Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/44IyM1e2aiSg03yKBJntin1j8tw.roa
File: 44IyM1e2aiSg03yKBJntin1j8tw.roa (raw, json)
Hash identifier: bpdfVYpH9OaNpTujHxpLjSid1yzhQNfPUAG4IoP4RKI=
Subject key identifier: E3:82:32:33:57:B6:6A:24:A0:D3:7C:8A:04:99:ED:8A:7D:63:F2:DC
Certificate issuer: /CN=ae5d5fbbd4277e02297ecd01b5cd7e1bf29fc759
Certificate serial: 0104AF59
Authority key identifier: AE:5D:5F:BB:D4:27:7E:02:29:7E:CD:01:B5:CD:7E:1B:F2:9F:C7:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/44IyM1e2aiSg03yKBJntin1j8tw.roa
Signing time: Sat 01 Jan 2022 08:02:41 +0000
ROA not before: Sat 01 Jan 2022 08:02:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.234.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17084249 (0x104af59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae5d5fbbd4277e02297ecd01b5cd7e1bf29fc759
Validity
Not Before: Jan 1 08:02:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e382323357b66a24a0d37c8a0499ed8a7d63f2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d9:30:64:52:41:85:c4:4e:e9:dd:fc:af:62:
0a:e9:a0:35:2b:2d:60:c3:57:9b:3f:96:98:31:29:
28:f0:8e:77:24:91:51:7f:03:56:e5:f7:fe:3a:55:
34:f5:e4:91:67:69:2a:a8:f6:93:7f:1e:3e:38:64:
db:dd:85:71:da:39:bd:a0:88:b4:ad:ce:18:2c:86:
01:e3:6e:d7:9a:06:96:ac:90:aa:de:14:76:d1:a3:
05:b2:7a:02:e3:80:70:0d:9e:81:fa:25:52:65:60:
f1:ee:7c:7e:06:25:eb:f0:64:c2:70:c9:85:d6:00:
cc:b2:91:b7:9d:71:17:cc:0b:e0:48:78:4d:3a:09:
1a:ef:54:f8:15:e0:2a:e0:e3:1d:89:6c:dc:65:2b:
7f:48:20:44:49:3e:05:e5:a5:8e:ae:38:49:80:00:
a3:7a:64:4c:56:cb:3f:5a:83:da:bf:33:9a:2f:4d:
47:e1:37:b3:da:59:fd:30:88:35:28:51:d5:af:45:
5a:14:20:07:21:38:ff:2d:3c:33:7c:2a:23:df:44:
bc:06:60:44:65:f5:5a:65:b7:e8:c8:2e:09:95:0e:
9f:63:11:69:cd:7a:8d:1f:c5:4c:81:dd:39:ab:96:
e7:ba:2e:c6:c7:55:92:99:6f:d6:81:0e:8b:67:be:
dd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:82:32:33:57:B6:6A:24:A0:D3:7C:8A:04:99:ED:8A:7D:63:F2:DC
X509v3 Authority Key Identifier:
keyid:AE:5D:5F:BB:D4:27:7E:02:29:7E:CD:01:B5:CD:7E:1B:F2:9F:C7:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/44IyM1e2aiSg03yKBJntin1j8tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/44f32f-8723-41a0-8014-376292d8b2fe/1/rl1fu9QnfgIpfs0Btc1-G_Kfx1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.75.0/24
Signature Algorithm: sha256WithRSAEncryption
26:e4:5c:76:57:6e:69:ef:18:10:b5:7c:a8:d1:45:61:6a:e5:
