Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/24yHSCl796hCAAaiyn3KRyJ4z8w.roa
File: 24yHSCl796hCAAaiyn3KRyJ4z8w.roa (raw, json)
Hash identifier: G7X8biHQ9QHyEjMGbgVl8GKOMb2EpnCLXZmNI+nGJ1k=
Subject key identifier: DB:8C:87:48:29:7B:F7:A8:42:00:06:A2:CA:7D:CA:47:22:78:CF:CC
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0186B681BC4EA626915B480F0DD3AD9BFA4B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/24yHSCl796hCAAaiyn3KRyJ4z8w.roa
Signing time: Mon 06 Mar 2023 10:40:01 +0000
ROA not before: Mon 06 Mar 2023 10:40:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208046
IP address blocks: 109.205.211.0/24 maxlen: 24
109.205.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:81:bc:4e:a6:26:91:5b:48:0f:0d:d3:ad:9b:fa:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Mar 6 10:40:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db8c8748297bf7a8420006a2ca7dca472278cfcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dd:85:ee:7b:f4:b0:4d:97:c8:52:ca:71:e8:
8a:53:c6:5c:e8:3b:a7:dd:8a:ec:96:ce:8b:d8:61:
9b:8e:29:52:53:7c:c8:cf:bd:f1:37:e3:e7:61:32:
72:d3:5e:87:6e:fe:ff:56:6e:60:2a:f9:db:28:57:
aa:68:e1:79:0b:27:40:a2:29:ea:91:72:6c:ca:9f:
25:8a:ce:ad:c0:57:2e:cc:27:3f:21:12:66:4a:61:
fa:a2:47:43:01:ec:14:f8:7b:b4:38:ce:af:df:dd:
c6:27:83:41:7b:38:eb:1e:8a:d8:80:40:00:8b:b1:
ca:1f:03:ed:98:b3:06:89:a0:9c:87:6b:30:63:d9:
16:55:8e:32:d3:b2:ed:a9:4a:47:83:f0:48:8c:a9:
d6:df:9f:b1:7b:f1:08:6e:9e:9b:72:47:48:86:65:
a6:95:4b:f8:4b:7e:aa:fa:ed:3f:0c:e0:d7:f5:4d:
4a:c2:9a:ac:90:8b:43:c0:ca:8a:13:19:ac:db:fc:
ed:28:d0:85:57:a6:76:76:c5:b2:e0:0a:49:af:7d:
b6:92:f8:2c:3d:d4:d8:e5:1f:02:c8:88:ce:7a:23:
4f:e7:2b:37:d4:91:90:45:05:b9:e6:b3:6b:12:40:
33:6e:0e:85:cc:13:52:cb:9f:36:67:b2:81:54:cf:
51:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8C:87:48:29:7B:F7:A8:42:00:06:A2:CA:7D:CA:47:22:78:CF:CC
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/24yHSCl796hCAAaiyn3KRyJ4z8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.211.0/24
109.205.214.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:bb:54:12:74:d3:0e:78:66:1a:87:a5:da:16:6c:9f:0d:c7:
fa:14:a2:9b:b1:3a:e9:99:70:6b:3d:46:1b:86:a2:3f:a7:2c:
a0:ca:05:fc:49:8b:de:81:91:25:89:4e:be:96:31:89:3a:ce:
72:67:2e:56:78:d5:21:f3:d4:ff:0a:4d:f1:79:a0:31:d5:36:
de:d9:a0:63:1e:ee:bc:0b:51:a6:f8:7e:3b:aa:82:f5:de:b1:
c4:3d:2a:4e:9f:c9:44:43:ea:71:50:5f:2a:ff:9a:e5:f4:c7:
00:9a:e3:bf:7b:58:62:03:29:88:e2:04:fe:c8:9c:ae:cd:6c:
dc:24:48:6d:da:7e:d2:3e:db:3a:1c:30:7a:ef:e2:22:36:be:
c0:76:47:63:0e:de:9e:77:b2:16:c0:77:68:e1:a7:e4:b8:7d:
00:a9:b7:4e:f1:e9:c6:c0:ee:f3:e8:10:1c:7d:a2:2c:85:36:
5f:8b:aa:47:d7:8d:22:d8:d5:48:66:66:a3:63:7c:43:c6:90:
f6:08:1f:1c:cd:b6:14:f1:87:b3:2e:3e:1c:6e:5b:c1:bc:82:
1d:11:3c:de:5d:51:80:c7:84:56:99:0d:53:5b:28:e3:ce:8b:
a1:fe:96:17:58:5a:88:20:4d:70:bb:bd:64:e4:1c:81:55:d1:
75:2d:b5:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYa2gbxOpiaRW0gPDdOtm/pLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMzA2MTA0MDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhjODc0ODI5N2JmN2E4NDIwMDA2YTJjYTdkY2E0NzIyNzhjZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN2F7nv0sE2XyFLKceiKU8Zc6Dun
3Yrsls6L2GGbjilSU3zIz73xN+PnYTJy016Hbv7/Vm5gKvnbKFeqaOF5CydAoinq
kXJsyp8lis6twFcuzCc/IRJmSmH6okdDAewU+Hu0OM6v393GJ4NBezjrHorYgEAA
i7HKHwPtmLMGiaCch2swY9kWVY4y07LtqUpHg/BIjKnW35+xe/EIbp6bckdIhmWm
lUv4S36q+u0/DODX9U1KwpqskItDwMqKExms2/ztKNCFV6Z2dsWy4ApJr322kvgs
PdTY5R8CyIjOeiNP5ys31JGQRQW55rNrEkAzbg6FzBNSy582Z7KBVM9RnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNuMh0gpe/eoQgAGosp9ykcieM/MMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMjR5SFNDbDc5NmhDQUFhaXluM0tSeUo0ejh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbc3TAwQA
bc3WMA0GCSqGSIb3DQEBCwUAA4IBAQDEu1QSdNMOeGYah6XaFmyfDcf6FKKbsTrp
mXBrPUYbhqI/pyygygX8SYvegZEliU6+ljGJOs5yZy5WeNUh89T/Ck3xeaAx1Tbe
2aBjHu68C1Gm+H47qoL13rHEPSpOn8lEQ+pxUF8q/5rl9McAmuO/e1hiAymI4gT+
yJyuzWzcJEht2n7SPts6HDB67+IiNr7AdkdjDt6ed7IWwHdo4afkuH0AqbdO8enG
wO7z6BAcfaIshTZfi6pH140i2NVIZmajY3xDxpD2CB8czbYU8YezLj4cblvBvIId
ETzeXVGAx4RWmQ1TWyjjzouh/pYXWFqIIE1wu71k5ByBVdF1LbXX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:50 2025 by rpki-client