Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/99CWHrrDZ51WYrZWevet1yDQOn8.roa
File: 99CWHrrDZ51WYrZWevet1yDQOn8.roa (raw, json)
Hash identifier: mgr7+NdeHITOfjK7+23zbK8pPjckfy+AkrrpPaQZsN8=
Subject key identifier: F7:D0:96:1E:BA:C3:67:9D:56:62:B6:56:7A:F7:AD:D7:20:D0:3A:7F
Certificate issuer: /CN=5a5125afc5ec978b2a321291c2a5570fe619159e
Certificate serial: 106BEE4B
Authority key identifier: 5A:51:25:AF:C5:EC:97:8B:2A:32:12:91:C2:A5:57:0F:E6:19:15:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WlElr8Xsl4sqMhKRwqVXD-YZFZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/99CWHrrDZ51WYrZWevet1yDQOn8.roa
Signing time: Sat 01 Jan 2022 12:02:27 +0000
ROA not before: Sat 01 Jan 2022 12:02:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 192.109.101.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 275508811 (0x106bee4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5125afc5ec978b2a321291c2a5570fe619159e
Validity
Not Before: Jan 1 12:02:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7d0961ebac3679d5662b6567af7add720d03a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:66:87:33:d3:16:ec:12:fa:8e:19:ef:e5:14:
d7:5d:e9:cc:a3:48:2d:45:bb:67:c6:54:fd:26:d5:
2d:c3:a8:e6:0c:cc:5c:5c:8c:7e:a9:0f:d3:67:57:
05:64:86:23:1b:c3:a3:a9:63:8b:83:97:9b:89:ea:
0b:33:f8:1d:49:76:aa:3c:27:87:b2:bd:bf:f3:de:
a0:8a:6f:ec:b4:9c:50:c4:ab:f0:6b:b5:50:42:b0:
a9:b5:4e:9f:73:71:0a:35:3f:6b:ee:aa:5f:ef:4c:
df:e7:f6:f7:6b:b7:09:06:35:9b:9a:bc:04:02:25:
12:f9:a5:47:a2:f4:f7:53:4e:b8:de:30:00:e2:a5:
5a:42:ea:bb:b0:1b:37:78:1c:45:f5:a0:eb:d9:06:
8c:3d:a0:bd:b3:2d:62:1c:d9:69:ad:70:bf:72:77:
1a:ec:33:54:8f:60:01:ca:2d:b2:83:0b:10:40:aa:
64:4e:ea:29:9d:7d:f0:15:20:ec:65:01:f7:17:c6:
38:ec:53:10:95:63:12:dd:a4:9b:5c:e0:e5:bb:8d:
4f:1f:2b:2c:88:28:5c:17:0a:78:9e:e9:ec:31:98:
85:2f:31:09:af:13:5b:96:37:36:38:c5:ce:af:79:
e1:97:43:16:bb:11:64:27:49:27:c6:34:f1:9a:2b:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D0:96:1E:BA:C3:67:9D:56:62:B6:56:7A:F7:AD:D7:20:D0:3A:7F
X509v3 Authority Key Identifier:
keyid:5A:51:25:AF:C5:EC:97:8B:2A:32:12:91:C2:A5:57:0F:E6:19:15:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WlElr8Xsl4sqMhKRwqVXD-YZFZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/99CWHrrDZ51WYrZWevet1yDQOn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7940ab-f7ca-4c07-a123-a6fb4df5481e/1/WlElr8Xsl4sqMhKRwqVXD-YZFZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.101.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:bf:f2:b4:17:30:3f:ba:aa:70:0e:02:a6:97:89:ec:37:b1:
