Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/c9WP9VNONZhC1DEdva0PMyn1G5Y.roa
File: c9WP9VNONZhC1DEdva0PMyn1G5Y.roa (raw, json)
Hash identifier: kIj9hH+kYuPxomEm3eGq7wOYMZy/r3jZ2oX4BGxMo60=
Subject key identifier: 73:D5:8F:F5:53:4E:35:98:42:D4:31:1D:BD:AD:0F:33:29:F5:1B:96
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01852C669ECA0BE95EAB196A89F89F04F64E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/c9WP9VNONZhC1DEdva0PMyn1G5Y.roa
Signing time: Mon 19 Dec 2022 22:00:00 +0000
ROA not before: Mon 19 Dec 2022 22:00:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 109.122.43.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.47.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
193.93.54.0/23 maxlen: 24
193.93.52.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
87.237.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2c:66:9e:ca:0b:e9:5e:ab:19:6a:89:f8:9f:04:f6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 19 22:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73d58ff5534e359842d4311dbdad0f3329f51b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:6a:e8:58:e8:1c:5b:66:81:69:58:5f:de:
5e:1d:39:f7:be:28:46:38:09:52:11:52:6d:f6:02:
e2:3b:47:a9:52:df:67:38:24:2f:7e:d6:09:60:94:
43:ee:02:36:3b:ce:7e:d1:3d:2d:52:28:06:0e:90:
4a:56:4a:d6:ea:a7:1a:09:ae:1d:80:8f:be:f2:e1:
93:e7:7d:65:4d:1e:40:ba:89:1f:35:fc:3d:15:5e:
45:9c:e6:74:66:3f:3d:72:30:89:06:9c:d2:03:d4:
ff:36:b6:c4:21:62:89:3b:92:3e:a2:99:fc:3e:c3:
df:f2:ed:ee:d6:36:45:9e:96:38:6e:43:e2:91:60:
76:32:4c:2b:2a:59:1f:df:9c:ae:28:a5:1a:42:2f:
b4:ee:26:e0:83:28:44:d4:12:d5:5a:7d:2c:d4:2a:
57:53:40:6b:db:4d:6a:ec:96:f0:bd:17:f2:7a:d6:
3e:2b:39:53:a5:84:50:e7:df:34:27:7c:0d:89:fc:
db:58:e2:5c:9f:c5:72:15:db:99:4c:05:d2:dc:30:
db:0d:6e:bb:29:dc:00:cf:fe:34:e2:c5:d2:1e:23:
12:85:7a:a8:c9:e2:7a:d2:60:f4:fe:6b:ec:fa:af:
62:21:08:41:6c:fb:cc:ff:53:e9:35:4f:10:eb:53:
c8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D5:8F:F5:53:4E:35:98:42:D4:31:1D:BD:AD:0F:33:29:F5:1B:96
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/c9WP9VNONZhC1DEdva0PMyn1G5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
91.226.57.0/24
109.122.40.0/23
109.122.43.0/24
109.122.45.0-109.122.47.255
193.93.52.0/22
Signature Algorithm: sha256WithRSAEncryption
22:7b:09:ad:20:54:9e:31:02:b5:36:90:a6:1e:a3:75:99:01:
9c:57:aa:c2:a0:02:63:aa:4c:23:44:ef:fb:06:43:45:42:80:
fa:0d:e1:d6:59:eb:14:d2:17:58:9a:d0:e5:fc:46:bf:cc:6b:
21:71:be:43:3a:85:fb:88:99:c4:8f:4d:ce:fb:a4:d8:58:d7:
13:8a:6c:7b:95:33:25:7a:fe:b4:af:a3:54:d5:93:30:67:0b:
05:9f:26:3a:f5:9a:e8:3a:1f:6b:ff:d5:23:fe:25:04:5a:0c:
f1:34:47:55:b8:35:2b:23:df:c1:4d:8a:f3:77:a6:2a:b2:53:
be:18:b8:01:12:e5:5a:02:ba:11:2d:74:4e:5d:c2:84:18:f0:
13:97:0b:c7:c4:48:2e:51:fe:ba:f9:73:2a:a2:ab:c5:99:0a:
3c:e3:03:6b:49:20:f2:ed:9d:cb:a6:ae:d0:1c:c1:ea:2d:e4:
ae:6f:05:b8:b7:02:51:4f:9b:c3:56:87:0e:6e:ae:03:0a:67:
f7:f8:6c:fb:a8:f2:bb:e4:5f:96:db:d2:61:c9:1c:dc:95:3c:
d3:68:34:c2:a4:34:be:66:93:62:ed:03:a9:46:ba:28:8f:42:
49:3a:89:0c:b7:68:9f:8a:52:0f:89:fc:a0:ad:b3:f4:9f:1c:
c6:ce:66:be
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYUsZp7KC+leqxlqififBPZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIxMjE5MjIwMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q1OGZmNTUzNGUzNTk4NDJkNDMxMWRiZGFkMGYzMzI5ZjUxYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBdq6FjoHFtmgWlYX95eHTn3vihG
OAlSEVJt9gLiO0epUt9nOCQvftYJYJRD7gI2O85+0T0tUigGDpBKVkrW6qcaCa4d
gI++8uGT531lTR5AuokfNfw9FV5FnOZ0Zj89cjCJBpzSA9T/NrbEIWKJO5I+opn8
PsPf8u3u1jZFnpY4bkPikWB2MkwrKlkf35yuKKUaQi+07ibggyhE1BLVWn0s1CpX
U0Br201q7JbwvRfyetY+KzlTpYRQ5980J3wNifzbWOJcn8VyFduZTAXS3DDbDW67
KdwAz/404sXSHiMShXqoyeJ60mD0/mvs+q9iIQhBbPvM/1PpNU8Q61PIfQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHPVj/VTTjWYQtQxHb2tDzMp9RuWMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvYzlXUDlWTk9OWmhDMURFZHZhMFBNeW4xRzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAV+2nAwQA
W+I5AwQBbXooAwQAbXorMAwDBABtei0DBARteiADBALBXTQwDQYJKoZIhvcNAQEL
BQADggEBACJ7Ca0gVJ4xArU2kKYeo3WZAZxXqsKgAmOqTCNE7/sGQ0VCgPoN4dZZ
6xTSF1ia0OX8Rr/MayFxvkM6hfuImcSPTc77pNhY1xOKbHuVMyV6/rSvo1TVkzBn
CwWfJjr1mug6H2v/1SP+JQRaDPE0R1W4NSsj38FNivN3piqyU74YuAES5VoCuhEt
dE5dwoQY8BOXC8fESC5R/rr5cyqiq8WZCjzjA2tJIPLtncumrtAcweot5K5vBbi3
AlFPm8NWhw5urgMKZ/f4bPuo8rvkX5bb0mHJHNyVPNNoNMKkNL5mk2LtA6lGuiiP
Qkk6iQy3aJ+KUg+J/KCts/SfHMbOZr4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org