Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/cawPx7x8niZZkw-58MyPoM4sdEE.roa
File: cawPx7x8niZZkw-58MyPoM4sdEE.roa (raw, json)
Hash identifier: 3GXz/6JYRRxdSqKae0B89kStV+SMzc7Vf+MgxJBj93U=
Subject key identifier: 71:AC:0F:C7:BC:7C:9E:26:59:93:0F:B9:F0:CC:8F:A0:CE:2C:74:41
Certificate issuer: /CN=0d44da5c1904095860e868180573ee3c895a7b45
Certificate serial: 0185728C86F504F78E73C6D6F6C14CFAD86A
Authority key identifier: 0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/cawPx7x8niZZkw-58MyPoM4sdEE.roa
Signing time: Mon 02 Jan 2023 12:54:50 +0000
ROA not before: Mon 02 Jan 2023 12:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 109.71.55.0/24 maxlen: 24
109.71.54.0/24 maxlen: 24
2a03:3b00:1::/48 maxlen: 48
2a03:3b00:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:86:f5:04:f7:8e:73:c6:d6:f6:c1:4c:fa:d8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d44da5c1904095860e868180573ee3c895a7b45
Validity
Not Before: Jan 2 12:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71ac0fc7bc7c9e2659930fb9f0cc8fa0ce2c7441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0a:2b:ce:2d:e2:8b:40:90:3a:c0:2b:85:98:
14:8c:a5:9d:ec:ce:b4:dc:58:56:58:a9:c1:45:f8:
a5:e9:82:f4:e8:05:8c:b8:aa:1e:6d:fd:35:e5:4f:
a8:53:76:3a:28:d2:14:0c:76:78:eb:03:4a:af:f5:
df:19:35:10:12:79:16:6e:93:b4:ff:81:57:ba:3e:
6d:c3:a5:18:e4:bc:9e:c8:a2:ea:4e:69:de:c3:18:
d2:57:6c:5b:c8:17:b2:96:50:07:82:39:3c:b2:54:
5d:8d:1b:86:fa:ca:86:99:32:29:29:74:c6:98:37:
63:b7:fc:90:76:18:5f:97:ba:6f:03:ac:3f:3c:09:
25:ce:8f:e1:5a:21:e8:c1:f5:68:b9:6c:ab:35:18:
5f:ec:53:28:bc:41:de:02:03:11:a5:85:f3:d8:d8:
a3:0c:65:ac:a5:d5:6c:2b:11:04:bb:1a:4d:21:99:
f6:99:fc:dd:98:d6:0f:dc:1a:ce:f9:9c:30:e1:62:
f1:a8:22:4b:ca:39:b0:04:b9:27:42:dc:c0:ac:b4:
a5:00:c0:8f:e2:e6:d8:5c:e6:c2:25:dd:07:18:a9:
0c:ce:b3:ef:bb:af:d7:8c:23:47:ef:f8:3f:0d:65:
ef:76:b8:69:50:90:75:d5:26:81:78:ad:e6:90:ce:
9c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AC:0F:C7:BC:7C:9E:26:59:93:0F:B9:F0:CC:8F:A0:CE:2C:74:41
X509v3 Authority Key Identifier:
keyid:0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/cawPx7x8niZZkw-58MyPoM4sdEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.54.0/23
IPv6:
2a03:3b00:1::-2a03:3b00:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:05:91:3b:1d:f1:6e:07:f1:f6:ea:d4:4f:a8:b1:18:4c:a4:
7c:f9:25:1f:60:a6:25:a5:53:84:55:da:44:da:ea:eb:21:80:
b3:c8:06:8e:0a:e3:e1:be:15:f6:b8:67:e0:8d:fb:a7:9e:c7:
38:cb:a4:01:09:76:3c:97:86:82:c3:23:ec:02:60:ea:f8:60:
a5:b1:d8:84:fa:b8:59:7c:d1:23:ff:fe:a8:23:2f:53:99:87:
81:0b:ba:42:45:03:7e:1f:86:5f:44:65:ef:82:60:f1:ce:33:
10:c3:4c:35:73:70:f5:c2:63:37:5f:e5:4d:23:5c:94:68:53:
8b:ec:88:c2:3c:ef:1b:f0:d7:07:e7:a4:36:82:06:ff:96:2c:
24:2b:76:49:16:23:32:1c:dc:c5:66:23:42:fb:71:98:f5:12:
27:b9:57:69:c1:e3:92:7e:42:48:93:ce:d6:eb:26:92:fd:80:
a1:21:ea:7e:04:d5:8e:ed:4f:83:ed:d7:a4:9b:d5:98:4c:68:
2d:ce:de:78:c3:bf:e3:ab:82:a0:26:80:b5:df:e3:d2:65:b1:
8d:f8:1e:6f:ad:07:52:ac:84:81:1b:3c:74:f5:8d:d8:e5:19:
12:c9:09:66:e0:36:14:7d:b7:85:8c:6d:bf:0c:dd:43:9b:8a:
84:e8:fb:ff
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVyjIb1BPeOc8bW9sFM+thqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDRkYTVjMTkwNDA5NTg2MGU4NjgxODA1NzNlZTNjODk1
YTdiNDUwHhcNMjMwMTAyMTI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWFjMGZjN2JjN2M5ZTI2NTk5MzBmYjlmMGNjOGZhMGNlMmM3NDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQorzi3ii0CQOsArhZgUjKWd7M60
3FhWWKnBRfil6YL06AWMuKoebf015U+oU3Y6KNIUDHZ46wNKr/XfGTUQEnkWbpO0
/4FXuj5tw6UY5LyeyKLqTmnewxjSV2xbyBeyllAHgjk8slRdjRuG+sqGmTIpKXTG
mDdjt/yQdhhfl7pvA6w/PAklzo/hWiHowfVouWyrNRhf7FMovEHeAgMRpYXz2Nij
DGWspdVsKxEEuxpNIZn2mfzdmNYP3BrO+Zww4WLxqCJLyjmwBLknQtzArLSlAMCP
4ubYXObCJd0HGKkMzrPvu6/XjCNH7/g/DWXvdrhpUJB11SaBeK3mkM6cxwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHGsD8e8fJ4mWZMPufDMj6DOLHRBMB8GA1UdIwQY
MBaAFA1E2lwZBAlYYOhoGAVz7jyJWntFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTct
MjdmYjU4MjJiMzJkLzEvY2F3UHg3eDhuaVpaa3ctNThNeVBvTTRzZEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTctMjdmYjU4MjJiMzJk
LzEvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBbUc2MBoE
AgACMBQwEgMHACoDOwAAAQMHACoDOwAAAjANBgkqhkiG9w0BAQsFAAOCAQEAIAWR
Ox3xbgfx9urUT6ixGEykfPklH2CmJaVThFXaRNrq6yGAs8gGjgrj4b4V9rhn4I37
p57HOMukAQl2PJeGgsMj7AJg6vhgpbHYhPq4WXzRI//+qCMvU5mHgQu6QkUDfh+G
X0Rl74Jg8c4zEMNMNXNw9cJjN1/lTSNclGhTi+yIwjzvG/DXB+ekNoIG/5YsJCt2
SRYjMhzcxWYjQvtxmPUSJ7lXacHjkn5CSJPO1usmkv2AoSHqfgTVju1Pg+3XpJvV
mExoLc7eeMO/46uCoCaAtd/j0mWxjfgeb60HUqyEgRs8dPWN2OUZEskJZuA2FH23
hYxtvwzdQ5uKhOj7/w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:26 2025 by rpki-client