Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/94e5fd-e033-4a5e-aefc-b33440aaab72/1/pIRtDZvWrQl0WeM0zkCM3csT_ho.roa
File: pIRtDZvWrQl0WeM0zkCM3csT_ho.roa (raw, json)
Hash identifier: hapvao7rBGo+PYUSspJeyW1Og5CeAngjsSmZP/hIlN0=
Subject key identifier: A4:84:6D:0D:9B:D6:AD:09:74:59:E3:34:CE:40:8C:DD:CB:13:FE:1A
Certificate issuer: /CN=05c09c41d23896b2d5428182623f88fa676e6c90
Certificate serial: 375B96E7
Authority key identifier: 05:C0:9C:41:D2:38:96:B2:D5:42:81:82:62:3F:88:FA:67:6E:6C:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BcCcQdI4lrLVQoGCYj-I-mdubJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/94e5fd-e033-4a5e-aefc-b33440aaab72/1/pIRtDZvWrQl0WeM0zkCM3csT_ho.roa
Signing time: Sat 01 Jan 2022 07:54:34 +0000
ROA not before: Sat 01 Jan 2022 07:54:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50446
IP address blocks: 109.69.186.0/24 maxlen: 24
109.69.185.0/24 maxlen: 24
109.69.184.0/21 maxlen: 24
109.69.190.0/24 maxlen: 24
109.69.188.0/24 maxlen: 24
185.73.52.0/22 maxlen: 22
2a03:ba80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928749287 (0x375b96e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05c09c41d23896b2d5428182623f88fa676e6c90
Validity
Not Before: Jan 1 07:54:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4846d0d9bd6ad097459e334ce408cddcb13fe1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e2:89:91:b0:1e:95:e5:2c:b7:e6:d2:23:cd:
a2:34:f3:44:08:5d:19:7a:6a:83:45:9a:5f:58:12:
59:39:20:08:45:fa:b2:af:d9:6e:0d:32:5c:8d:9b:
17:79:ca:67:59:63:a8:11:62:90:28:0c:15:90:b4:
5e:1f:2e:3f:f4:ef:59:a0:49:65:2b:e2:9c:f5:e0:
5d:2c:35:e8:84:2c:9b:88:47:0c:e3:36:d3:e8:39:
38:12:c5:c0:68:4d:f1:1f:36:0f:55:f8:f6:59:a5:
a8:15:c1:3f:d6:bd:19:d0:59:d8:1a:ec:fe:8a:b7:
2f:54:f3:6b:ba:8b:68:2b:aa:e6:bd:78:fa:b1:99:
99:ab:15:dd:3b:6e:01:7a:dd:b3:08:a4:db:0c:da:
5d:9b:df:f5:01:1e:27:84:a3:2e:2b:c8:e0:41:e4:
8c:6c:12:cf:93:34:2a:40:a3:28:e6:6d:04:b7:f1:
34:36:61:ca:a5:cd:c9:b7:e9:3d:0b:98:9b:55:93:
da:59:c1:2f:0c:a2:17:f5:d5:6a:15:6c:41:c6:1d:
09:73:06:c6:da:1d:91:23:6a:8d:2d:7f:f0:3a:cd:
71:f1:0b:39:aa:27:48:7b:18:23:f6:9b:e4:94:3c:
5d:7e:e1:9f:ce:05:f5:1d:6b:b4:b5:9d:53:ea:58:
8c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:84:6D:0D:9B:D6:AD:09:74:59:E3:34:CE:40:8C:DD:CB:13:FE:1A
X509v3 Authority Key Identifier:
keyid:05:C0:9C:41:D2:38:96:B2:D5:42:81:82:62:3F:88:FA:67:6E:6C:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcCcQdI4lrLVQoGCYj-I-mdubJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/94e5fd-e033-4a5e-aefc-b33440aaab72/1/pIRtDZvWrQl0WeM0zkCM3csT_ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/94e5fd-e033-4a5e-aefc-b33440aaab72/1/BcCcQdI4lrLVQoGCYj-I-mdubJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.184.0/21
