Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/kEm5ExNnT8MCPwltUakcH3oqV6E.roa
File: kEm5ExNnT8MCPwltUakcH3oqV6E.roa (raw, json)
Hash identifier: tfKtVkdafo2Ab/a3D8gySrLCNHPMC/rZi2LuNkOPw80=
Subject key identifier: 90:49:B9:13:13:67:4F:C3:02:3F:09:6D:51:A9:1C:1F:7A:2A:57:A1
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 4125A6
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/kEm5ExNnT8MCPwltUakcH3oqV6E.roa
Signing time: Sat 01 Jan 2022 01:51:43 +0000
ROA not before: Sat 01 Jan 2022 01:51:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8226
IP address blocks: 109.68.124.0/23 maxlen: 23
109.68.120.0/22 maxlen: 22
109.68.126.0/24 maxlen: 24
2001:4d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4269478 (0x4125a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 1 01:51:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9049b91313674fc3023f096d51a91c1f7a2a57a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ef:78:4b:60:a0:14:9a:b8:29:81:96:9a:a4:
2a:ac:cb:91:75:c0:78:41:31:e7:0f:63:61:4a:71:
08:fd:97:51:a3:fc:4b:f7:05:33:6e:e1:25:a9:17:
d5:12:23:93:92:1a:06:a5:42:59:c7:6c:d2:17:0b:
8e:c5:86:51:e1:a8:b0:d8:82:ea:4b:5e:9b:5b:03:
12:9d:f9:6d:6d:82:b5:84:39:bd:39:93:59:87:5c:
bf:07:28:31:e6:62:7f:3e:81:4f:1a:5e:4d:13:bc:
2f:b5:4b:5f:c7:5c:8b:6b:09:ad:00:66:31:24:81:
6b:f0:f5:e5:f0:f4:71:57:2f:3b:99:a3:d5:48:aa:
0f:b7:e9:72:5c:f2:c3:31:cd:3a:90:dc:74:2f:a3:
d2:9a:ae:45:40:89:06:a0:47:a1:d1:54:65:7c:90:
eb:10:90:df:7e:bd:07:fd:d0:e0:96:27:ff:c9:7a:
5e:bf:aa:ad:a5:aa:98:37:36:16:64:67:c0:2c:78:
f1:93:05:02:ad:81:ae:6b:16:52:45:9b:f8:ee:8d:
34:a9:5a:8a:c4:91:67:33:61:22:21:12:80:18:36:
c0:15:59:e9:e2:b5:32:4d:f2:bc:d1:5a:a7:93:06:
60:a7:9d:68:60:94:07:d6:38:ff:d3:7f:14:0b:42:
51:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:49:B9:13:13:67:4F:C3:02:3F:09:6D:51:A9:1C:1F:7A:2A:57:A1
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/kEm5ExNnT8MCPwltUakcH3oqV6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.120.0-109.68.126.255
IPv6:
2001:4d00::/32
Signature Algorithm: sha256WithRSAEncryption
4d:8d:0a:1a:f6:cb:ab:80:ef:4f:99:37:dc:99:ce:ed:85:0d:
72:9a:df:cd:7c:ea:1a:ce:52:42:d3:f0:24:c7:18:5f:f2:a9:
fd:2d:28:e2:87:29:19:f1:5f:81:40:3b:38:0c:ca:6e:5d:18:
be:3f:e3:68:5c:47:e1:9a:c0:16:5e:25:5c:38:50:46:35:13:
89:a7:ae:15:e0:4a:da:f5:f9:8c:6c:72:88:23:db:c8:f7:bb:
ba:00:76:ef:3e:3c:b2:97:85:48:86:bf:b8:d7:ac:f3:fd:a2:
1a:0d:b3:83:ee:d2:7a:77:7e:92:2d:c3:db:6d:2e:8b:b9:73:
c4:f8:db:d2:30:5b:93:73:d9:07:ea:77:93:6b:57:14:22:71:
55:21:78:d6:22:14:d4:76:b4:db:a5:8a:b4:e4:9a:c4:3e:52:
65:17:8e:aa:e7:c8:f9:09:26:84:3c:5c:0a:71:2b:4c:ff:c5:
ac:be:00:dd:8b:4b:e0:e3:e7:c0:ca:e2:69:db:6b:6a:5a:ba:
36:e7:b9:96:10:99:ed:9c:d5:f4:d8:5e:2b:76:4a:97:cb:f5:
96:b1:4a:df:e9:12:3b:7d:48:ea:fa:b7:2b:d8:b9:dc:37:95:
f8:7f:f3:3d:08:4e:f5:81:5c:68:57:a0:04:46:76:b3:be:c3:
61:71:4a:86
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIDQSWmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThlYmY5MzQwHhcNMjIwMTAx
MDE1MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MDQ5YjkxMzEzNjc0
ZmMzMDIzZjA5NmQ1MWE5MWMxZjdhMmE1N2ExMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwO94S2CgFJq4KYGWmqQqrMuRdcB4QTHnD2NhSnEI/ZdRo/xL
9wUzbuElqRfVEiOTkhoGpUJZx2zSFwuOxYZR4aiw2ILqS16bWwMSnfltbYK1hDm9
OZNZh1y/Bygx5mJ/PoFPGl5NE7wvtUtfx1yLawmtAGYxJIFr8PXl8PRxVy87maPV
SKoPt+lyXPLDMc06kNx0L6PSmq5FQIkGoEeh0VRlfJDrEJDffr0H/dDglif/yXpe
v6qtpaqYNzYWZGfALHjxkwUCrYGuaxZSRZv47o00qVqKxJFnM2EiIRKAGDbAFVnp
4rUyTfK80VqnkwZgp51oYJQH1jj/038UC0JRBQIDAQABo4ICIDCCAhwwHQYDVR0O
BBYEFJBJuRMTZ0/DAj8JbVGpHB96KlehMB8GA1UdIwQYMBaAFDTQ7HrEw5Hk7Lqd
CjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUwLzEv
a0VtNUV4Tm5UOE1DUHdsdFVha2NIM29xVjZFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9m
N2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUwLzEvTk5Ec2VzVERrZVRz
dXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYG
CCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBANtRHgDBABtRH4wDQQCAAIwBwMF
ACABTQAwDQYJKoZIhvcNAQELBQADggEBAE2NChr2y6uA70+ZN9yZzu2FDXKa3818
6hrOUkLT8CTHGF/yqf0tKOKHKRnxX4FAOzgMym5dGL4/42hcR+GawBZeJVw4UEY1
E4mnrhXgStr1+Yxscogj28j3u7oAdu8+PLKXhUiGv7jXrPP9ohoNs4Pu0np3fpIt
w9ttLou5c8T429IwW5Nz2Qfqd5NrVxQicVUheNYiFNR2tNulirTkmsQ+UmUXjqrn
yPkJJoQ8XApxK0z/xay+AN2LS+Dj58DK4mnba2paujbnuZYQme2c1fTYXit2SpfL
9ZaxSt/pEjt9SOr6tyvYudw3lfh/8z0ITvWBXGhXoARGdrO+w2FxSoY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-ams.rpki-client.org