Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/vdQTAr2tYKpD72ID8DcNfGUEjUo.roa
File: vdQTAr2tYKpD72ID8DcNfGUEjUo.roa (raw, json)
Hash identifier: i7XSdU85o5WkCQoJa5BckW+59Kd13wstgwbY8UiIUJk=
Subject key identifier: BD:D4:13:02:BD:AD:60:AA:43:EF:62:03:F0:37:0D:7C:65:04:8D:4A
Certificate issuer: /CN=1b893c6209b7a8018776c5ccad30e240d2cf2d07
Certificate serial: 01B50963
Authority key identifier: 1B:89:3C:62:09:B7:A8:01:87:76:C5:CC:AD:30:E2:40:D2:CF:2D:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G4k8Ygm3qAGHdsXMrTDiQNLPLQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/vdQTAr2tYKpD72ID8DcNfGUEjUo.roa
Signing time: Mon 14 Mar 2022 09:57:47 +0000
ROA not before: Mon 14 Mar 2022 09:57:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 109.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28641635 (0x1b50963)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b893c6209b7a8018776c5ccad30e240d2cf2d07
Validity
Not Before: Mar 14 09:57:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdd41302bdad60aa43ef6203f0370d7c65048d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b7:db:ec:6f:6b:f7:2b:ed:75:5e:42:32:bb:
a7:11:7f:65:62:68:f0:9b:92:08:75:2f:a7:d1:54:
81:6c:ae:e7:05:34:89:5d:48:32:cb:88:ea:e5:50:
ca:34:8a:28:23:03:c3:ed:12:f4:6d:f9:04:f9:d6:
67:c7:56:02:3f:8b:25:67:10:b2:62:33:7a:f1:06:
28:5a:bf:16:98:dc:1f:e6:de:a7:66:07:d3:6e:4b:
99:61:e7:5b:e0:9d:44:96:84:fd:18:e2:00:3a:23:
81:7e:7e:67:9e:f6:fa:67:ce:a2:49:5f:9e:6e:57:
6a:5a:b9:58:08:26:f1:3f:9a:79:02:7b:2d:f1:15:
30:f7:58:45:59:bb:14:a0:3d:a6:7b:3c:25:e9:d5:
22:93:e0:20:91:1d:05:e1:5d:e8:94:fc:c9:7f:01:
33:76:fa:87:41:27:02:8e:1f:99:7f:3c:dc:78:08:
0d:42:6b:ed:60:0e:0d:4c:37:99:7e:84:32:8a:c3:
e3:fa:20:89:d2:51:b0:94:a6:38:a2:3d:3e:b2:82:
c7:2c:46:05:e1:3b:60:7b:40:5b:65:21:93:c1:91:
90:5a:a7:0e:b4:b9:d5:42:f2:d7:dd:fa:e0:87:40:
96:54:7a:53:56:0d:c3:e3:06:76:8f:50:f8:91:80:
0e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D4:13:02:BD:AD:60:AA:43:EF:62:03:F0:37:0D:7C:65:04:8D:4A
X509v3 Authority Key Identifier:
keyid:1B:89:3C:62:09:B7:A8:01:87:76:C5:CC:AD:30:E2:40:D2:CF:2D:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G4k8Ygm3qAGHdsXMrTDiQNLPLQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/vdQTAr2tYKpD72ID8DcNfGUEjUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/G4k8Ygm3qAGHdsXMrTDiQNLPLQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.74.0/24
Signature Algorithm: sha256WithRSAEncryption
32:fd:18:eb:ba:ba:a1:4d:ef:47:84:2e:2a:26:52:f3:37:ff:
