Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/iKR94xvfBouMbi1E1SDWG7b4pc4.roa
File: iKR94xvfBouMbi1E1SDWG7b4pc4.roa (raw, json)
Hash identifier: smWs7J18aewH7kc36iqs/o92WrKVWn8kzck4qLyJdIM=
Subject key identifier: 88:A4:7D:E3:1B:DF:06:8B:8C:6E:2D:44:D5:20:D6:1B:B6:F8:A5:CE
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1CF25468
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/iKR94xvfBouMbi1E1SDWG7b4pc4.roa
Signing time: Fri 29 Apr 2022 07:16:02 +0000
ROA not before: Fri 29 Apr 2022 07:16:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 109.72.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 485643368 (0x1cf25468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 29 07:16:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88a47de31bdf068b8c6e2d44d520d61bb6f8a5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bc:97:40:34:e6:25:91:b9:de:07:a4:81:4c:
39:9d:3c:fd:b1:25:7a:0e:8d:09:fe:26:f6:32:23:
02:02:46:48:e6:9a:56:6f:13:7e:83:bd:44:8d:85:
ae:f7:03:5d:0b:c8:a0:a4:87:cb:db:c6:05:9e:ed:
0b:aa:bf:bb:f8:50:28:b2:08:6f:1f:95:40:9a:b8:
52:45:09:f0:bc:22:f5:c8:75:30:79:4e:5a:1e:e5:
73:61:5f:37:8c:d3:db:94:5f:9a:37:a5:b8:6e:d1:
6e:6d:2b:ef:54:f1:43:57:79:90:d6:0a:ed:8b:ab:
eb:f5:b4:91:84:b1:c5:21:99:d9:0b:2c:e6:ed:b0:
53:52:7c:cd:69:ba:ec:35:d2:55:63:c8:94:70:92:
1b:97:81:5e:66:67:cd:99:0e:60:6f:7f:32:9c:4e:
70:86:ad:74:95:35:8c:51:ef:e5:3e:8d:d5:72:89:
51:24:f6:93:15:f7:59:30:d9:a8:0f:96:c0:d4:60:
cf:6a:1d:65:de:17:89:a1:a7:e8:b4:8f:da:d8:0e:
ab:1b:c0:c9:03:84:70:c4:9d:ec:ec:57:56:a6:b9:
6a:ee:9a:c5:55:15:4b:ef:dc:5d:90:5e:b4:5d:7a:
b6:92:bd:30:28:d4:2d:53:c0:c1:1a:6a:03:fb:90:
32:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A4:7D:E3:1B:DF:06:8B:8C:6E:2D:44:D5:20:D6:1B:B6:F8:A5:CE
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/iKR94xvfBouMbi1E1SDWG7b4pc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.123.0/24
Signature Algorithm: sha256WithRSAEncryption
47:24:c5:c9:85:35:41:17:98:cd:16:39:cb:8e:83:40:7c:56:
52:93:72:d7:94:f6:c7:35:18:95:2e:3a:11:22:d1:c0:30:a4:
00:49:12:30:58:4b:da:53:6d:4c:33:01:99:63:ca:b5:82:84:
38:2b:ff:9f:f1:2b:5f:24:8f:0b:33:b3:ac:01:39:79:85:e1:
7e:1a:a7:d3:10:ab:07:9b:f1:18:8c:1a:e9:5b:98:c7:c0:69:
90:12:b3:b6:9c:ab:b9:1c:63:d6:93:fd:a3:44:81:5c:60:6f:
17:9c:81:6d:12:c1:87:9b:8b:b6:ac:16:99:1c:c3:3b:12:93:
d5:65:62:3a:8d:d3:8b:39:0a:4e:2b:8e:28:39:a9:68:86:d8:
23:54:cd:e5:e8:b3:91:79:f2:af:cf:a0:35:3b:b4:6d:0e:8a:
3d:6f:c3:50:ff:ce:88:59:39:fc:b4:be:f7:dd:be:ff:9a:c1:
b1:7b:5f:1d:5e:fb:e5:a1:f6:2d:32:6a:aa:d4:51:a0:19:57:
c6:10:24:cf:a7:f0:3f:9b:a1:30:9f:89:03:71:33:ce:b0:7c:
f5:85:92:a9:28:70:d1:18:e5:4b:63:e8:9e:ec:36:52:d5:f2:
2e:c9:6f:c4:80:16:10:a3:5d:40:2a:33:3b:1a:b7:17:56:83:
f0:af:39:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHPJUaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDQy
OTA3MTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhhNDdkZTMxYmRm
MDY4YjhjNmUyZDQ0ZDUyMGQ2MWJiNmY4YTVjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJu8l0A05iWRud4HpIFMOZ08/bEleg6NCf4m9jIjAgJGSOaa
Vm8TfoO9RI2FrvcDXQvIoKSHy9vGBZ7tC6q/u/hQKLIIbx+VQJq4UkUJ8Lwi9ch1
MHlOWh7lc2FfN4zT25RfmjeluG7Rbm0r71TxQ1d5kNYK7Yur6/W0kYSxxSGZ2Qss
5u2wU1J8zWm67DXSVWPIlHCSG5eBXmZnzZkOYG9/MpxOcIatdJU1jFHv5T6N1XKJ
UST2kxX3WTDZqA+WwNRgz2odZd4XiaGn6LSP2tgOqxvAyQOEcMSd7OxXVqa5au6a
xVUVS+/cXZBetF16tpK9MCjULVPAwRpqA/uQMp8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSIpH3jG98Gi4xuLUTVINYbtvilzjAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L2lLUjk0eHZmQm91TWJpMUUxU0RXRzdiNHBjNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1IezANBgkqhkiG9w0BAQsFAAOC
AQEARyTFyYU1QReYzRY5y46DQHxWUpNy15T2xzUYlS46ESLRwDCkAEkSMFhL2lNt
TDMBmWPKtYKEOCv/n/ErXySPCzOzrAE5eYXhfhqn0xCrB5vxGIwa6VuYx8BpkBKz
tpyruRxj1pP9o0SBXGBvF5yBbRLBh5uLtqwWmRzDOxKT1WViOo3TizkKTiuOKDmp
aIbYI1TN5eizkXnyr8+gNTu0bQ6KPW/DUP/OiFk5/LS+992+/5rBsXtfHV775aH2
LTJqqtRRoBlXxhAkz6fwP5uhMJ+JA3EzzrB89YWSqShw0RjlS2Ponuw2UtXyLslv
xIAWEKNdQCozOxq3F1aD8K85uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org