185.73.52.0/22
IPv6:
2a03:ba80::/32
Signature Algorithm: sha256WithRSAEncryption
06:a6:d9:5c:24:fd:62:15:75:6a:10:38:98:14:8a:d7:f3:eb:
41:ad:5a:8f:db:70:3e:f9:f8:e6:73:1d:a8:fd:cb:b1:31:94:
bf:de:bb:0f:f7:0b:78:ba:e0:d2:44:93:67:61:ab:ef:aa:1d:
2b:b8:55:aa:83:a6:7b:78:4d:aa:b9:05:0d:cc:3c:e4:da:70:
ff:04:9f:ae:b3:c1:5d:e6:84:c6:16:c7:e4:a1:42:da:29:47:
9e:42:11:e0:de:4b:e5:52:28:c6:d0:78:08:e2:ad:99:21:c7:
76:4e:ea:fb:22:8d:2c:f1:00:a5:9f:c1:36:02:c7:ce:0a:d0:
52:8e:d8:af:4c:5d:2e:ce:a0:d7:1f:d4:4d:97:ed:70:0a:84:
38:a3:61:00:a2:a0:86:67:d0:ab:f6:9a:fe:88:b2:ef:26:b2:
9c:d8:4b:9c:c1:7c:b7:52:71:ca:70:69:59:a5:c5:db:e2:18:
40:05:8e:a7:0a:62:30:4c:26:ad:de:65:23:f8:08:86:57:7b:
b5:7e:92:2e:a2:1d:c9:4a:f0:6c:6b:91:a8:9f:f6:95:bc:0d:
19:87:d3:48:df:1f:d7:7c:d7:6e:21:a1:7a:ae:47:ce:9f:88:
58:6c:60:ff:84:3f:00:4b:fe:12:36:fd:e6:42:a6:70:80:a0:
b0:9b:f1:5b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN1uW5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWMwOWM0MWQyMzg5NmIyZDU0MjgxODI2MjNmODhmYTY3NmU2YzkwMB4XDTIyMDEw
MTA3NTQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ4NDZkMGQ5YmQ2
YWQwOTc0NTllMzM0Y2U0MDhjZGRjYjEzZmUxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALviiZGwHpXlLLfm0iPNojTzRAhdGXpqg0WaX1gSWTkgCEX6
sq/Zbg0yXI2bF3nKZ1ljqBFikCgMFZC0Xh8uP/TvWaBJZSvinPXgXSw16IQsm4hH
DOM20+g5OBLFwGhN8R82D1X49lmlqBXBP9a9GdBZ2Brs/oq3L1Tza7qLaCuq5r14
+rGZmasV3TtuAXrdswik2wzaXZvf9QEeJ4SjLivI4EHkjGwSz5M0KkCjKOZtBLfx
NDZhyqXNybfpPQuYm1WT2lnBLwyiF/XVahVsQcYdCXMGxtodkSNqjS1/8DrNcfEL
OaonSHsYI/ab5JQ8XX7hn84F9R1rtLWdU+pYjCECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSkhG0Nm9atCXRZ4zTOQIzdyxP+GjAfBgNVHSMEGDAWgBQFwJxB0jiWstVC
gYJiP4j6Z25skDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JjQ2NRZEk0bHJMVlFvR0NZai1JLW1kdWJKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvOTRlNWZkLWUwMzMtNGE1ZS1hZWZjLWIzMzQ0MGFhYWI3Mi8x
L3BJUnREWnZXclFsMFdlTTB6a0NNM2NzVF9oby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
OTRlNWZkLWUwMzMtNGE1ZS1hZWZjLWIzMzQ0MGFhYWI3Mi8xL0JjQ2NRZEk0bHJM
VlFvR0NZai1JLW1kdWJKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA21FuAMEArlJNDANBAIAAjAHAwUA
KgO6gDANBgkqhkiG9w0BAQsFAAOCAQEABqbZXCT9YhV1ahA4mBSK1/PrQa1aj9tw
Pvn45nMdqP3LsTGUv967D/cLeLrg0kSTZ2Gr76odK7hVqoOme3hNqrkFDcw85Npw
/wSfrrPBXeaExhbH5KFC2ilHnkIR4N5L5VIoxtB4COKtmSHHdk7q+yKNLPEApZ/B
NgLHzgrQUo7Yr0xdLs6g1x/UTZftcAqEOKNhAKKghmfQq/aa/oiy7yaynNhLnMF8
t1JxynBpWaXF2+IYQAWOpwpiMEwmrd5lI/gIhld7tX6SLqIdyUrwbGuRqJ/2lbwN
GYfTSN8f13zXbiGheq5Hzp+IWGxg/4Q/AEv+Ejb95kKmcICgsJvxWw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-ams.rpki-client.org