Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Dc9SDWe0YjcAh8D7Tz_Uiny0LNY.roa
File: Dc9SDWe0YjcAh8D7Tz_Uiny0LNY.roa (raw, json)
Hash identifier: bgnLtNJ17O1mj5cxd2CQ98GFbYPq9/+tNggmKMiCH9Q=
Subject key identifier: 0D:CF:52:0D:67:B4:62:37:00:87:C0:FB:4F:3F:D4:8A:7C:B4:2C:D6
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01833BA3396DE37154CE72B87CE4CB09B1F5
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Dc9SDWe0YjcAh8D7Tz_Uiny0LNY.roa
Signing time: Wed 14 Sep 2022 10:54:56 +0000
ROA not before: Wed 14 Sep 2022 10:54:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 109.122.40.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
109.122.47.0/24 maxlen: 24
91.226.58.0/23 maxlen: 24
193.93.52.0/23 maxlen: 24
193.93.54.0/23 maxlen: 24
87.237.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:a3:39:6d:e3:71:54:ce:72:b8:7c:e4:cb:09:b1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 14 10:54:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dcf520d67b462370087c0fb4f3fd48a7cb42cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:a0:af:36:88:3b:5f:1e:c5:6a:73:24:fb:
d7:72:23:47:d3:dc:70:ee:47:55:2a:72:72:b2:76:
c0:e4:be:54:63:e1:ee:9b:15:bc:68:af:8d:e9:1c:
7a:aa:7d:c8:ae:81:e8:ae:20:c7:3e:6c:5a:55:70:
17:ab:94:13:22:70:47:fd:79:f9:44:37:af:08:8e:
cf:29:77:95:a2:ab:6e:45:32:21:48:5d:01:d8:ef:
18:23:e3:05:1d:29:cd:6a:ef:83:36:d2:5a:0f:b1:
d7:6b:af:00:cf:70:3c:be:e7:d2:92:3c:80:40:e0:
78:74:f2:d5:1a:59:fa:1d:22:10:b7:95:46:a4:5c:
8d:2a:92:a8:20:78:18:a6:3e:65:7f:ba:ff:23:3c:
99:b6:a4:2d:31:98:a9:35:10:d9:79:e4:ed:f9:dd:
df:01:e4:55:cb:79:8b:0c:11:19:e3:3b:e8:1f:69:
dc:bf:b0:2d:8f:2e:51:9b:e4:29:7f:14:a8:94:88:
87:bf:db:7d:2f:10:8d:fb:68:39:11:49:74:ef:5e:
bf:2e:77:ab:0c:16:74:5d:b6:04:66:1c:90:c9:8b:
2e:f6:f8:20:d1:4b:2e:f5:1d:ac:a1:2c:83:02:84:
19:e3:73:72:5c:48:07:ec:8e:ee:c2:47:24:85:c1:
1f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CF:52:0D:67:B4:62:37:00:87:C0:FB:4F:3F:D4:8A:7C:B4:2C:D6
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/Dc9SDWe0YjcAh8D7Tz_Uiny0LNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
91.226.58.0/23
109.122.40.0/24
109.122.43.0/24
109.122.47.0/24
193.93.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:7b:14:94:e8:fc:ba:d7:97:ac:b8:4f:12:77:04:b8:1b:29:
d3:68:ea:86:70:5a:2d:9b:f3:74:01:18:67:16:1b:54:51:b9:
bf:a8:33:71:50:21:0c:0b:e1:a2:82:14:c5:6b:d9:37:39:65:
64:04:c3:b6:39:5b:57:13:ec:fc:00:10:96:e0:9b:5d:df:b5:
dd:32:00:21:04:cf:9f:82:ed:60:d2:aa:b8:13:6b:12:96:e5:
5b:4f:72:61:b1:78:d6:5b:ca:6a:18:9c:8c:d3:a4:54:c4:88:
30:1f:73:31:79:b2:9b:f8:61:30:f3:15:3d:fe:e9:b7:8f:24:
80:93:9c:a4:3f:6c:0c:8b:79:1f:d4:21:73:79:74:be:9f:25:
61:6f:e7:20:5a:b1:79:7e:67:27:51:0f:ff:3b:04:c5:08:45:
ae:7d:80:87:c9:b3:4b:9d:16:ee:c5:cd:13:a6:d4:5b:f8:ef:
0b:da:d0:f2:db:ef:37:11:9e:c0:6a:b1:d2:fc:b5:da:4f:05:
7b:d1:fc:ab:45:59:7a:4a:e1:3b:f3:eb:49:61:94:3d:bd:ff:
aa:7c:28:7e:7c:7c:c7:f1:74:5c:90:28:61:11:4e:37:07:63:
7b:3b:99:d3:ba:ee:c6:10:69:ce:13:f1:3c:f6:5a:c7:ae:47:
8e:0f:9c:0a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYM7ozlt43FUznK4fOTLCbH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIwOTE0MTA1NDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNmNTIwZDY3YjQ2MjM3MDA4N2MwZmI0ZjNmZDQ4YTdjYjQyY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuKgrzaIO18exWpzJPvXciNH09xw
7kdVKnJysnbA5L5UY+HumxW8aK+N6Rx6qn3IroHoriDHPmxaVXAXq5QTInBH/Xn5
RDevCI7PKXeVoqtuRTIhSF0B2O8YI+MFHSnNau+DNtJaD7HXa68Az3A8vufSkjyA
QOB4dPLVGln6HSIQt5VGpFyNKpKoIHgYpj5lf7r/IzyZtqQtMZipNRDZeeTt+d3f
AeRVy3mLDBEZ4zvoH2ncv7Atjy5Rm+QpfxSolIiHv9t9LxCN+2g5EUl0716/Lner
DBZ0XbYEZhyQyYsu9vgg0Usu9R2soSyDAoQZ43NyXEgH7I7uwkckhcEf7wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA3PUg1ntGI3AIfA+08/1Ip8tCzWMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvRGM5U0RXZTBZamNBaDhEN1R6X1VpbnkwTE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAV+2nAwQB
W+I6AwQAbXooAwQAbXorAwQAbXovAwQCwV00MA0GCSqGSIb3DQEBCwUAA4IBAQBP
exSU6Py615esuE8SdwS4GynTaOqGcFotm/N0ARhnFhtUUbm/qDNxUCEMC+GighTF
a9k3OWVkBMO2OVtXE+z8ABCW4Jtd37XdMgAhBM+fgu1g0qq4E2sSluVbT3JhsXjW
W8pqGJyM06RUxIgwH3MxebKb+GEw8xU9/um3jySAk5ykP2wMi3kf1CFzeXS+nyVh
b+cgWrF5fmcnUQ//OwTFCEWufYCHybNLnRbuxc0TptRb+O8L2tDy2+83EZ7AarHS
/LXaTwV70fyrRVl6SuE78+tJYZQ9vf+qfCh+fHzH8XRckChhEU43B2N7O5nTuu7G
EGnOE/E89lrHrkeOD5wK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org