Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/H168ytcGe0aiepfcGUXXCv4lQmE.roa
File: H168ytcGe0aiepfcGUXXCv4lQmE.roa (raw, json)
Hash identifier: NLn887MS67paasH1RK5doEKa2CvlUeLpHdn2nymkQvc=
Subject key identifier: 1F:5E:BC:CA:D7:06:7B:46:A2:7A:97:DC:19:45:D7:0A:FE:25:42:61
Certificate issuer: /CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Certificate serial: 0B9639E6
Authority key identifier: 22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/H168ytcGe0aiepfcGUXXCv4lQmE.roa
Signing time: Sat 01 Jan 2022 11:56:18 +0000
ROA not before: Sat 01 Jan 2022 11:56:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29067
IP address blocks: 193.29.220.0/24 maxlen: 24
195.47.253.0/24 maxlen: 24
185.159.140.0/24 maxlen: 24
109.70.104.0/22 maxlen: 24
109.70.111.0/24 maxlen: 24
2001:4130:50f1::/48 maxlen: 48
2001:4130::/32 maxlen: 48
2001:67c:258::/48 maxlen: 48
2001:4130:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194394598 (0xb9639e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Validity
Not Before: Jan 1 11:56:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f5ebccad7067b46a27a97dc1945d70afe254261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ce:0b:23:49:f2:b4:39:52:4a:e1:87:27:24:
26:72:3f:43:26:4c:97:a1:9f:9b:c3:c6:d4:a9:14:
f3:50:38:da:c1:ac:b4:76:d0:d1:ad:61:36:5e:de:
db:29:25:4e:99:82:35:43:71:ff:14:f7:53:c9:7a:
bc:df:02:30:dd:dc:5a:73:23:1c:13:26:5b:37:b0:
88:b2:ad:d6:1a:b7:bb:77:9c:9b:bc:47:04:7b:56:
3d:8b:e6:bd:a4:7a:38:75:86:d6:f1:72:3c:5c:9c:
70:7b:52:f3:97:81:e2:26:16:23:6b:65:dd:0b:04:
d4:18:cc:04:3f:37:33:49:11:90:a9:58:bf:94:93:
71:c7:de:b3:4a:67:b2:c0:fa:d2:4b:d5:5a:9b:6a:
b8:e4:37:b2:46:ce:92:28:c0:a0:cf:73:23:d6:e4:
eb:0a:35:60:a7:6d:24:4c:7e:8d:60:a1:db:e5:3f:
1c:d1:a3:d4:f1:46:fb:6d:44:a5:41:5e:69:de:06:
ad:15:5e:65:8a:13:74:10:73:e7:2f:23:49:3d:ca:
95:88:33:d3:83:b5:6d:a5:99:c6:07:c8:c2:7b:d8:
ba:67:da:f3:23:cd:92:28:11:f1:5a:c0:62:e8:49:
b9:91:61:b1:2b:05:d7:4b:82:85:c5:82:1f:f6:84:
6c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5E:BC:CA:D7:06:7B:46:A2:7A:97:DC:19:45:D7:0A:FE:25:42:61
X509v3 Authority Key Identifier:
keyid:22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/H168ytcGe0aiepfcGUXXCv4lQmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.104.0/22
109.70.111.0/24
185.159.140.0/24
193.29.220.0/24
195.47.253.0/24
IPv6:
2001:67c:258::/48
2001:4130::/32
Signature Algorithm: sha256WithRSAEncryption
14:25:86:48:b4:08:f0:09:8d:34:99:c3:eb:3a:b4:a4:b7:1a:
