Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/mI0ggnyhDOWK2dE4_ZZsA3JONuE.roa
File: mI0ggnyhDOWK2dE4_ZZsA3JONuE.roa (raw, json)
Hash identifier: ScSeSBKC5MhJXmGB9v/bITX2vxOVgctNut95HSV7Jgs=
Subject key identifier: 98:8D:20:82:7C:A1:0C:E5:8A:D9:D1:38:FD:96:6C:03:72:4E:36:E1
Certificate issuer: /CN=2cce5d51fa75bbb6ed962a4166ef6f8630a02581
Certificate serial: 01856B2E7AED5F73C183571047F50B2E689A
Authority key identifier: 2C:CE:5D:51:FA:75:BB:B6:ED:96:2A:41:66:EF:6F:86:30:A0:25:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LM5dUfp1u7btlipBZu9vhjCgJYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/mI0ggnyhDOWK2dE4_ZZsA3JONuE.roa
Signing time: Sun 01 Jan 2023 02:34:46 +0000
ROA not before: Sun 01 Jan 2023 02:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212302
IP address blocks: 109.70.239.0/24 maxlen: 24
2a0c:2bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:2e:7a:ed:5f:73:c1:83:57:10:47:f5:0b:2e:68:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cce5d51fa75bbb6ed962a4166ef6f8630a02581
Validity
Not Before: Jan 1 02:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=988d20827ca10ce58ad9d138fd966c03724e36e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:fe:ee:b2:8e:74:39:96:83:5a:93:a6:8a:
f6:3f:63:f3:f1:36:af:53:a6:a7:3e:64:e8:53:59:
c4:0b:f0:98:a2:3b:bf:4a:b4:77:c0:75:fb:6d:23:
28:16:69:25:32:81:ee:7c:fe:11:5d:19:a2:99:79:
6d:ce:24:4e:64:9c:33:20:bd:7c:52:32:ef:b7:f5:
5c:7c:58:ed:65:8a:5d:d8:f4:81:99:ac:b1:9f:56:
ab:e4:e3:0a:d9:09:b9:d0:3f:b7:4e:3d:85:59:be:
9a:d8:7b:d4:d7:45:dc:d0:17:c8:29:5c:e0:7f:29:
d0:29:61:24:58:0f:e6:2f:6a:98:aa:54:7b:48:e2:
2a:f3:e5:cd:a1:59:d2:7a:e1:ad:7a:4e:db:99:90:
68:f7:ac:6e:3e:c6:65:6f:23:1f:40:87:3c:59:ad:
c5:38:79:8f:d9:de:4d:6c:da:26:01:97:27:4b:88:
e1:a4:1b:68:ea:9e:a7:88:01:c6:fc:b5:42:b6:6e:
f0:76:80:cf:22:57:3b:6c:e6:41:38:b0:ee:2f:5f:
6f:c3:f1:54:40:7f:3c:c4:f1:94:86:c5:09:e3:e2:
83:9b:4d:16:cf:3a:f2:d9:4d:b8:b0:61:bb:8c:38:
2b:ce:5e:28:51:36:70:bd:a8:b1:12:62:e7:da:8a:
fe:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8D:20:82:7C:A1:0C:E5:8A:D9:D1:38:FD:96:6C:03:72:4E:36:E1
X509v3 Authority Key Identifier:
keyid:2C:CE:5D:51:FA:75:BB:B6:ED:96:2A:41:66:EF:6F:86:30:A0:25:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LM5dUfp1u7btlipBZu9vhjCgJYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/mI0ggnyhDOWK2dE4_ZZsA3JONuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2b5ed6-3a7c-4631-b49d-bf55b8b1669c/1/LM5dUfp1u7btlipBZu9vhjCgJYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.239.0/24
IPv6:
