Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/V0DSM37BU3jLzWqb55IFTPzelqU.roa
File: V0DSM37BU3jLzWqb55IFTPzelqU.roa (raw, json)
Hash identifier: vVjaAPqmgbyN5+FXZLzHHGVgTPqzSjrDmC7d5klC9xA=
Subject key identifier: 57:40:D2:33:7E:C1:53:78:CB:CD:6A:9B:E7:92:05:4C:FC:DE:96:A5
Certificate issuer: /CN=4aafe45b30fa7f594925dd395ba14cefb673e2c0
Certificate serial: 01849E75990E16C3E9F6F597D760D5F21148
Authority key identifier: 4A:AF:E4:5B:30:FA:7F:59:49:25:DD:39:5B:A1:4C:EF:B6:73:E2:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sq_kWzD6f1lJJd05W6FM77Zz4sA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/V0DSM37BU3jLzWqb55IFTPzelqU.roa
Signing time: Tue 22 Nov 2022 08:30:17 +0000
ROA not before: Tue 22 Nov 2022 08:30:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35032
IP address blocks: 109.124.224.0/21 maxlen: 21
109.124.232.0/21 maxlen: 21
109.124.240.0/21 maxlen: 21
109.124.252.0/23 maxlen: 23
109.124.248.0/22 maxlen: 22
85.236.160.0/20 maxlen: 20
185.224.8.0/22 maxlen: 22
85.236.176.0/20 maxlen: 20
109.124.192.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:75:99:0e:16:c3:e9:f6:f5:97:d7:60:d5:f2:11:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aafe45b30fa7f594925dd395ba14cefb673e2c0
Validity
Not Before: Nov 22 08:30:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5740d2337ec15378cbcd6a9be792054cfcde96a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:97:2a:e6:23:b4:b4:4d:55:0f:86:5b:f0:
1a:3d:48:fd:4e:16:b3:5d:f0:2c:85:eb:f2:de:33:
2c:d4:6d:17:ee:63:d4:e7:73:6d:06:66:7f:46:f4:
b9:8d:cd:07:c2:5b:13:99:b8:b1:18:70:5c:ac:86:
0f:a4:05:8f:3a:44:61:be:30:9c:df:c9:bf:b9:e9:
68:7b:eb:44:21:89:8d:c1:60:cd:ec:a5:6a:af:c1:
80:1c:c3:04:e6:36:00:9b:65:36:f3:3d:23:53:fb:
0c:87:ef:ba:0d:1d:9c:e2:50:fa:f0:e7:b2:51:b7:
bc:41:8a:aa:d9:e6:d7:ba:75:04:57:d6:96:63:fe:
c0:b4:0c:c6:cc:09:d1:18:95:9e:24:af:eb:ba:86:
95:0c:e7:e0:fe:60:c8:88:43:ea:88:11:d6:a3:b4:
07:f9:1d:07:58:d8:26:57:1c:56:08:2b:a0:d8:9d:
a4:36:57:81:b6:bf:9c:96:15:b3:f8:10:f9:03:75:
b5:f7:79:3d:24:41:c4:25:16:dc:7f:45:93:9a:58:
0a:70:39:6a:24:40:18:a9:91:1b:1a:5e:02:69:98:
42:b2:7c:4c:17:d0:bc:59:65:27:8f:e1:fa:76:b9:
0a:31:20:fc:cf:d8:07:c3:78:6c:9d:ab:33:00:95:
43:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:40:D2:33:7E:C1:53:78:CB:CD:6A:9B:E7:92:05:4C:FC:DE:96:A5
X509v3 Authority Key Identifier:
keyid:4A:AF:E4:5B:30:FA:7F:59:49:25:DD:39:5B:A1:4C:EF:B6:73:E2:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sq_kWzD6f1lJJd05W6FM77Zz4sA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/V0DSM37BU3jLzWqb55IFTPzelqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ae09fb-f536-47a1-9787-f1f603f91971/1/Sq_kWzD6f1lJJd05W6FM77Zz4sA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.236.160.0/19
