Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/S0yK5Q7WHZva36Ibu0B2AA4ljhw.roa
File: S0yK5Q7WHZva36Ibu0B2AA4ljhw.roa (raw, json)
Hash identifier: lc0Y1T8D0rdIHxgaUKoXsLEbDixEoA7BevU2Ul9K3zk=
Subject key identifier: 4B:4C:8A:E5:0E:D6:1D:9B:DA:DF:A2:1B:BB:40:76:00:0E:25:8E:1C
Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial: 0182D71E165C585E11DA145D60CEE31C0A29
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/S0yK5Q7WHZva36Ibu0B2AA4ljhw.roa
Signing time: Thu 25 Aug 2022 22:27:29 +0000
ROA not before: Thu 25 Aug 2022 22:27:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210483
IP address blocks: 109.107.130.0/24 maxlen: 24
2a11:cd40:f00d::/48 maxlen: 48
2a11:cd40::/48 maxlen: 48
2a11:cd40:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d7:1e:16:5c:58:5e:11:da:14:5d:60:ce:e3:1c:0a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Validity
Not Before: Aug 25 22:27:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b4c8ae50ed61d9bdadfa21bbb4076000e258e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:70:9f:90:e7:7c:73:53:78:48:4e:3e:d1:0a:
ab:eb:4c:c4:df:d0:02:e7:89:60:42:ae:95:5a:0d:
7f:4e:8f:77:a7:5f:4a:33:71:aa:6f:22:87:6b:29:
36:3f:6f:d5:22:e9:82:0e:06:e1:44:f1:63:65:a2:
02:59:78:cd:90:dc:f0:d0:1b:ec:d5:ef:ce:28:db:
d0:7e:7d:d3:d2:e9:c6:3e:d8:6a:15:75:2d:4c:9b:
e8:e9:56:f6:f8:85:08:fb:9d:af:ea:5d:4c:50:a1:
e6:a5:39:81:30:b8:8c:7c:85:55:26:6f:f8:fc:7e:
24:0f:52:11:00:a1:f4:f3:7e:00:1b:81:ee:64:04:
5f:e3:aa:c1:d2:c4:1e:fe:7a:b8:0a:69:18:79:82:
da:0f:a0:5d:a4:95:9e:3a:92:9f:77:96:44:b0:1d:
c3:a0:6c:fa:eb:23:9b:02:2b:0b:ff:14:af:2f:71:
c6:2a:ab:5c:56:54:fc:fd:b7:e3:24:a5:9d:5d:8a:
dd:c6:75:62:7d:a8:5c:19:d6:ac:1a:6c:d8:a5:3b:
ab:cd:83:d8:29:cc:29:22:31:11:57:d3:6d:31:e5:
75:1f:69:8b:95:5d:25:ac:7b:77:89:a2:4d:b1:ea:
34:ae:78:f9:9f:e7:46:d1:f5:ad:02:4c:00:50:b0:
49:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4C:8A:E5:0E:D6:1D:9B:DA:DF:A2:1B:BB:40:76:00:0E:25:8E:1C
X509v3 Authority Key Identifier:
keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/S0yK5Q7WHZva36Ibu0B2AA4ljhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.130.0/24
IPv6:
2a11:cd40::/48
2a11:cd40:1000::/48
2a11:cd40:f00d::/48
Signature Algorithm: sha256WithRSAEncryption
43:15:89:22:b7:ec:8f:a6:72:58:01:a0:a7:5f:74:dc:5b:9f:
db:c2:42:a2:bd:51:8a:0e:c5:e5:29:fa:e8:fa:12:68:31:e9:
15:7b:57:7f:d8:7e:16:d3:a2:3f:45:14:5a:bc:b9:d4:c1:75:
28:e2:cb:3c:bd:d0:98:3b:57:bd:17:c4:7e:95:08:42:fc:4b:
c1:c4:f1:cf:b1:33:83:7c:39:f2:a9:5c:d4:5f:c9:28:80:33:
c3:23:8d:79:b6:ed:e5:d7:35:bf:94:01:23:34:80:f5:18:ae:
6b:85:b9:47:f6:6f:bd:c8:e4:61:3e:68:fa:91:46:72:25:cb:
bf:a3:2b:32:b6:d3:bb:53:89:db:f1:55:d9:d5:43:1e:e6:21:
c7:98:69:50:ca:ec:23:64:f5:83:2e:b3:f9:41:91:50:46:47:
02:ae:be:ca:cd:57:70:da:0f:14:32:c7:1b:71:1e:29:6d:31:
68:46:60:0b:9e:38:1b:b8:1e:a4:f3:66:f1:e5:3d:1b:2a:9d:
2c:cd:64:32:e0:82:d1:ba:6b:0f:44:0d:25:f5:40:4d:70:5d:
df:e6:72:7e:c5:f8:5f:13:55:fb:88:b7:dd:48:bd:28:c7:4f:
f7:2a:3b:69:ca:b3:52:60:0c:63:d1:13:d6:1f:54:21:e5:cd:
05:70:b6:bc
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYLXHhZcWF4R2hRdYM7jHAopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0
ZWI4N2UwHhcNMjIwODI1MjIyNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjRjOGFlNTBlZDYxZDliZGFkZmEyMWJiYjQwNzYwMDBlMjU4ZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnCfkOd8c1N4SE4+0Qqr60zE39AC
54lgQq6VWg1/To93p19KM3GqbyKHayk2P2/VIumCDgbhRPFjZaICWXjNkNzw0Bvs
1e/OKNvQfn3T0unGPthqFXUtTJvo6Vb2+IUI+52v6l1MUKHmpTmBMLiMfIVVJm/4
/H4kD1IRAKH0834AG4HuZARf46rB0sQe/nq4CmkYeYLaD6BdpJWeOpKfd5ZEsB3D
oGz66yObAisL/xSvL3HGKqtcVlT8/bfjJKWdXYrdxnVifahcGdasGmzYpTurzYPY
KcwpIjERV9NtMeV1H2mLlV0lrHt3iaJNseo0rnj5n+dG0fWtAkwAULBJ0wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEtMiuUO1h2b2t+iG7tAdgAOJY4cMB8GA1UdIwQY
MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt
OTllY2E1NjUxMDIzLzEvUzB5SzVRN1dIWnZhMzZJYnUwQjJBQTRsamh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz
LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAbWuCMCEE
AgACMBsDBwAqEc1AAAADBwAqEc1AEAADBwAqEc1A8A0wDQYJKoZIhvcNAQELBQAD
ggEBAEMViSK37I+mclgBoKdfdNxbn9vCQqK9UYoOxeUp+uj6Emgx6RV7V3/YfhbT
oj9FFFq8udTBdSjiyzy90Jg7V70XxH6VCEL8S8HE8c+xM4N8OfKpXNRfySiAM8Mj
jXm27eXXNb+UASM0gPUYrmuFuUf2b73I5GE+aPqRRnIly7+jKzK207tTidvxVdnV
Qx7mIceYaVDK7CNk9YMus/lBkVBGRwKuvsrNV3DaDxQyxxtxHiltMWhGYAueOBu4
HqTzZvHlPRsqnSzNZDLggtG6aw9EDSX1QE1wXd/mcn7F+F8TVfuIt91IvSjHT/cq
O2nKs1JgDGPRE9YfVCHlzQVwtrw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:21 2023 by rpki-client on console-ams.rpki-client.org