Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/ix60vQUPvOtZknrHOAK567WKXXg.roa
File: ix60vQUPvOtZknrHOAK567WKXXg.roa (raw, json)
Hash identifier: wKHw4fdVLZ0dS8YzoCbmlsYUzJ8SjkAwzlshJJgf7rw=
Subject key identifier: 8B:1E:B4:BD:05:0F:BC:EB:59:92:7A:C7:38:02:B9:EB:B5:8A:5D:78
Certificate issuer: /CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Certificate serial: 0C25F22E
Authority key identifier: 22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/ix60vQUPvOtZknrHOAK567WKXXg.roa
Signing time: Fri 04 Mar 2022 14:50:49 +0000
ROA not before: Fri 04 Mar 2022 14:50:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24725
IP address blocks: 109.70.105.0/24 maxlen: 24
109.70.104.0/24 maxlen: 24
109.70.107.0/24 maxlen: 24
109.70.106.0/24 maxlen: 24
2001:4130:107::/48 maxlen: 48
2001:4130:50f2::/48 maxlen: 48
2001:4130::/34 maxlen: 48
2001:4130::/32 maxlen: 48
2001:4130:18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203813422 (0xc25f22e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236b2b8afa6036d2c8e8317736faaa72d80c4f2
Validity
Not Before: Mar 4 14:50:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b1eb4bd050fbceb59927ac73802b9ebb58a5d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d7:09:bd:a8:88:06:9f:00:56:c5:54:74:f0:
6b:69:ea:35:9e:d7:f4:f2:b5:d6:40:06:08:6e:ef:
cf:49:2e:fa:bf:34:f1:20:6d:b5:40:ca:bb:ce:b4:
4f:2d:1d:56:6b:92:e1:2b:99:07:b7:e7:bb:d7:4d:
98:6d:96:15:89:35:c1:8b:2a:a9:33:f3:ab:26:3b:
ac:73:a1:9c:15:94:dc:a4:58:4c:c2:de:21:6c:2d:
16:19:af:6a:bb:0d:1f:52:b5:de:d8:39:c6:36:f3:
6d:fb:d5:cb:8d:1c:0c:c9:eb:97:e5:93:30:84:a6:
32:04:38:88:69:d9:df:c8:e1:f7:be:32:6b:bd:1d:
e8:51:a7:01:ba:7f:60:7a:4b:72:d8:5a:58:36:49:
70:22:57:af:f7:4f:51:9b:e3:d5:93:5f:ae:0d:0e:
75:20:1a:ea:65:8b:22:2b:ff:eb:7a:c2:ea:5d:19:
da:eb:e9:fd:7a:b8:5b:81:9f:33:92:ac:cd:e5:94:
c1:5c:e3:f1:78:1c:8f:70:07:ce:4c:1f:0e:af:66:
0f:07:40:2c:92:d7:cf:c8:69:78:c3:72:db:6e:b2:
a2:08:c7:2b:68:77:bd:7c:41:2f:6e:f8:d1:a8:af:
97:57:91:68:10:ae:21:ce:1a:84:35:e6:34:8e:1e:
87:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1E:B4:BD:05:0F:BC:EB:59:92:7A:C7:38:02:B9:EB:B5:8A:5D:78
X509v3 Authority Key Identifier:
keyid:22:36:B2:B8:AF:A6:03:6D:2C:8E:83:17:73:6F:AA:A7:2D:80:C4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjayuK-mA20sjoMXc2-qpy2AxPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/ix60vQUPvOtZknrHOAK567WKXXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6f895b-7977-445d-b72c-8b5ef41d8c25/1/IjayuK-mA20sjoMXc2-qpy2AxPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.104.0/22
