Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/8hovf3GQlEVI3yOehHmFAFShYAA.roa
File: 8hovf3GQlEVI3yOehHmFAFShYAA.roa (raw, json)
Hash identifier: NUKRbl5+Fs4T0CFo3d1lhloOli7lFeIKN4NitDA5wzU=
Subject key identifier: F2:1A:2F:7F:71:90:94:45:48:DF:23:9E:84:79:85:00:54:A1:60:00
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018809B04FCFF689A71D6E0AA73A98DB1BC2
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/8hovf3GQlEVI3yOehHmFAFShYAA.roa
Signing time: Thu 11 May 2023 07:22:09 +0000
ROA not before: Thu 11 May 2023 07:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211584
IP address blocks: 109.72.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:09:b0:4f:cf:f6:89:a7:1d:6e:0a:a7:3a:98:db:1b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 11 07:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f21a2f7f7190944548df239e8479850054a16000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:4b:bf:c7:f8:3a:49:4a:8f:fc:d1:1d:95:
35:dd:33:5a:2f:1d:96:c8:02:ff:3f:56:ef:af:c2:
3a:94:0f:ea:20:5f:a5:b6:d3:c5:af:41:54:31:b8:
c5:fd:94:cd:48:fc:dc:62:46:0c:d2:7a:a1:41:2b:
9c:15:c5:f7:33:28:76:84:48:34:97:23:f7:bb:b4:
d7:f5:b6:11:40:e0:87:19:5d:29:3f:ef:d7:81:d3:
c1:27:64:81:0e:c1:7a:fe:c2:11:98:bc:51:c3:5c:
83:c0:90:3c:0b:e3:75:8a:9c:5f:95:6d:73:9d:62:
31:18:79:83:40:29:c7:4d:41:b7:75:fd:08:dc:9a:
6e:23:f3:18:3d:4f:9c:6e:36:61:d6:da:a4:6e:8a:
e0:35:5b:b7:cd:22:cd:ba:e7:79:0e:ee:1d:34:61:
71:c1:c0:e5:f6:3a:dc:db:e9:ed:c4:03:e7:45:8b:
9b:8c:03:c8:7a:c7:05:42:cc:e4:9b:3d:9c:9c:f2:
de:cd:0f:cd:7b:91:10:63:c7:1c:44:c2:44:17:8c:
96:5c:b1:a4:74:de:be:54:7f:58:21:87:b5:2b:28:
19:f5:58:36:e7:7b:de:e4:17:eb:ab:ac:24:52:c5:
86:53:3a:2d:e9:17:5d:da:8f:df:e9:e0:9b:da:e8:
7a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1A:2F:7F:71:90:94:45:48:DF:23:9E:84:79:85:00:54:A1:60:00
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/8hovf3GQlEVI3yOehHmFAFShYAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.114.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d8:fc:78:7b:90:85:6e:7d:b3:89:03:74:87:69:62:a8:b0:
25:83:e8:4e:b8:e0:42:17:b5:7d:d9:f7:40:d1:98:4d:e6:88:
74:c9:4c:c3:de:2e:ab:86:91:fb:29:3a:1e:26:44:b3:ca:a9:
0e:cf:dc:54:2f:ac:09:28:66:77:a0:12:5c:c1:f0:35:e8:00:
cf:88:a6:ff:52:cf:38:e1:19:0a:7a:10:86:fb:93:81:1f:c1:
7f:ba:1f:71:89:64:d5:c1:f4:b1:2a:71:ff:7b:8c:c2:8d:10:
2c:41:f0:38:e5:7c:37:f7:a8:1c:fa:d3:75:9a:8c:43:04:00:
d0:f8:b2:4e:60:93:c7:eb:57:df:2a:1d:da:6e:62:db:a9:75:
d1:f0:6d:eb:d3:db:6c:ae:6a:b7:29:89:d8:7e:fe:4d:7b:d5:
fb:9b:f1:d7:20:be:89:ac:17:ab:3a:72:02:c2:51:67:44:14:
37:1f:69:fc:70:17:0a:af:c0:bf:5f:69:d1:49:51:1a:5d:e1:
8f:e5:1d:b9:5e:44:bc:d9:01:3e:4f:75:b5:39:ab:e7:9a:37:
62:90:dd:3a:5e:f1:ea:7f:a8:d5:a1:97:97:11:db:7f:4c:86:
7b:85:ec:8a:2b:c3:03:0b:1d:c7:35:e8:14:9c:43:48:61:64:
a8:35:bb:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgJsE/P9omnHW4KpzqY2xvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTExMDcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjFhMmY3ZjcxOTA5NDQ1NDhkZjIzOWU4NDc5ODUwMDU0YTE2MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthxLv8f4OklKj/zRHZU13TNaLx2W
yAL/P1bvr8I6lA/qIF+lttPFr0FUMbjF/ZTNSPzcYkYM0nqhQSucFcX3Myh2hEg0
lyP3u7TX9bYRQOCHGV0pP+/XgdPBJ2SBDsF6/sIRmLxRw1yDwJA8C+N1ipxflW1z
nWIxGHmDQCnHTUG3df0I3JpuI/MYPU+cbjZh1tqkborgNVu3zSLNuud5Du4dNGFx
wcDl9jrc2+ntxAPnRYubjAPIescFQszkmz2cnPLezQ/Ne5EQY8ccRMJEF4yWXLGk
dN6+VH9YIYe1KygZ9Vg253ve5Bfrq6wkUsWGUzot6Rdd2o/f6eCb2uh67QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIaL39xkJRFSN8jnoR5hQBUoWAAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvOGhvdmYzR1FsRVZJM3lPZWhIbUZBRlNoWUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUhyMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ2Px4e5CFbn2ziQN0h2liqLAlg+hOuOBCF7V92fdA
0ZhN5oh0yUzD3i6rhpH7KToeJkSzyqkOz9xUL6wJKGZ3oBJcwfA16ADPiKb/Us84
4RkKehCG+5OBH8F/uh9xiWTVwfSxKnH/e4zCjRAsQfA45Xw396gc+tN1moxDBADQ
+LJOYJPH61ffKh3abmLbqXXR8G3r09tsrmq3KYnYfv5Ne9X7m/HXIL6JrBerOnIC
wlFnRBQ3H2n8cBcKr8C/X2nRSVEaXeGP5R25XkS82QE+T3W1OavnmjdikN06XvHq
f6jVoZeXEdt/TIZ7heyKK8MDCx3HNegUnENIYWSoNbvn
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:49 2025 by rpki-client