109.124.192.0-109.124.253.255
185.224.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:a1:09:7d:f7:d0:ef:b9:77:ea:a0:a5:93:03:65:81:50:66:
66:ee:e4:77:a3:e3:4d:e8:d3:b3:61:72:37:9d:6e:19:03:b4:
41:c1:1d:7c:bb:1d:ff:5e:c5:b2:c1:a1:4d:0b:91:95:5a:be:
17:c0:a7:87:a2:8b:c2:75:b7:f5:3a:00:c7:6a:b6:66:9c:03:
06:01:86:ca:f2:47:5b:c1:5f:0a:9c:86:cd:a1:8e:55:b1:df:
76:03:16:be:83:fe:82:9c:78:bb:38:29:65:0c:d6:6e:6f:1d:
6c:19:d7:9a:70:38:09:14:d7:b7:8f:af:cc:7e:3d:b5:e9:6c:
cb:4e:fe:c2:e3:a6:39:fb:a3:33:b8:40:01:b9:66:78:5a:a3:
22:9f:56:5a:2f:71:45:97:5b:e6:fa:b8:30:93:d8:07:09:31:
b6:e3:3f:43:64:16:f3:f0:d4:34:ce:1b:97:7d:e3:7e:92:83:
38:7d:78:b1:04:92:ff:b1:37:46:e4:da:c4:34:a0:4b:71:08:
91:9a:3f:14:ba:b7:64:1d:5e:6d:75:82:08:fd:9b:bb:a4:ba:
13:0b:c1:93:fb:0f:2f:bb:93:88:29:78:4c:57:0f:91:fc:2d:
8a:05:22:b3:f5:b3:f9:ed:89:53:f9:4c:4a:ef:38:52:0b:b5:
86:29:cf:1a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYSedZkOFsPp9vWX12DV8hFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWZlNDViMzBmYTdmNTk0OTI1ZGQzOTViYTE0Y2VmYjY3
M2UyYzAwHhcNMjIxMTIyMDgzMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzQwZDIzMzdlYzE1Mzc4Y2JjZDZhOWJlNzkyMDU0Y2ZjZGU5NmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkziXKuYjtLRNVQ+GW/AaPUj9Thaz
XfAshevy3jMs1G0X7mPU53NtBmZ/RvS5jc0HwlsTmbixGHBcrIYPpAWPOkRhvjCc
38m/ueloe+tEIYmNwWDN7KVqr8GAHMME5jYAm2U28z0jU/sMh++6DR2c4lD68Oey
Ube8QYqq2ebXunUEV9aWY/7AtAzGzAnRGJWeJK/ruoaVDOfg/mDIiEPqiBHWo7QH
+R0HWNgmVxxWCCug2J2kNleBtr+clhWz+BD5A3W193k9JEHEJRbcf0WTmlgKcDlq
JEAYqZEbGl4CaZhCsnxMF9C8WWUnj+H6drkKMSD8z9gHw3hsnaszAJVDxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFdA0jN+wVN4y81qm+eSBUz83palMB8GA1UdIwQY
MBaAFEqv5Fsw+n9ZSSXdOVuhTO+2c+LAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Ffa1d6RDZmMWxKSmQwNVc2Rk03N1p6NHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZTA5ZmItZjUzNi00N2ExLTk3ODct
ZjFmNjAzZjkxOTcxLzEvVjBEU00zN0JVM2pMeldxYjU1SUZUUHplbHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZTA5ZmItZjUzNi00N2ExLTk3ODctZjFmNjAzZjkxOTcx
LzEvU3Ffa1d6RDZmMWxKSmQwNVc2Rk03N1p6NHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQFVeygMAwD
BAZtfMADBAFtfPwDBAK54AgwDQYJKoZIhvcNAQELBQADggEBAEuhCX330O+5d+qg
pZMDZYFQZmbu5Hej403o07NhcjedbhkDtEHBHXy7Hf9exbLBoU0LkZVavhfAp4ei
i8J1t/U6AMdqtmacAwYBhsryR1vBXwqchs2hjlWx33YDFr6D/oKceLs4KWUM1m5v
HWwZ15pwOAkU17ePr8x+PbXpbMtO/sLjpjn7ozO4QAG5ZnhaoyKfVlovcUWXW+b6
uDCT2AcJMbbjP0NkFvPw1DTOG5d9436Sgzh9eLEEkv+xN0bk2sQ0oEtxCJGaPxS6
t2QdXm11ggj9m7ukuhMLwZP7Dy+7k4gpeExXD5H8LYoFIrP1s/ntiVP5TErvOFIL
tYYpzxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org