Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/meRN9xRNMJ-bzCl1SsUyRStvQ0s.roa
File: meRN9xRNMJ-bzCl1SsUyRStvQ0s.roa (raw, json)
Hash identifier: kCTzzPiOp7ZyeJjE/s8ZBtuwDC3ga38nDeyLLO0RFqQ=
Subject key identifier: 99:E4:4D:F7:14:4D:30:9F:9B:CC:29:75:4A:C5:32:45:2B:6F:43:4B
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0183FA071A2EBA812AC51906FE80A44AED73
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/meRN9xRNMJ-bzCl1SsUyRStvQ0s.roa
Signing time: Fri 21 Oct 2022 10:11:52 +0000
ROA not before: Fri 21 Oct 2022 10:11:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 109.122.43.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.47.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
87.237.167.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.58.0/23 maxlen: 24
193.93.54.0/23 maxlen: 24
193.93.52.0/24 maxlen: 24
193.93.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:07:1a:2e:ba:81:2a:c5:19:06:fe:80:a4:4a:ed:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 21 10:11:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99e44df7144d309f9bcc29754ac532452b6f434b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ee:56:4b:43:53:47:e6:6a:ef:a2:22:13:32:
de:22:79:d1:a9:69:20:66:14:67:b9:a6:b6:9c:d1:
1e:5b:c9:f7:9e:d4:e2:67:64:76:52:76:7a:53:23:
9c:cc:0b:7f:70:60:91:58:26:f2:bf:bf:38:b3:ad:
00:f0:dc:52:33:3a:f3:c4:82:20:d0:f4:ca:f7:b2:
53:31:1f:5e:a6:aa:69:97:62:c4:13:42:dd:9d:9d:
1a:3e:29:b9:6e:c2:c5:6a:35:bb:ca:3c:94:54:e2:
c7:42:a5:b7:4d:d7:5d:2c:d9:a1:7b:d1:ad:8a:ac:
58:ca:01:72:a3:11:ca:2a:a1:61:5c:53:b7:20:cb:
8a:f2:4d:b9:76:fa:60:f9:13:8b:ad:af:f7:83:82:
7f:06:a2:a7:3c:58:01:12:96:10:a8:3d:29:76:ad:
62:25:a3:23:72:ec:16:ee:fb:21:1b:d9:65:b3:72:
57:f4:ba:21:3b:8c:a3:a8:fc:2a:a1:90:7d:8f:b8:
a9:3b:fb:79:af:59:46:90:89:f0:53:a1:dd:f6:ad:
77:cd:52:c1:5b:56:14:46:20:c4:a0:06:01:23:09:
0f:df:01:99:82:32:43:a5:13:ec:4f:21:a1:1e:90:
f8:a5:42:d4:cd:b6:43:90:d8:67:94:19:99:16:72:
76:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E4:4D:F7:14:4D:30:9F:9B:CC:29:75:4A:C5:32:45:2B:6F:43:4B
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/meRN9xRNMJ-bzCl1SsUyRStvQ0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
91.226.57.0-91.226.59.255
109.122.40.0/21
193.93.52.0/22
Signature Algorithm: sha256WithRSAEncryption
89:a4:26:c5:3c:6e:ce:9c:77:c9:4d:00:b8:b8:e9:ab:14:43:
9c:fb:7c:27:40:88:7d:1f:10:f1:5b:27:56:a4:f6:4b:5f:63:
02:0d:45:59:37:6f:c1:4d:91:18:47:2d:93:e0:a9:54:70:c1:
fe:23:9b:3f:a7:f2:1e:0e:c4:0c:50:9a:73:54:df:8f:89:8d:
ed:0c:b8:0d:50:c5:25:c5:49:47:d8:da:96:2d:b8:be:af:b3:
07:45:8b:ab:69:b0:74:5c:ce:8d:1b:cf:a1:51:6c:81:e2:e1:
38:64:a1:a9:07:3c:3c:2b:2d:e2:26:8a:44:30:c6:39:94:4f:
05:10:bf:1b:61:96:d0:93:36:37:2e:15:fb:10:7f:44:4c:2c:
d7:0a:a7:ba:4d:3e:b8:76:fd:3d:cf:04:91:ab:b1:91:52:2c:
d1:7e:05:b3:9f:d3:21:a1:70:39:5d:dd:02:31:48:a1:84:44:
d2:b9:01:83:fa:51:e7:b2:ff:68:6a:d4:96:1f:37:c8:f7:9d:
e4:a6:46:f7:55:78:55:7c:33:42:1d:40:3a:c4:c5:86:bc:ee:
14:d9:a7:b6:53:0b:fc:72:f2:fc:a8:b0:8a:25:8b:96:41:5c:
fa:a6:44:6e:95:74:47:b0:9b:32:2a:24:07:98:dd:5e:fc:6b:
3b:4b:e0:63
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYP6BxouuoEqxRkG/oCkSu1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIxMDIxMTAxMTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU0NGRmNzE0NGQzMDlmOWJjYzI5NzU0YWM1MzI0NTJiNmY0MzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhe5WS0NTR+Zq76IiEzLeInnRqWkg
ZhRnuaa2nNEeW8n3ntTiZ2R2UnZ6UyOczAt/cGCRWCbyv784s60A8NxSMzrzxIIg
0PTK97JTMR9epqppl2LEE0LdnZ0aPim5bsLFajW7yjyUVOLHQqW3TdddLNmhe9Gt
iqxYygFyoxHKKqFhXFO3IMuK8k25dvpg+ROLra/3g4J/BqKnPFgBEpYQqD0pdq1i
JaMjcuwW7vshG9lls3JX9LohO4yjqPwqoZB9j7ipO/t5r1lGkInwU6Hd9q13zVLB
W1YURiDEoAYBIwkP3wGZgjJDpRPsTyGhHpD4pULUzbZDkNhnlBmZFnJ2dwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJnkTfcUTTCfm8wpdUrFMkUrb0NLMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbWVSTjl4Uk5NSi1iekNsMVNzVXlSU3R2UTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAV+2nMAwD
BABb4jkDBAJb4jgDBANteigDBALBXTQwDQYJKoZIhvcNAQELBQADggEBAImkJsU8
bs6cd8lNALi46asUQ5z7fCdAiH0fEPFbJ1ak9ktfYwINRVk3b8FNkRhHLZPgqVRw
wf4jmz+n8h4OxAxQmnNU34+Jje0MuA1QxSXFSUfY2pYtuL6vswdFi6tpsHRczo0b
z6FRbIHi4ThkoakHPDwrLeImikQwxjmUTwUQvxthltCTNjcuFfsQf0RMLNcKp7pN
Prh2/T3PBJGrsZFSLNF+BbOf0yGhcDld3QIxSKGERNK5AYP6Ueey/2hq1JYfN8j3
neSmRvdVeFV8M0IdQDrExYa87hTZp7ZTC/xy8vyosIoli5ZBXPqmRG6VdEewmzIq
JAeY3V78aztL4GM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org