15:fe:a4:60:c9:24:b4:c0:a5:e1:9f:7f:e9:7f:22:7c:5b:b6:
ba:2c:1f:83:36:61:dc:b3:6c:eb:1a:75:21:a0:15:e0:23:d2:
2a:6a:3c:f5:20:9c:df:36:98:51:4c:4b:d1:b4:03:20:40:61:
47:c2:9f:68:e5:a7:2c:eb:f3:1e:ea:e1:aa:54:07:e0:76:39:
d9:07:e6:f7:23:f1:f3:c7:59:64:64:50:89:2f:9e:14:d8:3d:
4a:92:25:57:a8:fb:a9:92:23:a7:12:b1:43:2b:5f:94:c1:bb:
45:57:36:e9:28:f8:9f:81:c2:f2:cf:de:44:b5:c3:ca:e8:b4:
59:a8:31:5f:86:9c:9e:77:00:05:d7:b2:2b:1b:f8:50:01:c4:
92:85:fb:31:b8:3d:12:02:6d:22:35:fe:d2:6b:2d:ff:9a:81:
a9:0d:4c:2b:3f:9b:b2:7b:7c:94:aa:bc:39:26:ac:a9:d3:e5:
b0:98:1f:5d:71:90:d5:dd:aa:61:5b:6b:90:d3:26:8a:0b:bc:
46:49:57:fe:a6:bc:6b:15:c2:e0:fa:73:e4:7e:c6:3c:09:c7:
b7:af:f5:db:24:1a:8a:c1:d9:31:28:fe:bd:a5:16:9b:65:9b:
9c:a1:19:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQSvWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTVkNWZiYmQ0Mjc3ZTAyMjk3ZWNkMDFiNWNkN2UxYmYyOWZjNzU5MB4XDTIyMDEw
MTA4MDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM4MjMyMzM1N2I2
NmEyNGEwZDM3YzhhMDQ5OWVkOGE3ZDYzZjJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnZMGRSQYXETund/K9iCumgNSstYMNXmz+WmDEpKPCOdySR
UX8DVuX3/jpVNPXkkWdpKqj2k38ePjhk292Fcdo5vaCItK3OGCyGAeNu15oGlqyQ
qt4UdtGjBbJ6AuOAcA2egfolUmVg8e58fgYl6/BkwnDJhdYAzLKRt51xF8wL4Eh4
TToJGu9U+BXgKuDjHYls3GUrf0ggREk+BeWljq44SYAAo3pkTFbLP1qD2r8zmi9N
R+E3s9pZ/TCINShR1a9FWhQgByE4/y08M3wqI99EvAZgRGX1WmW36MguCZUOn2MR
ac16jR/FTIHdOauW57ouxsdVkplv1oEOi2e+3ekCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjgjIzV7ZqJKDTfIoEme2KfWPy3DAfBgNVHSMEGDAWgBSuXV+71Cd+Ail+
zQG1zX4b8p/HWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JsMWZ1OVFuZmdJcGZzMEJ0YzEtR19LZngxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNDRmMzJmLTg3MjMtNDFhMC04MDE0LTM3NjI5MmQ4YjJmZS8x
LzQ0SXlNMWUyYWlTZzAzeUtCSm50aW4xajh0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NDRmMzJmLTg3MjMtNDFhMC04MDE0LTM3NjI5MmQ4YjJmZS8xL3JsMWZ1OVFuZmdJ
cGZzMEJ0YzEtR19LZngxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3qSzANBgkqhkiG9w0BAQsFAAOC
AQEAJuRcdlduae8YELV8qNFFYWrlFf6kYMkktMCl4Z9/6X8ifFu2uiwfgzZh3LNs
6xp1IaAV4CPSKmo89SCc3zaYUUxL0bQDIEBhR8KfaOWnLOvzHurhqlQH4HY52Qfm
9yPx88dZZGRQiS+eFNg9SpIlV6j7qZIjpxKxQytflMG7RVc26Sj4n4HC8s/eRLXD
yui0WagxX4acnncABdeyKxv4UAHEkoX7Mbg9EgJtIjX+0mst/5qBqQ1MKz+bsnt8
lKq8OSasqdPlsJgfXXGQ1d2qYVtrkNMmigu8RklX/qa8axXC4Ppz5H7GPAnHt6/1
2yQaisHZMSj+vaUWm2WbnKEZCQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org