Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/2EqZWgQD5ZjW4TMSmctAvwf9iKo.roa
File: 2EqZWgQD5ZjW4TMSmctAvwf9iKo.roa (raw, json)
Hash identifier: jjxbbxt+91fhaONi4x2kGjPhdIQXux0E4XGauVdultk=
Subject key identifier: D8:4A:99:5A:04:03:E5:98:D6:E1:33:12:99:CB:40:BF:07:FD:88:AA
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 358C73AB
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/2EqZWgQD5ZjW4TMSmctAvwf9iKo.roa
Signing time: Sat 01 Jan 2022 14:55:31 +0000
ROA not before: Sat 01 Jan 2022 14:55:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51358
IP address blocks: 192.109.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 898397099 (0x358c73ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 14:55:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d84a995a0403e598d6e1331299cb40bf07fd88aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:f9:8f:0e:0f:b7:26:7c:97:b4:8f:e9:44:
d0:41:0f:64:79:f3:cc:dd:c7:4c:84:8e:13:9f:03:
b9:c5:0f:dd:89:67:9f:de:a7:6a:ec:60:c0:87:ab:
fa:5f:45:9e:a3:0b:5a:d3:80:f4:88:39:81:d0:7d:
b9:44:74:2b:f9:c5:ff:6b:00:ed:d3:2a:c9:85:8c:
52:c8:3f:b0:03:01:35:a4:88:77:b9:f6:df:79:bf:
45:41:9c:d9:37:a0:a5:25:11:d4:91:80:bc:c4:32:
92:53:89:18:62:c3:d0:41:f7:88:8b:60:9f:f1:f5:
2d:c4:79:32:2f:a9:28:b4:9e:49:a7:cf:f2:bd:59:
0a:e6:1e:35:d5:27:7e:3c:60:91:5e:47:54:b9:51:
52:93:3c:3b:e8:bf:58:eb:54:06:19:65:5b:e1:fe:
ba:72:07:6f:e7:73:e3:a8:01:fb:59:3a:ba:b7:78:
9d:eb:f9:5f:0b:37:07:ce:40:52:b3:4a:4d:a3:1a:
2c:ea:4b:8d:94:02:13:6b:49:8f:2d:fe:3e:b5:3b:
7e:23:9d:de:5b:1a:ed:a6:dd:8f:b4:05:43:0c:e8:
f1:e7:67:bf:e7:e8:cc:72:f3:d2:20:5c:fb:af:19:
be:3e:34:1d:c1:84:28:3e:2e:c3:39:e1:1e:cd:1f:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4A:99:5A:04:03:E5:98:D6:E1:33:12:99:CB:40:BF:07:FD:88:AA
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/2EqZWgQD5ZjW4TMSmctAvwf9iKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.138.0/24
Signature Algorithm: sha256WithRSAEncryption
40:6f:5d:b8:60:73:af:20:6b:30:a8:a6:67:c4:d3:76:3f:d1:
d9:13:af:1f:70:00:73:f9:28:56:dc:81:b2:e1:95:8c:3c:04:
75:d1:61:ab:90:0c:f1:11:c0:04:f8:cd:6f:85:33:f3:cf:f0:
59:e0:5e:0e:d8:ac:66:15:62:6b:99:b6:4f:f9:9f:c7:bf:61:
20:16:f5:46:1f:ef:17:3c:cc:4b:27:b5:66:b0:d8:8d:90:20:
49:8e:d3:36:94:97:55:55:ee:40:41:cb:2a:c8:c3:ce:a0:e4:
83:2d:da:15:40:6f:cc:e7:8d:4f:32:56:c4:58:84:c3:41:4a:
39:65:35:af:ff:f6:48:fb:a4:0d:cd:d1:cc:7b:fb:21:f9:88:
c7:22:61:ed:09:8b:61:66:28:77:a6:fb:af:b6:24:07:db:35:
e7:4a:94:45:dc:5c:a6:7b:7c:16:f3:f6:40:76:56:45:78:98:
71:b1:f4:75:96:dd:fa:a0:bd:55:d2:21:bf:9f:a0:f4:e2:bf:
0f:f4:1d:94:93:32:c3:77:5c:51:f3:fa:d3:7c:91:80:91:95:
bf:b5:7c:72:f8:cd:6c:88:65:8c:70:35:5c:eb:cc:7e:63:45:
04:37:65:d0:51:05:52:8e:dc:90:4a:fb:ab:36:2f:03:66:02:
fb:db:73:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENYxzqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWY1YTEwZTRmZDI2NTVhZGJiYjQwZWRlMThiMjYxNWFjNTU4ZWE5MB4XDTIyMDEw
MTE0NTUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg0YTk5NWEwNDAz
ZTU5OGQ2ZTEzMzEyOTljYjQwYmYwN2ZkODhhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw6+Y8OD7cmfJe0j+lE0EEPZHnzzN3HTISOE58DucUP3Yln
n96nauxgwIer+l9FnqMLWtOA9Ig5gdB9uUR0K/nF/2sA7dMqyYWMUsg/sAMBNaSI
d7n233m/RUGc2TegpSUR1JGAvMQyklOJGGLD0EH3iItgn/H1LcR5Mi+pKLSeSafP
8r1ZCuYeNdUnfjxgkV5HVLlRUpM8O+i/WOtUBhllW+H+unIHb+dz46gB+1k6urd4
nev5Xws3B85AUrNKTaMaLOpLjZQCE2tJjy3+PrU7fiOd3lsa7abdj7QFQwzo8edn
v+fozHLz0iBc+68Zvj40HcGEKD4uwznhHs0fWcsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTYSplaBAPlmNbhMxKZy0C/B/2IqjAfBgNVHSMEGDAWgBRB9aEOT9JlWtu7
QO3hiyYVrFWOqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmV2hEa19TWlZyYnUwRHQ0WXNtRmF4Vmpxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8x
LzJFcVpXZ1FENVpqVzRUTVNtY3RBdndmOWlLby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OGQzYzgyLWU0MDMtNGRhNi1iMzE1LTg3OTAyMDZmMGQ3NC8xL1FmV2hEa19TWlZy
YnUwRHQ0WXNtRmF4Vmpxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtijANBgkqhkiG9w0BAQsFAAOC
AQEAQG9duGBzryBrMKimZ8TTdj/R2ROvH3AAc/koVtyBsuGVjDwEddFhq5AM8RHA
BPjNb4Uz88/wWeBeDtisZhVia5m2T/mfx79hIBb1Rh/vFzzMSye1ZrDYjZAgSY7T
NpSXVVXuQEHLKsjDzqDkgy3aFUBvzOeNTzJWxFiEw0FKOWU1r//2SPukDc3RzHv7
IfmIxyJh7QmLYWYod6b7r7YkB9s150qURdxcpnt8FvP2QHZWRXiYcbH0dZbd+qC9
VdIhv5+g9OK/D/QdlJMyw3dcUfP603yRgJGVv7V8cvjNbIhljHA1XOvMfmNFBDdl
0FEFUo7ckEr7qzYvA2YC+9tzOQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net