Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/1-E0hwMf5pmi8c6f8II8AWT2CLi0.roa
File: 1-E0hwMf5pmi8c6f8II8AWT2CLi0.roa (raw, json)
Hash identifier: E2Z8FqF9HWe6xjwLPwQbPlfmq0M6F8LTsOLuWEKSfAc=
Subject key identifier: F8:4D:21:C0:C7:F9:A6:68:BC:73:A7:FC:20:8F:00:59:3D:82:2E:2D
Certificate issuer: /CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Certificate serial: 0C3E8CF7
Authority key identifier: 22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/1-E0hwMf5pmi8c6f8II8AWT2CLi0.roa
Signing time: Tue 15 Mar 2022 17:19:34 +0000
ROA not before: Tue 15 Mar 2022 17:19:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29067
IP address blocks: 193.29.220.0/24 maxlen: 24
195.47.253.0/24 maxlen: 24
185.159.140.0/24 maxlen: 24
109.70.104.0/22 maxlen: 24
109.70.111.0/24 maxlen: 24
109.70.108.0/24 maxlen: 24
2001:4130:ce::/48 maxlen: 48
2001:4130:50f1::/48 maxlen: 48
2001:4130::/32 maxlen: 48
2001:67c:258::/48 maxlen: 48
2001:4130:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205425911 (0xc3e8cf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Validity
Not Before: Mar 15 17:19:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f84d21c0c7f9a668bc73a7fc208f00593d822e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:40:5f:b1:ab:63:7a:6a:47:bb:ca:c3:c6:
2f:af:f0:8a:51:2a:aa:48:d2:0a:65:29:18:ba:31:
cb:ac:f3:59:94:d2:6e:03:22:a3:8f:d4:0c:9d:57:
56:3f:d6:78:3b:bb:02:4c:77:ca:fa:35:20:3e:51:
e9:92:c7:48:1c:1f:2d:db:a8:ca:86:3d:e9:30:82:
16:ea:f6:85:c7:b5:90:02:f8:f3:e9:fb:0b:b9:fb:
16:c6:db:26:49:8d:a0:bd:51:7b:ec:d8:75:c6:c4:
36:31:65:0f:21:b0:0d:bc:52:4d:15:e2:ca:75:c7:
02:d8:e2:a2:43:ba:b6:15:e5:77:39:cc:d7:82:1c:
3c:88:a3:01:06:af:52:d3:15:f6:08:a4:d4:b4:74:
bd:31:a8:63:36:51:f0:c8:40:92:b0:e0:83:a5:ea:
a6:18:cf:ef:8c:da:34:ab:c3:40:ab:a9:f1:21:47:
28:70:b8:74:e8:f4:5b:00:6f:5d:86:a1:42:ee:7d:
6a:a2:86:fd:88:46:06:b6:62:fd:6a:31:9d:d0:e7:
89:bd:8a:07:ac:19:f6:3e:cb:53:18:46:2a:da:48:
7a:b4:49:9b:9f:9a:53:31:e4:72:a3:2d:d8:e9:92:
9e:9b:9d:10:18:6e:f0:5f:0a:04:da:cc:18:25:e8:
7d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:4D:21:C0:C7:F9:A6:68:BC:73:A7:FC:20:8F:00:59:3D:82:2E:2D
X509v3 Authority Key Identifier:
keyid:22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/1-E0hwMf5pmi8c6f8II8AWT2CLi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.104.0-109.70.108.255
109.70.111.0/24
185.159.140.0/24
193.29.220.0/24
195.47.253.0/24
IPv6:
2001:67c:258::/48
2001:4130::/32
Signature Algorithm: sha256WithRSAEncryption
26:21:48:4f:ba:9f:22:3f:2a:27:97:44:25:cb:54:ef:ce:eb:
e9:6e:e7:d5:02:dc:d9:bc:ca:ae:c5:78:73:47:d3:0f:c8:69:
38:35:1b:f5:19:ea:c9:64:55:87:61:f2:38:65:6a:bc:af:12:
0e:6e:92:89:1f:31:ab:81:ec:51:3a:95:e2:70:38:17:39:35:
7d:30:29:f5:8a:45:7b:dc:93:09:d6:7a:c8:07:1a:ab:6a:a3:
a0:4c:d8:08:fe:ac:73:4a:1c:ff:0e:91:49:e4:d5:45:21:a0:
a3:c6:9a:bf:69:c5:dd:fc:77:a8:30:08:44:74:94:fe:20:0b:
29:ab:ee:55:54:1c:4d:44:ea:43:8c:9f:07:83:74:2c:0d:d3:
a3:5f:1a:d8:66:2e:2a:33:8b:7b:ae:e4:0b:78:dc:e6:2e:14:
21:98:cd:96:b8:2f:67:64:bd:47:f3:ea:36:76:79:44:60:17:
9e:d8:6c:c1:d5:3c:40:85:05:10:e4:08:22:2e:b3:7e:09:ed:
4c:2f:aa:c4:6a:da:43:a6:c6:38:81:27:1b:29:04:fc:e6:d3:
20:c9:32:e6:1a:6e:e8:39:6c:8a:95:8b:bc:7c:7b:84:ab:7a:
b6:c3:33:3b:d8:92:55:86:57:d3:26:80:3e:5f:18:ab:ef:5b:
dc:cd:50:eb
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEDD6M9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjM2YjJiOGFmYTYwMzZkMmM4ZTgzMTc3MzZmYWFhNzJkODBjNGYyMB4XDTIyMDMx
NTE3MTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg0ZDIxYzBjN2Y5
YTY2OGJjNzNhN2ZjMjA4ZjAwNTkzZDgyMmUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0hQF+xq2N6ake7ysPGL6/wilEqqkjSCmUpGLoxy6zzWZTS
bgMio4/UDJ1XVj/WeDu7Akx3yvo1ID5R6ZLHSBwfLduoyoY96TCCFur2hce1kAL4
8+n7C7n7FsbbJkmNoL1Re+zYdcbENjFlDyGwDbxSTRXiynXHAtjiokO6thXldznM
14IcPIijAQavUtMV9gik1LR0vTGoYzZR8MhAkrDgg6XqphjP74zaNKvDQKup8SFH
KHC4dOj0WwBvXYahQu59aqKG/YhGBrZi/WoxndDnib2KB6wZ9j7LUxhGKtpIerRJ
m5+aUzHkcqMt2OmSnpudEBhu8F8KBNrMGCXofQkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBT4TSHAx/mmaLxzp/wgjwBZPYIuLTAfBgNVHSMEGDAWgBQiNrK4r6YDbSyO
gxdzb6qnLYDE8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lqYXl1Sy1tQTIwc2pvTVhjMi1xcHkyQXhQSS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNmY4OTViLTc5NzctNDQ1ZC1iNzJjLThiNWVmNDFkOGMyNS8x
LzEtRTBod01mNXBtaThjNmY4SUk4QVdUMkNMaTAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2
LzZmODk1Yi03OTc3LTQ0NWQtYjcyYy04YjVlZjQxZDhjMjUvMS9JamF5dUstbUEy
MHNqb01YYzItcXB5MkF4UEkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
VwYIKwYBBQUHAQcBAf8ESDBGMCwEAgABMCYwDAMEA21GaAMEAG1GbAMEAG1GbwME
ALmfjAMEAMEd3AMEAMMv/TAWBAIAAjAQAwcAIAEGfAJYAwUAIAFBMDANBgkqhkiG
9w0BAQsFAAOCAQEAJiFIT7qfIj8qJ5dEJctU787r6W7n1QLc2bzKrsV4c0fTD8hp
ODUb9RnqyWRVh2HyOGVqvK8SDm6SiR8xq4HsUTqV4nA4Fzk1fTAp9YpFe9yTCdZ6
yAcaq2qjoEzYCP6sc0oc/w6RSeTVRSGgo8aav2nF3fx3qDAIRHSU/iALKavuVVQc
TUTqQ4yfB4N0LA3To18a2GYuKjOLe67kC3jc5i4UIZjNlrgvZ2S9R/PqNnZ5RGAX
nthswdU8QIUFEOQIIi6zfgntTC+qxGraQ6bGOIEnGykE/ObTIMky5hpu6DlsipWL
vHx7hKt6tsMzO9iSVYZX0yaAPl8Yq+9b3M1Q6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org