2a:28:87:f1:eb:bb:d7:4d:8e:06:8f:cd:a0:26:98:be:81:b3:
27:9a:06:41:9c:f9:19:fd:94:68:18:a5:4b:ba:8e:b1:4d:bf:
67:bb:c3:d4:9b:37:d9:e2:92:bd:aa:bb:f3:5e:4b:a9:80:d7:
75:22:94:e4:09:8a:8a:69:69:e6:ce:92:51:6c:90:55:78:39:
cc:a3:40:a7:be:c1:52:8c:a8:e5:97:dc:a0:19:7b:a6:c4:bc:
5a:48:0f:79:60:21:e0:db:28:5d:71:11:fc:e6:fa:5c:13:dd:
3c:fc:fd:74:8e:d7:86:fc:78:2f:5d:92:e9:93:87:d3:ad:f0:
b9:ad:97:9d:67:7d:e1:1c:58:e6:41:a5:55:03:ae:2e:b2:53:
67:21:43:0a:8d:d4:cf:a6:ce:a6:ee:8f:70:2a:08:3b:d1:39:
8f:0e:79:3f:f2:96:f5:4a:45:73:d3:4f:bb:a3:53:76:51:f7:
f7:9b:62:8f:54:3b:57:c6:8c:a6:c0:eb:b1:a0:48:d9:96:73:
62:ce:9b:5a:73:ea:2b:8a:2f:ac:af:2b:b7:15:54:b9:a5:3c:
6e:0e:dc:f1:4d:28:66:03:13:91:e7:38:1c:48:7b:07:4c:37:
b6:3b:b8:68
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEGvuSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTUxMjVhZmM1ZWM5NzhiMmEzMjEyOTFjMmE1NTcwZmU2MTkxNTllMB4XDTIyMDEw
MTEyMDIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdkMDk2MWViYWMz
Njc5ZDU2NjJiNjU2N2FmN2FkZDcyMGQwM2E3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBmhzPTFuwS+o4Z7+UU113pzKNILUW7Z8ZU/SbVLcOo5gzM
XFyMfqkP02dXBWSGIxvDo6lji4OXm4nqCzP4HUl2qjwnh7K9v/PeoIpv7LScUMSr
8Gu1UEKwqbVOn3NxCjU/a+6qX+9M3+f292u3CQY1m5q8BAIlEvmlR6L091NOuN4w
AOKlWkLqu7AbN3gcRfWg69kGjD2gvbMtYhzZaa1wv3J3GuwzVI9gAcotsoMLEECq
ZE7qKZ198BUg7GUB9xfGOOxTEJVjEt2km1zg5buNTx8rLIgoXBcKeJ7p7DGYhS8x
Ca8TW5Y3NjjFzq954ZdDFrsRZCdJJ8Y08ZorOZUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT30JYeusNnnVZitlZ6963XINA6fzAfBgNVHSMEGDAWgBRaUSWvxeyXiyoy
EpHCpVcP5hkVnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dsRWxyOFhzbDRzcU1oS1J3cVZYRC1ZWkZaNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvNzk0MGFiLWY3Y2EtNGMwNy1hMTIzLWE2ZmI0ZGY1NDgxZS8x
Lzk5Q1dIcnJEWjUxV1lyWldldmV0MXlEUU9uOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
Nzk0MGFiLWY3Y2EtNGMwNy1hMTIzLWE2ZmI0ZGY1NDgxZS8xL1dsRWxyOFhzbDRz
cU1oS1J3cVZYRC1ZWkZaNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtZTANBgkqhkiG9w0BAQsFAAOC
AQEAXb/ytBcwP7qqcA4CppeJ7DexKiiH8eu7102OBo/NoCaYvoGzJ5oGQZz5Gf2U
aBilS7qOsU2/Z7vD1Js32eKSvaq7815LqYDXdSKU5AmKimlp5s6SUWyQVXg5zKNA
p77BUoyo5ZfcoBl7psS8WkgPeWAh4NsoXXER/Ob6XBPdPPz9dI7Xhvx4L12S6ZOH
063wua2XnWd94RxY5kGlVQOuLrJTZyFDCo3Uz6bOpu6PcCoIO9E5jw55P/KW9UpF
c9NPu6NTdlH395tij1Q7V8aMpsDrsaBI2ZZzYs6bWnPqK4ovrK8rtxVUuaU8bg7c
8U0oZgMTkec4HEh7B0w3tju4aA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:34 2025 by rpki-client