Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/h3SAn6IOEuP6VAu8m0TShzVLyvs.roa
File: h3SAn6IOEuP6VAu8m0TShzVLyvs.roa (raw, json)
Hash identifier: 4PwSqCeGuGP5dtLu7wP7c5VTmNb1e1SqzNXoMBQaa9Y=
Subject key identifier: 87:74:80:9F:A2:0E:12:E3:FA:54:0B:BC:9B:44:D2:87:35:4B:CA:FB
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 0E3B9342
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/h3SAn6IOEuP6VAu8m0TShzVLyvs.roa
Signing time: Wed 20 Apr 2022 06:37:53 +0000
ROA not before: Wed 20 Apr 2022 06:37:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50443
IP address blocks: 109.236.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 238785346 (0xe3b9342)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Apr 20 06:37:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8774809fa20e12e3fa540bbc9b44d287354bcafb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:17:85:fe:86:eb:d4:2c:ca:6d:70:ee:01:bb:
8b:19:e3:8f:c5:d4:1d:74:da:70:f1:88:75:59:dc:
03:50:2a:db:b8:f8:2e:1c:20:50:33:f3:c0:87:eb:
96:d9:9a:ad:1f:1a:b5:e0:56:92:82:41:ba:1d:93:
2b:21:0a:ca:6a:62:fb:69:14:fd:01:55:c1:58:ff:
86:13:88:92:ff:02:e8:cd:da:e5:54:77:91:f2:fd:
86:17:28:29:84:0e:3e:62:dd:6d:79:40:94:22:d2:
14:49:51:c2:fa:be:a2:d9:db:c0:63:05:04:f0:b0:
89:52:62:41:ff:e2:ba:68:57:21:0b:19:35:37:58:
c2:ac:a6:08:48:3c:e6:97:f4:95:d8:70:72:38:60:
e0:c6:a5:dc:c3:c2:e0:47:ff:52:85:3c:5f:50:d7:
16:5e:0f:19:5c:19:9d:a1:d9:31:89:fc:d6:bb:88:
1c:03:4b:48:d8:fe:0b:e8:1d:6d:07:58:21:a2:28:
c7:34:88:bc:de:c5:3f:a6:23:27:21:a4:70:68:64:
c9:21:a3:5f:7c:07:20:b6:ff:1f:a8:92:90:ea:bf:
2c:21:37:b5:24:cd:6d:60:be:a3:cf:06:4f:06:87:
44:de:42:8e:0b:9f:c0:4f:8b:68:3b:f5:de:4e:f2:
f2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:74:80:9F:A2:0E:12:E3:FA:54:0B:BC:9B:44:D2:87:35:4B:CA:FB
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/h3SAn6IOEuP6VAu8m0TShzVLyvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.254.0/23
Signature Algorithm: sha256WithRSAEncryption
55:2c:25:64:c5:3d:49:0d:f3:6b:8a:f4:2f:06:43:63:0f:60:
3f:95:8f:c3:06:7f:88:84:10:72:80:1d:98:0c:6e:1c:d2:81:
82:95:36:7a:70:68:87:3e:e2:79:20:22:bc:e7:57:ac:45:c9:
7a:04:95:50:94:cb:c3:a6:2e:cc:f6:2b:0d:63:c7:89:24:27:
a3:93:83:c1:3f:e0:3a:3e:e7:0f:c2:7c:53:75:5e:00:4a:94:
c8:6d:f3:b9:3b:71:3a:ab:cf:2a:c8:4c:20:20:23:9e:ec:e6:
80:d5:da:84:21:34:75:e5:d8:db:cf:e7:04:a6:f0:c7:be:ee:
ec:a8:ae:33:33:57:c8:01:2f:b8:43:16:7c:80:b1:39:2d:8f:
75:93:2a:03:45:ea:56:26:c1:bf:24:6c:b3:67:1d:56:56:81:
85:a7:a8:8d:ec:63:e9:17:91:0c:7f:fc:37:b4:dc:cd:c3:81:
1b:fb:03:09:ff:9e:23:5e:ec:90:30:06:02:41:84:50:36:6f:
2a:34:6e:3d:26:1c:9e:5e:d0:4c:57:5e:5e:a2:22:f3:05:42:
c7:d4:2e:96:26:ad:1d:35:ac:ce:fa:28:7d:32:32:3d:1d:28:
fb:14:9c:dd:ed:9e:2a:d5:71:5b:5d:07:56:be:6c:77:b7:6d:
fb:71:e5:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDjuTQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2MzNDJjMDZhYWNjMzU5ZDM5NDM5ZmY1OGRlZmE4ZWExODc1NzQ4MB4XDTIyMDQy
MDA2Mzc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc3NDgwOWZhMjBl
MTJlM2ZhNTQwYmJjOWI0NGQyODczNTRiY2FmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwXhf6G69Qsym1w7gG7ixnjj8XUHXTacPGIdVncA1Aq27j4
LhwgUDPzwIfrltmarR8ateBWkoJBuh2TKyEKympi+2kU/QFVwVj/hhOIkv8C6M3a
5VR3kfL9hhcoKYQOPmLdbXlAlCLSFElRwvq+otnbwGMFBPCwiVJiQf/iumhXIQsZ
NTdYwqymCEg85pf0ldhwcjhg4Mal3MPC4Ef/UoU8X1DXFl4PGVwZnaHZMYn81ruI
HANLSNj+C+gdbQdYIaIoxzSIvN7FP6YjJyGkcGhkySGjX3wHILb/H6iSkOq/LCE3
tSTNbWC+o88GTwaHRN5CjgufwE+LaDv13k7y8p8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSHdICfog4S4/pUC7ybRNKHNUvK+zAfBgNVHSMEGDAWgBQzw0LAaqzDWdOU
Of9Y3vqOoYdXSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L004TkN3R3FzdzFuVGxEbl9XTjc2anFHSFYwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYzU1ZmRmLWE2OGEtNGFhMC1iOGM1LTdmMjMzMzYwNDk5Ny8x
L2gzU0FuNklPRXVQNlZBdThtMFRTaHpWTHl2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
YzU1ZmRmLWE2OGEtNGFhMC1iOGM1LTdmMjMzMzYwNDk5Ny8xL004TkN3R3FzdzFu
VGxEbl9XTjc2anFHSFYwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAW3s/jANBgkqhkiG9w0BAQsFAAOC
AQEAVSwlZMU9SQ3za4r0LwZDYw9gP5WPwwZ/iIQQcoAdmAxuHNKBgpU2enBohz7i
eSAivOdXrEXJegSVUJTLw6YuzPYrDWPHiSQno5ODwT/gOj7nD8J8U3VeAEqUyG3z
uTtxOqvPKshMICAjnuzmgNXahCE0deXY28/nBKbwx77u7KiuMzNXyAEvuEMWfICx
OS2PdZMqA0XqVibBvyRss2cdVlaBhaeojexj6ReRDH/8N7TczcOBG/sDCf+eI17s
kDAGAkGEUDZvKjRuPSYcnl7QTFdeXqIi8wVCx9QuliatHTWszvoofTIyPR0o+xSc
3e2eKtVxW10HVr5sd7dt+3Hl4A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:53 2025 by rpki-client