Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/7vAFeISubel3UPIwQmTsR4DZI_k.roa
File: 7vAFeISubel3UPIwQmTsR4DZI_k.roa (raw, json)
Hash identifier: CpwD/wkB/CnK494KPppSb2aPwjRegpMYCzDiA6rnzU4=
Subject key identifier: EE:F0:05:78:84:AE:6D:E9:77:50:F2:30:42:64:EC:47:80:D9:23:F9
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01842D8C271F3CAAD1769F7B0A1564B3E616
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/7vAFeISubel3UPIwQmTsR4DZI_k.roa
Signing time: Mon 31 Oct 2022 10:17:50 +0000
ROA not before: Mon 31 Oct 2022 10:17:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.38.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
79.175.117.0/24 maxlen: 24
109.121.32.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
77.105.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:8c:27:1f:3c:aa:d1:76:9f:7b:0a:15:64:b3:e6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 31 10:17:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eef0057884ae6de97750f2304264ec4780d923f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5b:4f:38:a0:92:26:57:c4:a9:e3:e1:58:b8:
48:81:cc:e7:7f:22:1d:dc:b8:45:2f:e2:7c:3c:8e:
7c:e0:2f:d5:89:f0:09:b8:ec:44:02:50:99:91:da:
72:36:1c:b1:2f:61:4a:72:ff:f0:22:a2:8c:3e:e2:
e0:20:78:0d:8b:da:84:0c:65:4f:4f:24:98:84:14:
50:3f:df:45:db:28:dc:4c:30:5e:ab:b8:1b:30:00:
8f:7d:88:e5:84:66:31:e1:dc:f9:0e:09:9f:1c:05:
00:f5:da:34:00:d9:19:41:d3:d1:f5:e9:f3:12:f3:
41:5b:e4:04:36:fc:81:b1:ed:49:03:b8:e8:b5:86:
f2:eb:b4:54:ab:1a:9d:81:ef:67:6d:29:60:fe:cc:
12:c0:a7:00:c4:7c:dc:60:36:87:b2:6d:89:74:70:
88:0a:77:5d:39:ab:bf:d7:a7:ac:8b:f5:0f:f6:a1:
02:93:0f:79:a5:61:2b:6b:7b:db:9f:bf:71:be:d4:
60:54:87:07:7c:9d:95:0c:60:36:5a:a5:4c:95:60:
66:be:15:ab:e8:86:30:fc:17:8f:b1:13:de:bd:6c:
29:c1:d0:09:c0:6f:cd:ab:9f:7b:41:ae:a4:90:df:
c9:ef:c7:18:5f:a1:72:ef:cf:3d:81:39:6a:e7:74:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F0:05:78:84:AE:6D:E9:77:50:F2:30:42:64:EC:47:80:D9:23:F9
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/7vAFeISubel3UPIwQmTsR4DZI_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
79.175.117.0/24
109.121.32.0/24
109.121.34.0/23
109.121.38.0/24
109.121.40.0/23
109.121.43.0-109.121.44.255
109.121.46.0/24
109.233.184.0/24
Signature Algorithm: sha256WithRSAEncryption
44:48:0f:e3:be:cc:dd:90:f5:0f:b8:df:98:e0:65:a2:68:de:
11:ae:5b:6f:4e:61:cf:31:c1:e3:6a:6d:45:de:48:d6:74:46:
a0:18:32:b0:39:dc:98:0e:31:29:a5:63:18:81:f2:68:13:de:
e8:fa:ba:01:78:5b:96:86:c3:90:f3:58:0c:e3:a9:77:78:b7:
d0:0f:b9:0b:74:cf:9e:d0:ea:16:f5:83:d6:20:6d:58:8a:52:
e1:84:0c:e4:68:b2:3a:13:3e:b7:bb:95:b3:bc:36:fc:da:d1:
f7:4e:2e:82:69:63:e3:72:5d:74:8e:0c:41:78:32:2d:f7:3a:
ea:48:04:bb:1e:68:3d:09:55:c5:c8:88:c1:ca:c6:aa:e8:e5:
36:d7:67:fd:43:86:d2:70:11:02:bb:dc:c4:45:c9:ed:c0:6d:
d1:0c:98:48:b5:e8:63:6f:c3:59:3f:d3:85:ac:dd:8a:06:ac:
65:5a:5e:f0:b7:8d:12:9c:db:7a:25:05:9c:e8:1f:00:38:52:
67:97:b1:e2:81:70:19:91:c7:6f:34:b8:a5:ac:80:a2:1b:1d:
76:04:25:fd:66:6d:96:fd:af:7c:6d:7e:85:ca:17:39:1e:18:
fb:27:6f:a2:5d:97:34:39:5d:5c:d1:b4:b6:b3:bc:1b:44:d9:
ac:17:c3:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYQtjCcfPKrRdp97ChVks+YWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMDMxMTAxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWYwMDU3ODg0YWU2ZGU5Nzc1MGYyMzA0MjY0ZWM0NzgwZDkyM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoltPOKCSJlfEqePhWLhIgcznfyId
3LhFL+J8PI584C/VifAJuOxEAlCZkdpyNhyxL2FKcv/wIqKMPuLgIHgNi9qEDGVP
TySYhBRQP99F2yjcTDBeq7gbMACPfYjlhGYx4dz5DgmfHAUA9do0ANkZQdPR9enz
EvNBW+QENvyBse1JA7jotYby67RUqxqdge9nbSlg/swSwKcAxHzcYDaHsm2JdHCI
CnddOau/16esi/UP9qECkw95pWEra3vbn79xvtRgVIcHfJ2VDGA2WqVMlWBmvhWr
6IYw/BePsRPevWwpwdAJwG/Nq597Qa6kkN/J78cYX6Fy7889gTlq53QFIwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFO7wBXiErm3pd1DyMEJk7EeA2SP5MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvN3ZBRmVJU3ViZWwzVVBJd1FtVHNSNERaSV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATWkEAwQA
T691AwQAbXkgAwQBbXkiAwQAbXkmAwQBbXkoMAwDBABteSsDBABteSwDBABteS4D
BABt6bgwDQYJKoZIhvcNAQELBQADggEBAERID+O+zN2Q9Q+435jgZaJo3hGuW29O
Yc8xweNqbUXeSNZ0RqAYMrA53JgOMSmlYxiB8mgT3uj6ugF4W5aGw5DzWAzjqXd4
t9APuQt0z57Q6hb1g9YgbViKUuGEDORosjoTPre7lbO8Nvza0fdOLoJpY+NyXXSO
DEF4Mi33OupIBLseaD0JVcXIiMHKxqro5TbXZ/1DhtJwEQK73MRFye3AbdEMmEi1
6GNvw1k/04Ws3YoGrGVaXvC3jRKc23olBZzoHwA4UmeXseKBcBmRx280uKWsgKIb
HXYEJf1mbZb9r3xtfoXKFzkeGPsnb6JdlzQ5XVzRtLazvBtE2awXwwE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org