Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/25dkswHRGeoFszYoDbKxOxHGZBM.roa
File: 25dkswHRGeoFszYoDbKxOxHGZBM.roa (raw, json)
Hash identifier: F+lY3dcEc0a3+iZ1Y3VMMPhFyNnmTDjW1QYPUsdjYHA=
Subject key identifier: DB:97:64:B3:01:D1:19:EA:05:B3:36:28:0D:B2:B1:3B:11:C6:64:13
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 087A17FF
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/25dkswHRGeoFszYoDbKxOxHGZBM.roa
Signing time: Wed 23 Mar 2022 17:38:44 +0000
ROA not before: Wed 23 Mar 2022 17:38:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.121.37.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142219263 (0x87a17ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 23 17:38:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db9764b301d119ea05b336280db2b13b11c66413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f8:01:3b:f7:c2:fe:8c:66:c2:88:2a:61:67:
cd:21:ed:c8:c7:20:90:0d:7d:7e:27:f9:f3:71:3e:
c1:ff:e9:8f:80:0a:c6:10:05:3a:f9:85:f5:ce:fa:
e1:63:50:e8:88:bf:7a:42:29:08:54:91:db:91:fc:
25:6d:0a:cd:9c:70:c6:b0:45:f6:90:ab:55:90:15:
54:eb:23:a3:44:03:85:44:68:2b:3f:8b:85:13:19:
77:f2:e4:da:06:ce:14:f0:6b:e4:19:ef:a2:53:8a:
68:62:ef:59:6e:d5:29:55:c2:77:28:f0:3d:8f:b6:
fb:33:4e:8a:4f:ba:16:47:fd:a6:3f:35:29:a5:97:
7d:27:25:04:fa:40:9d:9a:2d:85:78:10:d5:a0:11:
91:bc:f5:78:00:fa:e5:06:d7:8c:30:5a:4a:10:10:
75:28:1c:a0:04:ae:6a:36:8b:cb:34:22:c2:19:dd:
c7:1d:2e:71:50:e5:a7:6e:a8:74:06:33:6b:3e:8d:
25:29:e2:7b:58:a2:7b:26:bd:72:1b:bd:f3:ef:5c:
b6:26:4c:7f:f3:68:42:4b:3e:9d:d8:0d:c0:1a:07:
f9:7a:06:23:71:87:38:a2:17:42:ca:31:2f:77:2a:
ec:82:50:ec:56:f0:72:6b:80:2f:72:cc:da:41:0d:
98:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:97:64:B3:01:D1:19:EA:05:B3:36:28:0D:B2:B1:3B:11:C6:64:13
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/25dkswHRGeoFszYoDbKxOxHGZBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0/24
109.121.37.0/24
109.121.39.0/24
109.121.42.0/24
109.121.45.0/24
109.121.47.0/24
Signature Algorithm: sha256WithRSAEncryption
61:7d:44:fd:fc:92:77:7f:e2:cd:23:f0:6b:50:53:48:35:63:
63:b1:c1:48:22:73:aa:52:6e:b8:79:77:03:79:f1:e5:0f:1b:
0e:02:d7:5b:17:78:81:1d:ae:5a:77:7f:27:4a:45:b9:fc:3f:
5d:05:9d:0b:1b:ab:95:e9:dd:6e:ad:0f:9a:8d:8c:bf:1b:2f:
4c:01:80:87:71:ca:cf:5f:36:70:1a:bc:d9:e0:ab:c1:6d:41:
99:31:84:eb:72:e5:2e:45:9a:9b:a3:1d:a7:3e:76:cd:49:8d:
a3:33:ad:b1:cb:a5:90:48:85:bb:f1:c1:f1:c0:6d:5d:71:e2:
26:28:07:10:e1:d4:fc:c4:aa:b5:e9:be:72:fe:3e:5f:16:8b:
f2:2a:2b:a7:4f:37:92:44:7f:10:69:8f:f4:61:62:1c:7c:96:
8b:49:fe:53:97:c7:93:bc:a6:91:79:c0:30:7c:e6:ea:24:19:
22:3f:f2:1a:6d:63:de:72:47:56:ed:1d:48:ca:f7:14:18:ce:
b1:a5:77:07:4e:e4:6a:98:01:6b:3b:b0:51:e5:21:14:ee:8e:
f0:1b:af:e6:f2:a9:d2:84:a2:75:99:84:2b:cf:87:c0:6f:98:
a8:a3:10:99:cd:4a:fe:87:f6:6c:5a:4b:13:64:69:ea:43:57:
da:3e:75:ee
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECHoX/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDMy
MzE3Mzg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI5NzY0YjMwMWQx
MTllYTA1YjMzNjI4MGRiMmIxM2IxMWM2NjQxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIz4ATv3wv6MZsKIKmFnzSHtyMcgkA19fif583E+wf/pj4AK
xhAFOvmF9c764WNQ6Ii/ekIpCFSR25H8JW0KzZxwxrBF9pCrVZAVVOsjo0QDhURo
Kz+LhRMZd/Lk2gbOFPBr5BnvolOKaGLvWW7VKVXCdyjwPY+2+zNOik+6Fkf9pj81
KaWXfSclBPpAnZothXgQ1aARkbz1eAD65QbXjDBaShAQdSgcoASuajaLyzQiwhnd
xx0ucVDlp26odAYzaz6NJSnie1iieya9chu98+9ctiZMf/NoQks+ndgNwBoH+XoG
I3GHOKIXQsoxL3cq7IJQ7FbwcmuAL3LM2kENmIkCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTbl2SzAdEZ6gWzNigNsrE7EcZkEzAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
LzI1ZGtzd0hSR2VvRnN6WW9EYkt4T3hIR1pCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEBW15AAMEAG15IQMEAG15JQMEAG15
JwMEAG15KgMEAG15LQMEAG15LzANBgkqhkiG9w0BAQsFAAOCAQEAYX1E/fySd3/i
zSPwa1BTSDVjY7HBSCJzqlJuuHl3A3nx5Q8bDgLXWxd4gR2uWnd/J0pFufw/XQWd
Cxurlendbq0Pmo2MvxsvTAGAh3HKz182cBq82eCrwW1BmTGE63LlLkWam6Mdpz52
zUmNozOtsculkEiFu/HB8cBtXXHiJigHEOHU/MSqtem+cv4+XxaL8iorp083kkR/
EGmP9GFiHHyWi0n+U5fHk7ymkXnAMHzm6iQZIj/yGm1j3nJHVu0dSMr3FBjOsaV3
B07kapgBazuwUeUhFO6O8Buv5vKp0oSidZmEK8+HwG+YqKMQmc1K/of2bFpLE2Rp
6kNX2j517g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org