Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/CPq4Dg4RX92Nw6X9DsjmV0yKHYo.roa
File: CPq4Dg4RX92Nw6X9DsjmV0yKHYo.roa (raw, json)
Hash identifier: hfcBYFb9Zf/YO00mfiRkd19s0kedqLSCYSRuzmLZlVk=
Subject key identifier: 08:FA:B8:0E:0E:11:5F:DD:8D:C3:A5:FD:0E:C8:E6:57:4C:8A:1D:8A
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018567A5DEA7FC55265C7ED0756FABD6486C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/CPq4Dg4RX92Nw6X9DsjmV0yKHYo.roa
Signing time: Sat 31 Dec 2022 10:06:41 +0000
ROA not before: Sat 31 Dec 2022 10:06:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50354
IP address blocks: 109.72.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:67:a5:de:a7:fc:55:26:5c:7e:d0:75:6f:ab:d6:48:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 31 10:06:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08fab80e0e115fdd8dc3a5fd0ec8e6574c8a1d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7d:09:2a:07:d4:b0:22:d2:99:d0:e8:0c:a7:
81:53:98:c3:12:6f:08:d0:46:d0:98:99:f1:36:a1:
e4:e9:04:89:09:51:a2:13:90:31:79:dc:89:e8:eb:
d0:39:d3:65:a0:ed:d3:bd:8e:36:15:21:4a:97:4a:
91:6b:2d:5e:fe:ce:dc:1c:e9:9c:40:d6:15:46:6c:
23:65:b8:d1:7a:54:39:c9:4b:a6:b2:74:3d:66:5e:
0d:f4:18:c2:3b:a8:95:b5:ec:b0:28:98:f6:72:70:
d8:f9:57:cf:4f:de:89:24:70:9b:cf:8f:ef:f5:5d:
6a:8c:0a:a1:ba:b3:75:7d:3e:66:2c:88:c0:58:91:
f0:4e:36:55:58:6e:37:c2:52:98:3f:e5:4e:71:ed:
68:1e:4c:35:24:f8:81:70:c9:4a:db:dc:cb:7f:be:
29:45:67:65:13:ed:ca:6b:1c:a8:f4:0b:da:4f:a6:
99:14:ff:86:2e:aa:50:8f:2a:df:a5:63:fc:55:c6:
cc:8c:af:63:60:b6:9e:1b:64:02:d7:50:c7:6e:b6:
e9:cf:3c:49:2b:b6:9c:0a:e1:2d:a2:76:2c:ed:cd:
86:7e:7e:bd:08:e2:95:45:2f:4f:88:19:3e:0c:1e:
c5:96:c7:87:80:0f:ed:28:33:2d:e9:12:c9:69:2c:
3c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FA:B8:0E:0E:11:5F:DD:8D:C3:A5:FD:0E:C8:E6:57:4C:8A:1D:8A
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/CPq4Dg4RX92Nw6X9DsjmV0yKHYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.112.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:48:1a:03:1b:20:fd:5e:b3:f7:92:92:30:90:aa:39:f4:ce:
ab:37:36:a2:5b:6d:ec:46:07:ab:19:96:bf:e0:d8:fd:14:71:
61:f1:f5:0f:4e:ac:70:11:19:48:af:52:f1:47:4d:0d:f8:c5:
22:81:5c:d1:80:55:05:6c:63:6f:ac:5f:d3:a9:67:8f:4f:c7:
70:e2:4b:a6:84:ca:e3:e0:4d:f0:44:a8:9c:a5:13:fe:76:d0:
37:53:14:29:5f:84:3d:3a:1d:87:37:d6:6d:9c:6d:ba:4d:58:
61:40:88:fe:7e:8a:1c:d0:cb:5d:77:e8:9a:d0:4d:06:b0:b1:
0a:00:11:ca:a2:20:38:05:39:af:72:69:0f:b8:32:72:ac:3f:
7d:9a:e6:7b:9c:78:54:4e:69:2a:d7:4c:4d:8b:d4:4d:35:53:
b7:d0:74:11:59:af:bc:0e:8c:ba:f3:44:9e:48:3f:0f:c3:bc:
52:f0:1a:e3:43:74:4d:7d:89:27:de:93:52:84:e9:ab:01:f0:
4e:8e:96:2f:cc:ab:ca:94:c0:3b:7e:22:9b:47:a4:7e:08:34:
d9:de:63:c7:cb:20:66:d3:9f:12:97:c0:e8:ef:62:be:59:d7:
87:0b:6f:3b:e5:68:8d:f8:39:d7:0a:81:dd:0e:8d:d8:5a:5c:
1d:f9:c1:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVnpd6n/FUmXH7QdW+r1khsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMjMxMTAwNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGZhYjgwZTBlMTE1ZmRkOGRjM2E1ZmQwZWM4ZTY1NzRjOGExZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr30JKgfUsCLSmdDoDKeBU5jDEm8I
0EbQmJnxNqHk6QSJCVGiE5AxedyJ6OvQOdNloO3TvY42FSFKl0qRay1e/s7cHOmc
QNYVRmwjZbjRelQ5yUumsnQ9Zl4N9BjCO6iVteywKJj2cnDY+VfPT96JJHCbz4/v
9V1qjAqhurN1fT5mLIjAWJHwTjZVWG43wlKYP+VOce1oHkw1JPiBcMlK29zLf74p
RWdlE+3Kaxyo9AvaT6aZFP+GLqpQjyrfpWP8VcbMjK9jYLaeG2QC11DHbrbpzzxJ
K7acCuEtonYs7c2Gfn69COKVRS9PiBk+DB7FlseHgA/tKDMt6RLJaSw89wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAj6uA4OEV/djcOl/Q7I5ldMih2KMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvQ1BxNERnNFJYOTJOdzZYOURzam1WMHlLSFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbUhwMA0G
CSqGSIb3DQEBCwUAA4IBAQAMSBoDGyD9XrP3kpIwkKo59M6rNzaiW23sRgerGZa/
4Nj9FHFh8fUPTqxwERlIr1LxR00N+MUigVzRgFUFbGNvrF/TqWePT8dw4kumhMrj
4E3wRKicpRP+dtA3UxQpX4Q9Oh2HN9ZtnG26TVhhQIj+fooc0Mtdd+ia0E0GsLEK
ABHKoiA4BTmvcmkPuDJyrD99muZ7nHhUTmkq10xNi9RNNVO30HQRWa+8Doy680Se
SD8Pw7xS8BrjQ3RNfYkn3pNShOmrAfBOjpYvzKvKlMA7fiKbR6R+CDTZ3mPHyyBm
058Sl8Do72K+WdeHC2875WiN+DnXCoHdDo3YWlwd+cGT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org