Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/5cz7Yaa9CQcikF60tSw_9zrGq0w.roa
File: 5cz7Yaa9CQcikF60tSw_9zrGq0w.roa (raw, json)
Hash identifier: AO0aH/DQX7JkcJqkbGjOMZeWF1oWho4ZqCHg4bh1PCA=
Subject key identifier: E5:CC:FB:61:A6:BD:09:07:22:90:5E:B4:B5:2C:3F:F7:3A:C6:AB:4C
Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial: 018BDA0E71BA0F27D2DC70BCAAE0B9323771
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/5cz7Yaa9CQcikF60tSw_9zrGq0w.roa
Signing time: Thu 16 Nov 2023 21:34:21 +0000
ROA not before: Thu 16 Nov 2023 21:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210483
IP address blocks: 109.107.130.0/24 maxlen: 24
2a11:cd40:f00d::/48 maxlen: 48
2a11:cd40:1000::/48 maxlen: 48
2a11:cd40::/48 maxlen: 48
2a11:cd40:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:da:0e:71:ba:0f:27:d2:dc:70:bc:aa:e0:b9:32:37:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Validity
Not Before: Nov 16 21:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5ccfb61a6bd090722905eb4b52c3ff73ac6ab4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:82:22:e7:07:7f:f1:d4:ca:3f:67:0d:e6:8b:
38:86:12:5a:6d:b6:03:0f:1f:fd:ae:f7:f9:da:ca:
5a:02:14:21:bb:01:71:bc:30:9c:2d:45:6e:5e:de:
de:ea:9e:51:0c:3d:a5:46:fb:f3:ee:95:25:4c:01:
1e:1d:cd:ea:b4:f9:c5:3b:4f:88:42:76:96:24:4b:
ee:89:90:4e:f1:4b:24:80:bf:57:3c:57:96:e6:ea:
fb:75:90:ec:4b:b8:9c:b9:57:6e:a9:e5:96:2a:ed:
01:91:71:f4:8f:b7:e7:92:1d:aa:17:a1:6a:cc:61:
f4:56:6f:20:5d:92:ab:e4:01:f2:2e:ed:9a:d5:28:
b3:91:c8:5f:b3:53:8f:d6:38:2b:28:39:db:53:b5:
33:94:87:b2:81:c5:e1:12:24:c4:c0:71:52:20:46:
f6:f8:5b:2c:d0:6e:f6:3d:6d:ae:20:bb:ff:4a:5c:
e0:95:e2:b1:17:3f:1f:36:12:36:35:fd:65:23:28:
94:1f:d0:72:82:a2:4a:9c:d1:78:ee:c6:b4:cf:0f:
8f:e2:fa:a2:0a:2d:56:59:f1:8b:65:ec:59:98:4d:
45:5f:96:11:52:09:2d:78:19:75:52:cd:84:5e:95:
39:80:6a:cc:c3:02:bc:d3:2d:ac:e8:56:0d:12:d3:
7c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CC:FB:61:A6:BD:09:07:22:90:5E:B4:B5:2C:3F:F7:3A:C6:AB:4C
X509v3 Authority Key Identifier:
keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/5cz7Yaa9CQcikF60tSw_9zrGq0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.130.0/24
IPv6:
2a11:cd40::/48
2a11:cd40:1000::/48
2a11:cd40:2000::/48
2a11:cd40:f00d::/48
Signature Algorithm: sha256WithRSAEncryption
25:1f:e1:78:6e:dd:e2:cd:e2:f0:f8:e2:9a:09:13:d6:82:ba:
b5:f4:b1:39:53:17:50:4c:49:fd:a6:41:a5:c4:97:f6:da:99:
5c:72:a3:e7:35:77:fd:6b:d0:53:59:d9:e1:78:9a:eb:12:f1:
6b:31:3f:ff:0a:b6:37:d8:75:36:b4:74:1a:3e:55:65:37:dd:
29:b3:e2:93:16:a4:74:d9:77:f0:15:8b:40:93:f7:e1:f8:86:
92:72:09:8e:29:c3:05:3f:c5:c0:d9:3e:34:83:2a:a2:23:ed:
2c:ca:a5:51:63:60:9f:7b:f7:51:9f:e0:62:4c:1a:c5:e5:14:
77:4d:04:54:f7:8d:80:11:be:a1:f6:d2:27:4a:c2:4d:1b:28:
d6:ab:bb:be:16:16:75:70:4f:4c:05:17:28:53:2f:3d:01:82:
91:65:0f:a9:63:f9:ab:a6:f2:f6:4c:1c:37:0b:ab:18:e5:9c:
df:36:09:d8:f9:8b:ea:97:49:46:57:00:0c:d3:47:33:80:90:
eb:aa:f7:44:c0:df:b3:fd:70:ff:de:67:9a:94:4c:d5:dd:c9:
68:d8:e5:b8:f6:74:1c:d4:3e:44:da:e1:82:c1:5b:e1:c4:25:
82:04:95:68:ec:de:e5:18:40:e4:5f:f6:d7:16:fd:0b:23:c2:
aa:db:2f:f3
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYvaDnG6DyfS3HC8quC5MjdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0
ZWI4N2UwHhcNMjMxMTE2MjEzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWNjZmI2MWE2YmQwOTA3MjI5MDVlYjRiNTJjM2ZmNzNhYzZhYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4Ii5wd/8dTKP2cN5os4hhJabbYD
Dx/9rvf52spaAhQhuwFxvDCcLUVuXt7e6p5RDD2lRvvz7pUlTAEeHc3qtPnFO0+I
QnaWJEvuiZBO8UskgL9XPFeW5ur7dZDsS7icuVduqeWWKu0BkXH0j7fnkh2qF6Fq
zGH0Vm8gXZKr5AHyLu2a1Sizkchfs1OP1jgrKDnbU7UzlIeygcXhEiTEwHFSIEb2
+Fss0G72PW2uILv/SlzgleKxFz8fNhI2Nf1lIyiUH9BygqJKnNF47sa0zw+P4vqi
Ci1WWfGLZexZmE1FX5YRUgkteBl1Us2EXpU5gGrMwwK80y2s6FYNEtN8ewIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOXM+2GmvQkHIpBetLUsP/c6xqtMMB8GA1UdIwQY
MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt
OTllY2E1NjUxMDIzLzEvNWN6N1lhYTlDUWNpa0Y2MHRTd185enJHcTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz
LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAbWuCMCoE
AgACMCQDBwAqEc1AAAADBwAqEc1AEAADBwAqEc1AIAADBwAqEc1A8A0wDQYJKoZI
hvcNAQELBQADggEBACUf4Xhu3eLN4vD44poJE9aCurX0sTlTF1BMSf2mQaXEl/ba
mVxyo+c1d/1r0FNZ2eF4musS8WsxP/8KtjfYdTa0dBo+VWU33Smz4pMWpHTZd/AV
i0CT9+H4hpJyCY4pwwU/xcDZPjSDKqIj7SzKpVFjYJ9791Gf4GJMGsXlFHdNBFT3
jYARvqH20idKwk0bKNaru74WFnVwT0wFFyhTLz0BgpFlD6lj+aum8vZMHDcLqxjl
nN82Cdj5i+qXSUZXAAzTRzOAkOuq90TA37P9cP/eZ5qUTNXdyWjY5bj2dBzUPkTa
4YLBW+HEJYIElWjs3uUYQORf9tcW/QsjwqrbL/M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:27 2025 by rpki-client