Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2P35OAu-cRWsw36jRRkdpphFgQE.roa
File: 2P35OAu-cRWsw36jRRkdpphFgQE.roa (raw, json)
Hash identifier: Upk6v6kz+poGRQ7WCCodBpdtJbBjDNoXT+CpWjlP58s=
Subject key identifier: D8:FD:F9:38:0B:BE:71:15:AC:C3:7E:A3:45:19:1D:A6:98:45:81:01
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01856EA4A4936FB7E8C69F981D2C29BDC582
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2P35OAu-cRWsw36jRRkdpphFgQE.roa
Signing time: Sun 01 Jan 2023 18:42:41 +0000
ROA not before: Sun 01 Jan 2023 18:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19318
IP address blocks: 109.205.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a4:a4:93:6f:b7:e8:c6:9f:98:1d:2c:29:bd:c5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 18:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8fdf9380bbe7115acc37ea345191da698458101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c4:b3:45:1b:0d:51:17:be:92:62:eb:44:2d:
cb:15:f9:b0:e0:e5:1a:da:7b:fe:e6:72:3d:a7:27:
04:8a:af:5f:53:f9:4f:c8:87:28:77:53:37:45:a3:
39:ce:2e:e8:a5:80:50:f0:95:f8:09:15:fe:ad:82:
2c:25:4f:ab:b9:6c:4f:c7:1e:0d:54:bf:d1:bb:39:
47:3c:46:69:47:48:b7:1a:e0:1e:6b:ee:b4:8f:85:
30:70:80:88:94:f9:61:9a:eb:16:3d:06:ca:b6:b7:
00:96:3f:06:ec:6a:c4:5a:b1:0a:8e:a1:a9:32:04:
34:f7:fb:7d:3e:7e:c3:d0:7b:7c:15:22:78:a5:e3:
f0:c9:17:8e:47:1e:40:3d:f7:1b:8d:0f:17:b4:20:
37:bc:60:b0:98:a1:88:16:4d:d8:6c:4d:7c:38:2c:
2f:0c:ed:6f:85:7d:f8:fb:9a:0a:a3:40:64:ea:3b:
f3:05:f9:bd:3c:6e:5d:73:95:b4:ca:a7:ff:3e:d6:
96:c9:1c:da:e8:5d:c8:1d:4e:f5:94:58:f5:7f:d7:
b3:9d:f0:3e:c9:7a:21:2a:75:b0:94:82:fb:4d:c1:
85:1e:05:39:b0:5e:3e:a4:69:57:9d:d4:84:a7:91:
3b:25:b5:8f:b5:33:cd:9d:a7:ff:f0:35:86:89:47:
bb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FD:F9:38:0B:BE:71:15:AC:C3:7E:A3:45:19:1D:A6:98:45:81:01
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/2P35OAu-cRWsw36jRRkdpphFgQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.213.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:d5:f2:10:d1:9d:d1:22:60:ce:3e:e9:33:57:6b:d4:4d:b4:
6b:76:17:f8:1d:4b:70:70:98:df:40:b2:ef:66:10:c0:45:aa:
4e:c4:86:ef:af:a7:16:35:c1:4e:ce:e1:fd:8f:3c:cd:1c:51:
0a:3b:4f:4a:59:a1:09:f8:b0:25:a7:98:a0:4b:f7:df:09:38:
1e:89:39:9a:82:9b:28:55:10:d6:9a:5f:5a:af:b0:6b:2b:14:
56:ab:7b:94:ad:53:d7:06:fb:49:87:01:84:8c:d1:09:3b:64:
fd:2e:a8:5a:d2:ac:06:84:3a:34:f3:84:67:47:a3:13:89:a6:
01:72:f5:af:94:a5:9c:e2:d8:0a:13:ac:55:5d:7d:db:ef:00:
92:2a:33:b3:d2:3b:80:62:f2:5e:3b:04:3a:ed:fb:e4:d9:0c:
c6:fc:66:6f:e2:e9:9b:08:af:e1:3c:39:1d:0a:e3:96:53:70:
88:ac:3c:c9:69:bc:38:a4:c5:de:c6:b3:95:a4:7b:c1:c1:1d:
78:07:57:78:bc:2f:04:bd:5b:d7:17:b9:36:d4:61:8e:5d:4a:
d9:4b:e0:98:03:f0:81:1c:d9:2e:f0:aa:bb:ec:f8:7b:0f:76:
72:b2:39:2c:ce:8e:81:41:dc:20:94:08:18:0e:ad:c1:ec:5b:
c2:12:2a:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupKSTb7foxp+YHSwpvcWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTAxMTg0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZkZjkzODBiYmU3MTE1YWNjMzdlYTM0NTE5MWRhNjk4NDU4MTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsSzRRsNURe+kmLrRC3LFfmw4OUa
2nv+5nI9pycEiq9fU/lPyIcod1M3RaM5zi7opYBQ8JX4CRX+rYIsJU+ruWxPxx4N
VL/RuzlHPEZpR0i3GuAea+60j4UwcICIlPlhmusWPQbKtrcAlj8G7GrEWrEKjqGp
MgQ09/t9Pn7D0Ht8FSJ4pePwyReORx5APfcbjQ8XtCA3vGCwmKGIFk3YbE18OCwv
DO1vhX34+5oKo0Bk6jvzBfm9PG5dc5W0yqf/PtaWyRza6F3IHU71lFj1f9eznfA+
yXohKnWwlIL7TcGFHgU5sF4+pGlXndSEp5E7JbWPtTPNnaf/8DWGiUe7FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNj9+TgLvnEVrMN+o0UZHaaYRYEBMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMlAzNU9BdS1jUldzdzM2alJSa2RwcGhGZ1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc3VMA0G
CSqGSIb3DQEBCwUAA4IBAQDI1fIQ0Z3RImDOPukzV2vUTbRrdhf4HUtwcJjfQLLv
ZhDARapOxIbvr6cWNcFOzuH9jzzNHFEKO09KWaEJ+LAlp5igS/ffCTgeiTmagpso
VRDWml9ar7BrKxRWq3uUrVPXBvtJhwGEjNEJO2T9Lqha0qwGhDo084RnR6MTiaYB
cvWvlKWc4tgKE6xVXX3b7wCSKjOz0juAYvJeOwQ67fvk2QzG/GZv4umbCK/hPDkd
CuOWU3CIrDzJabw4pMXexrOVpHvBwR14B1d4vC8EvVvXF7k21GGOXUrZS+CYA/CB
HNku8Kq77Ph7D3Zysjkszo6BQdwglAgYDq3B7FvCEio4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:56 2025 by rpki-client