2a0c:2bc0::/29
Signature Algorithm: sha256WithRSAEncryption
93:4d:8b:9b:5f:53:90:19:d5:89:5d:b0:93:17:a8:03:c2:66:
ed:36:52:3c:ed:66:e7:ef:ef:fe:95:ff:84:4b:1d:4b:38:bf:
cd:21:94:b0:f7:d1:c2:9e:03:ec:36:eb:42:5f:dc:44:9f:9b:
02:3a:fa:21:a3:07:8a:c7:95:97:e6:19:be:fa:d1:bd:c2:ad:
53:0c:b6:b5:f6:3c:21:68:7e:7f:a3:4f:df:5c:23:90:11:d1:
26:e7:89:b2:e1:e3:cb:73:8c:42:a6:15:19:68:1e:74:7e:1d:
f3:e7:06:fa:2a:87:a3:37:4c:18:86:74:d4:92:2a:7d:e4:d8:
15:92:6c:f5:30:04:fc:c8:66:8b:4e:a4:7b:e5:89:f7:c8:77:
5f:8f:ff:0e:b7:fe:6d:44:a9:e7:93:da:d0:1f:db:ed:dd:29:
73:4e:e3:27:5a:d1:53:db:2e:45:60:6f:60:34:40:b0:fe:d2:
62:00:51:f6:0a:98:6f:cb:ec:13:44:de:bd:8d:ed:fa:09:36:
48:02:98:a3:63:75:44:21:c3:72:5f:e0:60:f9:53:8d:5a:4e:
6f:0b:dc:60:9b:4f:4f:d4:0f:98:4c:45:2e:5e:b4:9c:c2:42:
d7:ac:72:2f:39:6b:82:e8:13:bc:a4:4e:f4:1a:49:d8:f4:63:
a4:b3:5a:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrLnrtX3PBg1cQR/ULLmiaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjY2U1ZDUxZmE3NWJiYjZlZDk2MmE0MTY2ZWY2Zjg2MzBh
MDI1ODEwHhcNMjMwMTAxMDIzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhkMjA4MjdjYTEwY2U1OGFkOWQxMzhmZDk2NmMwMzcyNGUzNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk47+7rKOdDmWg1qTpor2P2Pz8Tav
U6anPmToU1nEC/CYoju/SrR3wHX7bSMoFmklMoHufP4RXRmimXltziROZJwzIL18
UjLvt/VcfFjtZYpd2PSBmayxn1ar5OMK2Qm50D+3Tj2FWb6a2HvU10Xc0BfIKVzg
fynQKWEkWA/mL2qYqlR7SOIq8+XNoVnSeuGtek7bmZBo96xuPsZlbyMfQIc8Wa3F
OHmP2d5NbNomAZcnS4jhpBto6p6niAHG/LVCtm7wdoDPIlc7bOZBOLDuL19vw/FU
QH88xPGUhsUJ4+KDm00Wzzry2U24sGG7jDgrzl4oUTZwvaixEmLn2or+SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJiNIIJ8oQzlitnROP2WbANyTjbhMB8GA1UdIwQY
MBaAFCzOXVH6dbu27ZYqQWbvb4YwoCWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE01ZFVmcDF1N2J0bGlwQlp1OXZoakNnSllFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yYjVlZDYtM2E3Yy00NjMxLWI0OWQt
YmY1NWI4YjE2NjljLzEvbUkwZ2dueWhET1dLMmRFNF9aWnNBM0pPTnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yYjVlZDYtM2E3Yy00NjMxLWI0OWQtYmY1NWI4YjE2Njlj
LzEvTE01ZFVmcDF1N2J0bGlwQlp1OXZoakNnSllFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbUbvMA0E
AgACMAcDBQMqDCvAMA0GCSqGSIb3DQEBCwUAA4IBAQCTTYubX1OQGdWJXbCTF6gD
wmbtNlI87Wbn7+/+lf+ESx1LOL/NIZSw99HCngPsNutCX9xEn5sCOvohoweKx5WX
5hm++tG9wq1TDLa19jwhaH5/o0/fXCOQEdEm54my4ePLc4xCphUZaB50fh3z5wb6
KoejN0wYhnTUkip95NgVkmz1MAT8yGaLTqR75Yn3yHdfj/8Ot/5tRKnnk9rQH9vt
3SlzTuMnWtFT2y5FYG9gNECw/tJiAFH2Cphvy+wTRN69je36CTZIApijY3VEIcNy
X+Bg+VONWk5vC9xgm09P1A+YTEUuXrScwkLXrHIvOWuC6BO8pE70GknY9GOks1q/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:51 2025 by rpki-client