70:2e:97:f1:2d:8c:63:3e:c8:09:95:88:ce:3b:da:02:01:e2:
02:32:5d:55:73:c2:56:a5:fb:17:d5:07:f7:cc:ea:37:7c:24:
c7:24:81:ca:92:dd:b9:8c:81:ec:05:ad:79:65:8d:dd:27:1d:
3a:92:d5:5e:68:4c:48:e4:0a:37:04:14:c7:2a:a0:73:5f:7c:
8b:73:ec:1e:e9:c6:d7:88:63:93:ce:45:45:3b:ff:53:22:ae:
1e:31:61:07:6d:53:0d:7b:9b:df:27:40:e1:78:aa:29:44:ec:
1e:99:7c:38:08:eb:05:b6:b0:8e:82:ae:0a:23:14:fe:03:e1:
8a:c2:ef:a2:1c:d3:2a:1e:05:d0:4a:2c:d7:46:bf:bd:9e:46:
8a:9a:79:22:e2:3c:d8:1b:50:d9:5e:61:7b:83:ff:fe:89:7c:
49:fe:8d:ef:72:c6:33:4a:41:95:87:d9:c1:81:5d:1a:2c:7c:
d5:f0:a6:45:24:90:c4:fa:11:9d:a4:c5:a8:ae:67:6c:a1:80:
fa:59:57:ff:28:af:e2:78:3e:7b:6a:42:08:a2:35:23:ee:b4:
99:8e:55:83:e1:83:96:f0:ea:80:29:c9:93:de:d3:70:79:b2:
96:08:c5:7a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEC5Y55jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjM2YjJiOGFmYTYwMzZkMmM4ZTgzMTc3MzZmYWFhNzJkODBjNGYyMB4XDTIyMDEw
MTExNTYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY1ZWJjY2FkNzA2
N2I0NmEyN2E5N2RjMTk0NWQ3MGFmZTI1NDI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTOCyNJ8rQ5UkrhhyckJnI/QyZMl6Gfm8PG1KkU81A42sGs
tHbQ0a1hNl7e2yklTpmCNUNx/xT3U8l6vN8CMN3cWnMjHBMmWzewiLKt1hq3u3ec
m7xHBHtWPYvmvaR6OHWG1vFyPFyccHtS85eB4iYWI2tl3QsE1BjMBD83M0kRkKlY
v5STccfes0pnssD60kvVWptquOQ3skbOkijAoM9zI9bk6wo1YKdtJEx+jWCh2+U/
HNGj1PFG+21EpUFead4GrRVeZYoTdBBz5y8jST3KlYgz04O1baWZxgfIwnvYumfa
8yPNkigR8VrAYuhJuZFhsSsF10uChcWCH/aEbGMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQfXrzK1wZ7RqJ6l9wZRdcK/iVCYTAfBgNVHSMEGDAWgBQiNrK4r6YDbSyO
gxdzb6qnLYDE8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lqYXl1Sy1tQTIwc2pvTVhjMi1xcHkyQXhQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNmY4OTViLTc5NzctNDQ1ZC1iNzJjLThiNWVmNDFkOGMyNS8x
L0gxNjh5dGNHZTBhaWVwZmNHVVhYQ3Y0bFFtRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NmY4OTViLTc5NzctNDQ1ZC1iNzJjLThiNWVmNDFkOGMyNS8xL0lqYXl1Sy1tQTIw
c2pvTVhjMi1xcHkyQXhQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJAQCAAEwHgMEAm1GaAMEAG1GbwMEALmfjAMEAMEd
3AMEAMMv/TAWBAIAAjAQAwcAIAEGfAJYAwUAIAFBMDANBgkqhkiG9w0BAQsFAAOC
AQEAFCWGSLQI8AmNNJnD6zq0pLcacC6X8S2MYz7ICZWIzjvaAgHiAjJdVXPCVqX7
F9UH98zqN3wkxySBypLduYyB7AWteWWN3ScdOpLVXmhMSOQKNwQUxyqgc198i3Ps
HunG14hjk85FRTv/UyKuHjFhB21TDXub3ydA4XiqKUTsHpl8OAjrBbawjoKuCiMU
/gPhisLvohzTKh4F0Eos10a/vZ5Gipp5IuI82BtQ2V5he4P//ol8Sf6N73LGM0pB
lYfZwYFdGix81fCmRSSQxPoRnaTFqK5nbKGA+llX/yiv4ng+e2pCCKI1I+60mY5V
g+GDlvDqgCnJk97TcHmylgjFeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:20 2024 by rpki-client on console-ams.rpki-client.org