9d:ba:34:0b:a2:19:eb:28:b3:fd:92:40:66:
c8:97:e2:a1:00:0b:c6:08:73:31:80:0a:d0:5d:48:
ff:8d:4f:e0:84:2c:f0:6c:a2:68:4b:03:c7:2c:34:
33:cf:02:ae:eb:93:b8:c7:09:f3:12:38:ac:40:a0:
33:80:e1:61:56:b6:9c:24:a1:46:be:c3:c1:d8:f4:
7f:ad:ee:45:49:57:8a:98:7c:9b:2f:94:a0:56:7e:
23:69:b9:cd:cd:8a:b7:d0:b8:4b:9c:14:82:0f:f0:
83:3e:5c:5d:07:2a:4c:8d:b7:e0:c1:cb:d7:e1:29:
ae:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:49:88:1C:01:C6:50:C9:2B:15:AF:43:E8:B9:84:C0:BC:AF:3A:CA
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/xEmIHAHGUMkrFa9D6LmEwLyvOso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.162.250.0-109.162.254.255
Signature Algorithm: sha256WithRSAEncryption
b4:3f:ed:48:db:61:09:3e:91:a5:6c:97:58:d6:1a:73:ba:1a:
a7:c7:0a:c3:4b:cf:4e:db:e3:4b:20:59:8e:e2:87:eb:7a:97:
54:ca:b3:67:a9:57:4d:5d:9b:bd:18:89:55:8a:06:2b:44:06:
60:ec:a5:9a:10:c2:78:a8:e0:8a:70:a9:88:00:07:ad:6b:a9:
cb:e7:ac:85:fc:dc:0b:58:7a:7f:67:dc:a5:8a:21:0c:14:5a:
8b:51:91:ee:04:b4:7d:be:ef:ce:8c:6f:cc:61:5d:fe:07:1c:
5b:9d:6a:8f:67:92:6c:99:11:49:9d:6e:7d:14:1c:08:72:45:
e9:fe:5e:4e:99:2a:bd:ff:63:b6:09:e2:1b:3f:76:ef:a3:c2:
5a:28:8b:65:e9:b5:98:58:22:9d:d6:bf:70:dc:54:5e:bf:ad:
34:84:01:84:06:d2:32:33:96:cb:b4:cc:2b:f1:ca:42:6a:19:
05:07:2f:14:6e:00:3c:49:e9:76:cf:1c:2c:63:c1:11:db:a8:
cf:0e:20:5c:f3:42:44:77:0f:70:2f:5d:a9:3d:ff:40:70:40:
9b:ee:e6:d5:24:cf:40:0e:7e:73:83:4b:25:47:a5:a5:04:d0:
7f:d2:c5:5d:fb:0e:14:cd:75:90:80:4c:8c:c0:83:4d:2e:4d:
11:d6:bb:0e
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIDAg0xMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRk
ZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0NzdmN2UwHhcNMjIwMjAx
MDgzMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNDQ5ODgxYzAxYzY1
MGM5MmIxNWFmNDNlOGI5ODRjMGJjYWYzYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvpS3vu8WcyohIDoaSEYD0wqwDn3O9lAyI0uCJhAaHP7Y7OT3
pPNrw5fiTcRdl8YCSIO98tMvOR9+ZndE2sE4ZYqUEIkmt7BUB/ERf+cjrS6RpxvB
Jr3zq0V4Dean3yN+Fb6cZrnEZ6cNcTo2beWokt/c8OnajdvrpQCfMIDYI+UGcmjH
/4cf0526NAuiGesos/2SQGbIl+KhAAvGCHMxgArQXUj/jU/ghCzwbKJoSwPHLDQz
zwKu65O4xwnzEjisQKAzgOFhVracJKFGvsPB2PR/re5FSVeKmHybL5SgVn4jabnN
zYq30LhLnBSCD/CDPlxdBypMjbfgwcvX4SmuuwIDAQABo4ICETCCAg0wHQYDVR0O
BBYEFMRJiBwBxlDJKxWvQ+i5hMC8rzrKMB8GA1UdIwQYMBaAFE3XT7u65Y3Qh22Z
6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdlLzEv
eEVtSUhBSEdVTWtyRmE5RDZMbUV3THl2T3NvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85
ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdlLzEvVGRkUHU3cmxqZENI
Ylpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcG
CCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFtovoDBABtov4wDQYJKoZIhvcN
AQELBQADggEBALQ/7UjbYQk+kaVsl1jWGnO6GqfHCsNLz07b40sgWY7ih+t6l1TK
s2epV01dm70YiVWKBitEBmDspZoQwnio4IpwqYgAB61rqcvnrIX83AtYen9n3KWK
IQwUWotRke4EtH2+786Mb8xhXf4HHFudao9nkmyZEUmdbn0UHAhyRen+Xk6ZKr3/
Y7YJ4hs/du+jwlooi2XptZhYIp3Wv3DcVF6/rTSEAYQG0jIzlsu0zCvxykJqGQUH
LxRuADxJ6XbPHCxjwRHbqM8OIFzzQkR3D3AvXak9/0BwQJvu5tUkz0AOfnODSyVH
paUE0H/SxV37DhTNdZCATIzAg00uTRHWuw4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:38 2025 by rpki-client