Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gSa6pmrViJOnDt1CwV_bVoz-Dvk.roa
File: gSa6pmrViJOnDt1CwV_bVoz-Dvk.roa (raw, json)
Hash identifier: 7Y61FRxG7pqC80jEXNmorFQDbknV59aTzCMDnJLD6cc=
Subject key identifier: 81:26:BA:A6:6A:D5:88:93:A7:0E:DD:42:C1:5F:DB:56:8C:FE:0E:F9
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018225D1D68C042ACAD393AC53D4E08FF55C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gSa6pmrViJOnDt1CwV_bVoz-Dvk.roa
Signing time: Fri 22 Jul 2022 12:11:25 +0000
ROA not before: Fri 22 Jul 2022 12:11:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 109.72.124.0/22 maxlen: 24
109.72.120.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:d1:d6:8c:04:2a:ca:d3:93:ac:53:d4:e0:8f:f5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 22 12:11:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8126baa66ad58893a70edd42c15fdb568cfe0ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:a1:14:15:0d:b9:44:67:64:05:db:dc:d6:
51:3b:43:78:f6:cc:83:78:44:1d:d0:61:b7:a2:8f:
72:7b:4e:39:b9:da:dc:47:0c:23:6a:39:c2:13:e2:
5a:15:fa:65:7d:e5:68:e4:50:a2:23:70:30:d6:9c:
c8:3a:81:df:68:f6:c3:dd:3c:ec:4d:af:e9:d5:5c:
86:f9:55:48:5a:3d:08:f9:cb:d1:3d:03:f6:f4:bc:
5f:a3:d7:2a:5b:3c:23:6a:2b:b0:18:fe:94:76:d4:
b6:c6:a0:13:b5:85:63:e7:5f:5a:6b:89:12:0a:d4:
59:c7:32:2b:ac:39:1b:4c:26:da:fb:e7:15:8f:ba:
52:d1:62:26:e3:eb:65:2b:9a:fe:22:4f:9f:54:f3:
4b:b4:7f:95:ba:f7:f5:f0:3f:ce:8a:06:73:23:d3:
aa:cc:55:0a:10:b8:25:8d:33:d4:37:24:89:ee:3b:
67:f8:6f:4f:ee:4e:50:a1:3e:19:2f:39:f4:6f:6f:
1a:48:8a:6f:41:eb:e6:1b:7e:6d:f4:6b:d2:22:9f:
79:ef:73:ef:b3:a0:ad:be:ca:2b:fa:3c:c7:80:28:
4f:91:0b:9f:e4:f0:fb:4f:13:76:80:cb:fb:fa:aa:
1f:3a:d4:e1:9c:4b:8a:a2:3b:ed:9d:61:c8:f3:dd:
01:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:26:BA:A6:6A:D5:88:93:A7:0E:DD:42:C1:5F:DB:56:8C:FE:0E:F9
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/gSa6pmrViJOnDt1CwV_bVoz-Dvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.120.0/23
109.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
79:52:83:68:1b:2f:34:fd:c5:47:81:1c:79:9a:af:b7:94:55:
c9:b1:99:c8:96:4e:76:b9:b3:83:8f:df:4c:f3:b8:f7:54:6d:
1b:01:77:a6:3a:eb:58:d2:47:d3:77:2a:7c:23:30:95:bb:90:
80:23:5e:cf:e2:b0:bf:af:0f:5a:bf:8e:eb:96:ea:8f:9b:ea:
ff:17:fa:36:fb:01:98:7a:9b:44:b9:7a:ce:fe:17:30:1b:a8:
9c:0f:a8:3e:aa:0e:3e:7a:1f:72:d0:c3:f5:bb:5b:47:51:da:
d6:22:fe:19:4b:c7:98:bd:93:ea:3c:12:31:4c:13:90:ee:52:
fe:48:fe:d5:99:f9:12:47:8d:71:a6:3d:8a:06:e4:17:c4:a7:
23:af:43:6f:99:63:fd:b0:f8:f9:9c:18:ba:7a:37:c8:4c:7a:
c6:2d:de:14:69:a3:e0:10:d4:8d:ae:08:83:4a:64:25:3d:aa:
20:a3:13:7b:0a:c6:92:a5:aa:5c:87:20:52:41:ff:7a:a7:e6:
ca:21:71:2c:89:b5:8e:10:68:d1:be:ac:de:6d:17:e3:ec:55:
3a:a7:36:06:73:d5:d3:44:b1:c9:84:af:96:72:49:84:9a:48:
c7:b0:4b:1c:0e:1c:8a:fb:33:97:73:79:86:7b:5c:db:f0:29:
09:04:b1:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIl0daMBCrK05OsU9Tgj/VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwNzIyMTIxMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI2YmFhNjZhZDU4ODkzYTcwZWRkNDJjMTVmZGI1NjhjZmUwZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiihFBUNuURnZAXb3NZRO0N49syD
eEQd0GG3oo9ye045udrcRwwjajnCE+JaFfplfeVo5FCiI3Aw1pzIOoHfaPbD3Tzs
Ta/p1VyG+VVIWj0I+cvRPQP29Lxfo9cqWzwjaiuwGP6UdtS2xqATtYVj519aa4kS
CtRZxzIrrDkbTCba++cVj7pS0WIm4+tlK5r+Ik+fVPNLtH+Vuvf18D/OigZzI9Oq
zFUKELgljTPUNySJ7jtn+G9P7k5QoT4ZLzn0b28aSIpvQevmG35t9GvSIp9573Pv
s6Ctvsor+jzHgChPkQuf5PD7TxN2gMv7+qofOtThnEuKojvtnWHI890BiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIEmuqZq1YiTpw7dQsFf21aM/g75MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZ1NhNnBtclZpSk9uRHQxQ3dWX2JWb3otRHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbUh4AwQC
bUh8MA0GCSqGSIb3DQEBCwUAA4IBAQB5UoNoGy80/cVHgRx5mq+3lFXJsZnIlk52
ubODj99M87j3VG0bAXemOutY0kfTdyp8IzCVu5CAI17P4rC/rw9av47rluqPm+r/
F/o2+wGYeptEuXrO/hcwG6icD6g+qg4+eh9y0MP1u1tHUdrWIv4ZS8eYvZPqPBIx
TBOQ7lL+SP7VmfkSR41xpj2KBuQXxKcjr0NvmWP9sPj5nBi6ejfITHrGLd4UaaPg
ENSNrgiDSmQlPaogoxN7CsaSpapchyBSQf96p+bKIXEsibWOEGjRvqzebRfj7FU6
pzYGc9XTRLHJhK+WckmEmkjHsEscDhyK+zOXc3mGe1zb8CkJBLHA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org