Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0Ucs0MTS5RkPgdp61j_UZXhL5LE.roa
File: 0Ucs0MTS5RkPgdp61j_UZXhL5LE.roa (raw, json)
Hash identifier: HIWvqQNJR2sJMJ/0R9ivNVt/Vx1MZitK9SK+HlLpuGM=
Subject key identifier: D1:47:2C:D0:C4:D2:E5:19:0F:81:DA:7A:D6:3F:D4:65:78:4B:E4:B1
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01823984891FF8A769AAD310CF88FDBAF4C2
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0Ucs0MTS5RkPgdp61j_UZXhL5LE.roa
Signing time: Tue 26 Jul 2022 07:59:23 +0000
ROA not before: Tue 26 Jul 2022 07:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 188.255.206.0/24 maxlen: 24
188.255.212.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:84:89:1f:f8:a7:69:aa:d3:10:cf:88:fd:ba:f4:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 26 07:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d1472cd0c4d2e5190f81da7ad63fd465784be4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:20:93:62:59:28:4f:2f:79:b0:6e:0d:db:cd:
de:13:6a:08:82:3f:df:45:7b:bd:4c:1a:7e:aa:8b:
06:c4:7d:96:35:c0:73:1f:e2:71:10:91:e2:47:db:
6b:3f:1e:f6:c0:fa:53:dc:cc:a5:4b:3f:0c:00:fa:
fb:ef:de:d8:fa:80:0e:77:61:8f:7c:e1:c8:f9:d7:
b3:b1:f7:13:d2:88:22:e4:84:cb:18:2f:1f:70:52:
7d:b6:bb:dc:33:90:87:9c:bf:9e:78:02:9d:8a:2b:
7a:52:a7:43:4c:14:74:50:20:d6:04:85:d9:4d:2c:
d4:27:ee:4f:43:46:93:4b:1a:f7:c8:56:bc:d5:68:
33:a4:2c:05:d4:0e:7c:09:a8:21:f5:10:9a:81:c3:
4c:b2:a8:92:50:6d:7a:8f:ec:7f:ab:96:50:da:47:
53:60:30:85:6a:9d:1c:10:5b:3b:7b:93:89:b9:00:
6b:56:56:53:54:e9:d6:1f:cc:2f:e6:86:22:22:17:
ff:26:d8:a7:ce:30:8f:f8:33:c7:86:96:62:44:52:
3e:3a:5b:1c:a0:dd:29:99:c6:3c:e5:c7:85:3a:9a:
a0:3c:d4:53:ef:61:d2:46:b3:bc:9f:e8:9f:3d:f9:
d3:90:f9:3e:75:66:98:14:cc:8e:41:b7:38:b3:f5:
7f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:47:2C:D0:C4:D2:E5:19:0F:81:DA:7A:D6:3F:D4:65:78:4B:E4:B1
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0Ucs0MTS5RkPgdp61j_UZXhL5LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.37.0/24
109.121.39.0/24
109.121.47.0/24
185.47.91.0/24
188.255.134.0/24
188.255.206.0/24
188.255.212.0/24
212.69.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:62:6e:9c:64:8a:c8:0b:66:9a:ff:f2:83:8f:19:70:43:ea:
2c:78:22:8a:0c:f8:c7:89:f8:11:25:fe:79:0f:e1:c8:02:8d:
9a:78:d6:ab:37:d2:55:c5:a4:a0:3d:d2:73:52:26:01:3d:03:
8c:e8:5d:1a:19:23:40:7b:e9:fd:9b:2e:54:46:84:12:2d:07:
29:a0:96:77:d0:cb:3f:d0:d7:65:ab:1e:79:df:53:85:34:6e:
9d:6d:58:8c:7b:b8:1d:10:18:55:f9:6c:3e:66:25:4b:41:53:
12:36:f0:e1:87:89:87:2b:2d:d2:de:85:f3:c8:7d:54:f0:66:
4e:81:12:11:a9:9c:31:3b:a3:79:c5:b1:84:97:ef:09:ed:8c:
ca:d4:74:a4:96:9a:4a:7c:16:10:6a:25:d4:61:a0:c5:90:4a:
f5:a5:ea:94:49:91:34:7c:3b:cc:69:ae:79:3b:0f:ec:56:91:
cd:bc:42:eb:a2:fe:54:45:83:69:0b:63:e9:aa:62:66:00:38:
e1:43:82:eb:ff:37:c1:d6:8f:df:08:a3:83:6c:4c:d6:4d:0f:
37:5f:f6:9c:09:79:09:4a:b7:22:bf:27:f5:23:9c:f0:c3:e0:
3d:1b:5b:19:0d:7d:a2:07:6e:d5:a3:fc:fc:06:9c:83:74:09:
35:1c:69:70
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYI5hIkf+KdpqtMQz4j9uvTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwNzI2MDc1OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ3MmNkMGM0ZDJlNTE5MGY4MWRhN2FkNjNmZDQ2NTc4NGJlNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCCTYlkoTy95sG4N283eE2oIgj/f
RXu9TBp+qosGxH2WNcBzH+JxEJHiR9trPx72wPpT3MylSz8MAPr7797Y+oAOd2GP
fOHI+dezsfcT0ogi5ITLGC8fcFJ9trvcM5CHnL+eeAKdiit6UqdDTBR0UCDWBIXZ
TSzUJ+5PQ0aTSxr3yFa81WgzpCwF1A58Cagh9RCagcNMsqiSUG16j+x/q5ZQ2kdT
YDCFap0cEFs7e5OJuQBrVlZTVOnWH8wv5oYiIhf/JtinzjCP+DPHhpZiRFI+Olsc
oN0pmcY85ceFOpqgPNRT72HSRrO8n+ifPfnTkPk+dWaYFMyOQbc4s/V/XwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNFHLNDE0uUZD4HaetY/1GV4S+SxMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMFVjczBNVFM1UmtQZ2RwNjFqX1VaWGhMNUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAbXklAwQA
bXknAwQAbXkvAwQAuS9bAwQAvP+GAwQAvP/OAwQAvP/UAwQA1EUOMA0GCSqGSIb3
DQEBCwUAA4IBAQB+Ym6cZIrIC2aa//KDjxlwQ+oseCKKDPjHifgRJf55D+HIAo2a
eNarN9JVxaSgPdJzUiYBPQOM6F0aGSNAe+n9my5URoQSLQcpoJZ30Ms/0Ndlqx55
31OFNG6dbViMe7gdEBhV+Ww+ZiVLQVMSNvDhh4mHKy3S3oXzyH1U8GZOgRIRqZwx
O6N5xbGEl+8J7YzK1HSklppKfBYQaiXUYaDFkEr1peqUSZE0fDvMaa55Ow/sVpHN
vELrov5URYNpC2PpqmJmADjhQ4Lr/zfB1o/fCKODbEzWTQ83X/acCXkJSrcivyf1
I5zww+A9G1sZDX2iB27Vo/z8BpyDdAk1HGlw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org