IPv6:
2001:4130::/32
Signature Algorithm: sha256WithRSAEncryption
07:47:ee:c8:45:2b:e5:68:d9:3d:de:05:a3:94:eb:34:de:14:
12:b2:7b:db:1a:5f:53:c9:e0:44:7a:53:7f:9b:fa:b2:36:c2:
16:c5:da:a0:16:6c:24:d4:1b:95:e7:fc:03:4b:1d:51:9b:10:
24:b1:f7:be:76:dd:86:90:13:8e:10:1b:de:29:e1:20:6e:e9:
6c:c6:17:92:75:7d:71:8a:5e:01:cf:c3:5e:67:0f:33:84:57:
55:63:98:67:87:60:c1:25:11:12:10:d0:b6:ef:5c:85:01:31:
64:52:6a:1c:76:7e:4b:7d:0d:95:f9:0b:48:10:48:65:dc:83:
5c:72:4e:af:bc:f0:9a:33:9d:7b:0a:f4:81:94:a0:43:e1:d7:
04:7f:bb:6c:30:5d:f6:c9:4f:85:51:0d:c9:34:96:1f:ff:dc:
8c:a6:43:0e:29:08:15:6a:98:53:41:c7:8e:75:8d:f7:19:25:
d9:ef:8f:6b:48:5b:a9:7d:1f:8a:65:64:a0:f3:0f:b0:b5:bb:
f9:96:b7:85:88:d4:58:18:6b:2c:8a:2c:dd:c6:bd:a9:49:aa:
d5:fa:de:fe:dd:65:e0:a3:ae:e9:4b:2c:c3:93:82:17:e9:e6:
87:f9:c3:d1:f9:c1:7e:d6:f6:b8:53:31:00:95:c1:f6:90:35:
e3:16:7a:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDCXyLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjM2YjJiOGFmYTYwMzZkMmM4ZTgzMTc3MzZmYWFhNzJkODBjNGYyMB4XDTIyMDMw
NDE0NTA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIxZWI0YmQwNTBm
YmNlYjU5OTI3YWM3MzgwMmI5ZWJiNThhNWQ3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPXCb2oiAafAFbFVHTwa2nqNZ7X9PK11kAGCG7vz0ku+r80
8SBttUDKu860Ty0dVmuS4SuZB7fnu9dNmG2WFYk1wYsqqTPzqyY7rHOhnBWU3KRY
TMLeIWwtFhmvarsNH1K13tg5xjbzbfvVy40cDMnrl+WTMISmMgQ4iGnZ38jh974y
a70d6FGnAbp/YHpLcthaWDZJcCJXr/dPUZvj1ZNfrg0OdSAa6mWLIiv/63rC6l0Z
2uvp/Xq4W4GfM5KszeWUwVzj8Xgcj3AHzkwfDq9mDwdALJLXz8hpeMNy226yogjH
K2h3vXxBL2740aivl1eRaBCuIc4ahDXmNI4eh70CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSLHrS9BQ+861mSesc4ArnrtYpdeDAfBgNVHSMEGDAWgBQiNrK4r6YDbSyO
gxdzb6qnLYDE8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lqYXl1Sy1tQTIwc2pvTVhjMi1xcHkyQXhQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNmY4OTViLTc5NzctNDQ1ZC1iNzJjLThiNWVmNDFkOGMyNS8x
L2l4NjB2UVVQdk90WmtuckhPQUs1NjdXS1hYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NmY4OTViLTc5NzctNDQ1ZC1iNzJjLThiNWVmNDFkOGMyNS8xL0lqYXl1Sy1tQTIw
c2pvTVhjMi1xcHkyQXhQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAm1GaDANBAIAAjAHAwUAIAFBMDAN
BgkqhkiG9w0BAQsFAAOCAQEAB0fuyEUr5WjZPd4Fo5TrNN4UErJ72xpfU8ngRHpT
f5v6sjbCFsXaoBZsJNQblef8A0sdUZsQJLH3vnbdhpATjhAb3inhIG7pbMYXknV9
cYpeAc/DXmcPM4RXVWOYZ4dgwSUREhDQtu9chQExZFJqHHZ+S30NlfkLSBBIZdyD
XHJOr7zwmjOdewr0gZSgQ+HXBH+7bDBd9slPhVENyTSWH//cjKZDDikIFWqYU0HH
jnWN9xkl2e+Pa0hbqX0fimVkoPMPsLW7+Za3hYjUWBhrLIos3ca9qUmq1fre/t1l
4KOu6Ussw5OCF+nmh/nD0fnBftb2uFMxAJXB9pA14xZ6wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org