Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/pH3t34bfiqRn__Qwk2YZp_XoqcI.roa
File: pH3t34bfiqRn__Qwk2YZp_XoqcI.roa (raw, json)
Hash identifier: oGd450gR/cB37rsdm7iJXrqBH6NrvUPhId1alvOfKQ8=
Subject key identifier: A4:7D:ED:DF:86:DF:8A:A4:67:FF:F4:30:93:66:19:A7:F5:E8:A9:C2
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 4D02BF53
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/pH3t34bfiqRn__Qwk2YZp_XoqcI.roa
Signing time: Sat 01 Jan 2022 15:56:16 +0000
ROA not before: Sat 01 Jan 2022 15:56:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50809
IP address blocks: 109.226.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1292025683 (0x4d02bf53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 15:56:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a47deddf86df8aa467fff430936619a7f5e8a9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:cc:27:52:91:96:e1:8d:1d:3a:ed:eb:54:
4c:06:bb:3f:3a:3e:9d:15:16:78:e5:09:79:cf:02:
2c:f5:e9:c9:07:17:12:bf:20:48:60:40:08:86:f7:
9e:63:f7:40:ab:e4:cb:7c:5d:7f:75:99:62:93:93:
2f:f8:73:67:d8:39:a8:d6:11:9a:cd:5d:61:24:72:
0a:c9:0b:9d:94:a3:fa:0b:71:08:e5:5c:28:42:09:
64:8e:11:64:b9:3f:c4:3b:10:ef:a8:c8:d7:56:ed:
40:2d:d0:e5:4b:cf:06:52:df:0c:a3:2c:78:22:ad:
86:c8:6d:24:64:a0:f2:0a:40:97:d7:d3:eb:79:7e:
93:7e:e8:84:14:d8:a7:ee:c3:a0:22:fa:8c:94:63:
9e:46:8c:11:9d:f3:19:d4:3d:a0:a8:7d:46:62:45:
2d:ce:d2:e1:49:92:a4:0a:37:00:27:02:03:e7:33:
83:91:40:ff:30:51:eb:ae:22:22:44:96:40:c5:db:
f2:1b:7a:97:e8:aa:dd:b5:8b:45:0a:9d:31:ac:2c:
a6:37:76:72:ac:fa:b1:3f:c8:70:3b:5f:4d:74:c7:
00:b8:46:0b:09:3f:d4:70:70:61:8a:ec:9d:66:d2:
a0:08:ba:f6:e2:d2:3d:7b:b2:7f:89:68:79:91:75:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:7D:ED:DF:86:DF:8A:A4:67:FF:F4:30:93:66:19:A7:F5:E8:A9:C2
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/pH3t34bfiqRn__Qwk2YZp_XoqcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.249.0/24
Signature Algorithm: sha256WithRSAEncryption
42:15:2c:e9:c0:51:d2:a4:37:92:94:f3:d3:86:ba:88:d4:1d:
34:a0:aa:f9:24:d1:1c:6b:dc:34:dd:84:28:a0:63:a7:69:76:
e2:62:04:74:04:67:ea:9e:11:d1:10:58:ed:13:86:d0:e8:4f:
eb:29:ce:a4:d7:39:42:e0:a9:ff:fa:23:dc:72:8e:65:b3:fc:
e9:33:7d:83:7e:75:92:10:7a:1d:73:f0:30:79:05:9d:96:4f:
06:61:53:db:bb:b8:a8:83:e0:eb:26:c7:0b:bf:de:d1:1e:85:
49:30:1e:0d:e3:48:de:7e:34:46:fc:79:1f:c8:3d:cc:04:b7:
d4:2d:8b:82:22:f0:25:f2:73:7e:2a:9f:04:10:5c:2b:6e:cc:
a5:41:cb:75:51:0d:70:e1:2f:60:c0:ed:97:2a:d5:08:9e:cd:
6b:d6:69:46:f3:1a:fc:6d:eb:bc:aa:27:66:b5:95:ac:b7:3c:
d5:87:97:be:cf:28:00:e9:72:fd:55:66:38:ce:52:b8:99:81:
48:19:c0:67:bb:23:05:61:4f:60:14:1e:ad:eb:43:1a:2d:ed:
fa:b3:70:06:8d:df:32:b8:43:38:96:79:e7:f4:84:27:57:4c:
e6:19:49:da:73:4a:9b:b4:cf:aa:b4:09:e0:79:51:5c:b3:59:
33:9d:43:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIETQK/UzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdmNzQ3ZGY1ZjI0MzUzMTU0ZGM0ZDRiZjcwZDJkZGNiNTNlOTAwMB4XDTIyMDEw
MTE1NTYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ3ZGVkZGY4NmRm
OGFhNDY3ZmZmNDMwOTM2NjE5YTdmNWU4YTljMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1tzCdSkZbhjR067etUTAa7Pzo+nRUWeOUJec8CLPXpyQcX
Er8gSGBACIb3nmP3QKvky3xdf3WZYpOTL/hzZ9g5qNYRms1dYSRyCskLnZSj+gtx
COVcKEIJZI4RZLk/xDsQ76jI11btQC3Q5UvPBlLfDKMseCKthshtJGSg8gpAl9fT
63l+k37ohBTYp+7DoCL6jJRjnkaMEZ3zGdQ9oKh9RmJFLc7S4UmSpAo3ACcCA+cz
g5FA/zBR664iIkSWQMXb8ht6l+iq3bWLRQqdMawspjd2cqz6sT/IcDtfTXTHALhG
Cwk/1HBwYYrsnWbSoAi69uLSPXuyf4loeZF1dJkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSkfe3fht+KpGf/9DCTZhmn9eipwjAfBgNVHSMEGDAWgBSuf3R99fJDUxVN
xNS/cNLdy1PpADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuOTBmZlh5UTFNVlRjVFV2M0RTM2N0VDZRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8x
L3BIM3QzNGJmaXFSbl9fUXdrMllacF9Yb3FjSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8xL3JuOTBmZlh5UTFN
VlRjVFV2M0RTM2N0VDZRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3i+TANBgkqhkiG9w0BAQsFAAOC
AQEAQhUs6cBR0qQ3kpTz04a6iNQdNKCq+STRHGvcNN2EKKBjp2l24mIEdARn6p4R
0RBY7ROG0OhP6ynOpNc5QuCp//oj3HKOZbP86TN9g351khB6HXPwMHkFnZZPBmFT
27u4qIPg6ybHC7/e0R6FSTAeDeNI3n40Rvx5H8g9zAS31C2LgiLwJfJzfiqfBBBc
K27MpUHLdVENcOEvYMDtlyrVCJ7Na9ZpRvMa/G3rvKonZrWVrLc81YeXvs8oAOly
/VVmOM5SuJmBSBnAZ7sjBWFPYBQeretDGi3t+rNwBo3fMrhDOJZ55/SEJ1dM5hlJ
2nNKm7TPqrQJ4HlRXLNZM51DCQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:21 2025 by rpki-client