Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/cH5IOCszF5Iby-OTfn48EL_j0cI.roa
File: cH5IOCszF5Iby-OTfn48EL_j0cI.roa (raw, json)
Hash identifier: 6u4UulsPVspKeYKfjfZx/xrr2JDsJ9wBjdPdH6jOOiM=
Subject key identifier: 70:7E:48:38:2B:33:17:92:1B:CB:E3:93:7E:7E:3C:10:BF:E3:D1:C2
Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Certificate serial: 264C2C
Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/cH5IOCszF5Iby-OTfn48EL_j0cI.roa
Signing time: Sat 01 Jan 2022 02:54:33 +0000
ROA not before: Sat 01 Jan 2022 02:54:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210483
IP address blocks: 109.107.130.0/24 maxlen: 24
2a11:cd40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2509868 (0x264c2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e
Validity
Not Before: Jan 1 02:54:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=707e48382b3317921bcbe3937e7e3c10bfe3d1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:60:db:35:30:3b:fc:7f:fb:3f:82:91:55:32:
54:49:86:12:d3:19:a2:a2:92:2d:d0:22:70:bb:ec:
02:45:e0:c0:0e:12:a0:b3:78:bf:09:b2:cd:d8:34:
d7:46:ea:a3:28:74:95:87:65:ad:8a:0a:6d:26:ba:
15:6d:e7:24:92:b1:58:fb:d4:eb:ad:35:8f:e3:7f:
f2:40:01:3a:19:08:81:98:a5:57:63:ea:04:dc:56:
b5:e2:d3:16:94:b3:38:c2:0e:ba:fa:f3:94:cb:b9:
80:81:b5:f7:77:3f:4d:d7:da:be:df:82:e8:53:46:
23:5a:55:f0:64:29:9a:7c:58:bd:23:99:fd:42:44:
98:ec:7c:d5:13:58:03:00:22:ab:d2:e1:2d:08:88:
5c:67:1e:06:b4:03:c7:cb:7c:be:e3:55:86:15:e0:
68:64:c9:76:f9:9f:40:53:4b:bc:f1:2b:09:80:73:
a8:a9:b4:6e:1f:4e:47:69:90:b3:bc:06:4f:58:0e:
5b:2e:ac:14:19:af:9f:2a:5f:22:88:94:4f:c5:43:
9a:2f:a2:b9:a8:bf:e8:71:b4:92:20:ed:61:bc:de:
31:e2:11:5b:aa:33:e3:71:44:c4:2e:94:49:a7:79:
ff:94:c7:ad:a8:2c:fa:5c:ce:f4:a4:61:c3:92:d0:
03:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7E:48:38:2B:33:17:92:1B:CB:E3:93:7E:7E:3C:10:BF:E3:D1:C2
X509v3 Authority Key Identifier:
keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/cH5IOCszF5Iby-OTfn48EL_j0cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.130.0/24
IPv6:
2a11:cd40::/48
Signature Algorithm: sha256WithRSAEncryption
19:b1:0d:48:b9:b0:bd:5e:af:f1:dd:b8:5f:31:95:e6:b4:75:
77:f3:8a:05:0a:e0:58:1f:91:93:54:d1:ea:70:f9:a2:07:f4:
22:e3:34:f3:65:a7:b4:ca:5c:cf:70:28:01:a9:a1:5f:a8:9b:
ed:0e:9e:58:43:d6:3d:62:4c:69:4c:d3:67:10:e9:e0:80:31:
8a:38:9f:89:ad:5d:58:17:29:33:f5:c6:db:fc:ff:75:5f:1f:
ca:a5:e5:af:f1:d6:83:eb:d3:af:40:64:36:10:b8:96:c3:80:
ee:b3:b9:c3:57:85:9e:d7:94:1a:40:5c:57:fd:a4:e6:10:1e:
7a:d0:45:39:47:9b:ba:59:a8:15:84:86:67:89:42:95:89:f5:
04:ea:13:17:fe:62:7b:f5:64:ad:54:6f:2b:88:70:29:f3:8d:
aa:4f:03:93:81:f7:29:00:ba:0b:61:ed:83:4a:67:02:39:a2:
3e:fa:79:56:a6:2f:ca:10:48:14:fd:64:27:d8:16:62:5c:ac:
35:24:88:ab:54:eb:b4:27:ed:ff:58:f6:cc:7d:55:2b:2b:4f:
cd:16:ed:c5:ef:91:d6:92:f6:16:d7:bb:ce:5a:aa:71:ab:49:
b7:2e:99:ac:71:a6:e8:fd:d5:8b:9a:88:a0:25:c8:ef:46:fe:
a1:75:7e:f9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIDJkwsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI5
YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0ZWI4N2UwHhcNMjIwMTAx
MDI1NDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MDdlNDgzODJiMzMx
NzkyMWJjYmUzOTM3ZTdlM2MxMGJmZTNkMWMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAh2DbNTA7/H/7P4KRVTJUSYYS0xmiopIt0CJwu+wCReDADhKg
s3i/CbLN2DTXRuqjKHSVh2WtigptJroVbeckkrFY+9TrrTWP43/yQAE6GQiBmKVX
Y+oE3Fa14tMWlLM4wg66+vOUy7mAgbX3dz9N19q+34LoU0YjWlXwZCmafFi9I5n9
QkSY7HzVE1gDACKr0uEtCIhcZx4GtAPHy3y+41WGFeBoZMl2+Z9AU0u88SsJgHOo
qbRuH05HaZCzvAZPWA5bLqwUGa+fKl8iiJRPxUOaL6K5qL/ocbSSIO1hvN4x4hFb
qjPjcUTELpRJp3n/lMetqCz6XM70pGHDktADCQIDAQABo4ICGjCCAhYwHQYDVR0O
BBYEFHB+SDgrMxeSG8vjk35+PBC/49HCMB8GA1UdIwQYMBaAFLnDYzrL9jwuyxAg
W5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIzLzEv
Y0g1SU9Dc3pGNUlieS1PVGZuNDhFTF9qMGNJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8w
Y2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIzLzEvdWNOak9zdjJQQzdM
RUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAG
CCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAbWuCMA8EAgACMAkDBwAqEc1AAAAw
DQYJKoZIhvcNAQELBQADggEBABmxDUi5sL1er/HduF8xlea0dXfzigUK4FgfkZNU
0epw+aIH9CLjNPNlp7TKXM9wKAGpoV+om+0OnlhD1j1iTGlM02cQ6eCAMYo4n4mt
XVgXKTP1xtv8/3VfH8ql5a/x1oPr069AZDYQuJbDgO6zucNXhZ7XlBpAXFf9pOYQ
HnrQRTlHm7pZqBWEhmeJQpWJ9QTqExf+Ynv1ZK1UbyuIcCnzjapPA5OB9ykAugth
7YNKZwI5oj76eVamL8oQSBT9ZCfYFmJcrDUkiKtU67Qn7f9Y9sx9VSsrT80W7cXv
kdaS9hbXu85aqnGrSbcumaxxpuj91YuaiKAlyO9G/qF1fvk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:28 2023 by rpki-client on console-fra.rpki-client.org