1a:6a:7c:d6:8f:cf:b5:6a:0b:9b:f6:40:0e:e7:f9:6a:b7:6b:
25:6f:e7:6f:c4:4e:cf:60:c8:1f:4a:1e:d5:f9:71:75:34:83:
78:93:64:6e:9c:5b:38:17:f1:c0:c7:6e:17:a6:35:eb:2b:e5:
71:ec:e9:60:a0:b9:8e:c6:1c:6d:95:84:23:d4:de:f1:95:39:
60:dc:60:aa:8e:4c:0d:d3:80:3d:2b:60:14:34:f0:1e:06:0b:
f5:50:05:ff:fd:24:24:07:1b:50:56:d2:e9:b8:b3:80:10:fc:
20:41:c8:dd:58:50:27:78:7c:e5:bc:6a:3d:e4:55:87:ca:c5:
65:d1:3f:b1:43:b7:dd:3d:ec:05:ce:f5:1b:b3:0b:a1:87:2f:
2d:87:e9:30:61:47:19:b7:e4:8c:fd:d4:2d:c4:3d:3f:75:20:
b4:2d:0a:ae:3b:ed:de:84:a4:63:6d:c4:a3:56:63:c9:e1:6a:
77:9d:1f:df:ec:e7:66:59:a6:6c:89:b2:ad:f4:0d:d2:9b:bc:
5e:53:76:01:49:83:66:9e:bf:81:06:04:cc:e7:e2:ac:fb:d4:
43:08:8f:88:d9:2a:ec:d1:e0:3e:ff:eb:d7:85:e5:f9:a9:94:
29:d9:17:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAbUJYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Yjg5M2M2MjA5YjdhODAxODc3NmM1Y2NhZDMwZTI0MGQyY2YyZDA3MB4XDTIyMDMx
NDA5NTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRkNDEzMDJiZGFk
NjBhYTQzZWY2MjAzZjAzNzBkN2M2NTA0OGQ0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm32+xva/cr7XVeQjK7pxF/ZWJo8JuSCHUvp9FUgWyu5wU0
iV1IMsuI6uVQyjSKKCMDw+0S9G35BPnWZ8dWAj+LJWcQsmIzevEGKFq/FpjcH+be
p2YH025LmWHnW+CdRJaE/RjiADojgX5+Z572+mfOoklfnm5Xalq5WAgm8T+aeQJ7
LfEVMPdYRVm7FKA9pns8JenVIpPgIJEdBeFd6JT8yX8BM3b6h0EnAo4fmX883HgI
DUJr7WAODUw3mX6EMorD4/ogidJRsJSmOKI9PrKCxyxGBeE7YHtAW2Uhk8GRkFqn
DrS51ULy19364IdAllR6U1YNw+MGdo9Q+JGADkUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS91BMCva1gqkPvYgPwNw18ZQSNSjAfBgNVHSMEGDAWgBQbiTxiCbeoAYd2
xcytMOJA0s8tBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c0azhZZ20zcUFHSGRzWE1yVERpUU5MUExRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvM2EwYjE0LThkMTctNDQ5ZC1hYTU2LWYxMDcxZThiODBkNi8x
L3ZkUVRBcjJ0WUtwRDcySUQ4RGNOZkdVRWpVby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
M2EwYjE0LThkMTctNDQ5ZC1hYTU2LWYxMDcxZThiODBkNi8xL0c0azhZZ20zcUFH
SGRzWE1yVERpUU5MUExRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3qSjANBgkqhkiG9w0BAQsFAAOC
AQEAMv0Y67q6oU3vR4QuKiZS8zf/Gmp81o/PtWoLm/ZADuf5ardrJW/nb8ROz2DI
H0oe1flxdTSDeJNkbpxbOBfxwMduF6Y16yvlcezpYKC5jsYcbZWEI9Te8ZU5YNxg
qo5MDdOAPStgFDTwHgYL9VAF//0kJAcbUFbS6bizgBD8IEHI3VhQJ3h85bxqPeRV
h8rFZdE/sUO33T3sBc71G7MLoYcvLYfpMGFHGbfkjP3ULcQ9P3UgtC0Krjvt3oSk
Y23Eo1ZjyeFqd50f3+znZlmmbImyrfQN0pu8XlN2AUmDZp6/gQYEzOfirPvUQwiP
iNkq7NHgPv/r14Xl+amUKdkXbw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:42 2023 by rpki-client on console-fra.rpki-client.org