Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/AEiXLkQonFAyyZsbJqGxjlfXKZQ.roa
File: AEiXLkQonFAyyZsbJqGxjlfXKZQ.roa (raw, json)
Hash identifier: UabPZXninCR6e2IbPtC5APeByDoThN7rAzwjhvh72lY=
Subject key identifier: 00:48:97:2E:44:28:9C:50:32:C9:9B:1B:26:A1:B1:8E:57:D7:29:94
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 08D1503B
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/AEiXLkQonFAyyZsbJqGxjlfXKZQ.roa
Signing time: Thu 07 Apr 2022 10:28:40 +0000
ROA not before: Thu 07 Apr 2022 10:28:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 188.255.135.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147935291 (0x8d1503b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 7 10:28:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0048972e44289c5032c99b1b26a1b18e57d72994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7c:21:bc:8c:59:d7:91:00:7b:3a:33:d6:40:
f5:98:e3:73:9a:a3:8b:8d:86:dd:b4:87:91:5c:7f:
c5:18:eb:a2:fe:ed:f2:57:de:da:f7:b4:a2:06:8d:
15:11:6a:d5:6a:24:82:e2:39:4b:d8:c3:7b:38:6b:
d1:16:c5:84:e0:49:eb:b4:55:2d:3a:3d:dd:56:6c:
39:78:00:9e:9d:fc:34:3d:04:75:30:1e:50:16:ae:
f0:0f:af:ec:5b:56:63:52:68:7f:10:91:3f:c0:e5:
60:d0:50:e3:4e:08:af:03:b8:61:e7:8e:07:fe:73:
99:c4:da:46:a2:f4:ae:58:4e:89:d6:70:ff:88:73:
d6:3a:b7:60:5b:9c:7d:69:ff:2a:f6:7c:5c:e1:c3:
c4:c3:3a:25:5a:27:53:ab:26:10:55:4c:43:7c:1f:
6b:f6:01:e5:14:6d:87:00:e3:fe:fc:9a:3c:93:bf:
27:35:a4:6e:3f:b7:3b:8f:fb:5e:f5:e7:ce:64:d0:
f9:50:f7:bd:bb:c0:95:46:44:c6:d9:3a:63:63:86:
d5:8d:60:d0:d7:7d:c0:d6:47:e9:08:d5:86:6f:86:
5f:37:c1:3b:56:a4:ac:ea:8c:47:27:27:f8:32:1d:
9f:56:64:c3:f0:c2:b6:3b:b4:42:a5:97:15:fc:1a:
94:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:48:97:2E:44:28:9C:50:32:C9:9B:1B:26:A1:B1:8E:57:D7:29:94
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/AEiXLkQonFAyyZsbJqGxjlfXKZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0-109.121.36.255
109.121.38.0/24
109.121.40.0/22
109.121.45.0-109.121.46.255
109.233.184.0/23
178.253.237.0/24
188.255.135.0/24
212.69.10.0/23
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c4:9d:90:92:ea:0b:20:9d:06:c8:a5:1e:e4:2d:47:54:42:
cf:d3:17:58:9b:ea:37:ec:66:95:88:98:13:ca:1c:ca:b4:a9:
56:95:de:52:22:2e:5b:fa:f5:e0:d6:c6:03:0f:95:ba:2d:8a:
d9:80:3e:08:7f:ff:65:1b:f2:6a:e4:61:f7:c0:d0:91:c4:25:
e3:9a:10:b1:c0:1f:a8:45:16:df:09:23:f5:bb:ad:03:e4:38:
8b:c3:b7:b0:86:22:6e:b7:c5:27:f0:59:b6:d4:a6:ee:a2:97:
c1:5a:79:b1:ad:77:49:5c:74:b9:24:84:4b:68:7b:46:9d:99:
f1:4e:10:cc:45:ab:50:9e:f9:23:0c:bd:24:b7:0d:0d:d7:cc:
bc:0c:2b:da:f7:2c:56:27:31:6c:d2:c7:f6:e2:03:c2:c2:38:
64:3b:19:d2:ff:a6:30:18:e8:b6:0f:95:73:55:0d:2e:6e:51:
38:47:0e:a6:71:a3:23:7b:3f:54:5c:a6:14:29:8c:6a:f7:3e:
08:bc:8f:50:1e:88:65:20:86:26:d5:e2:0c:cf:83:76:4f:44:
3d:aa:53:1b:57:44:a5:b0:be:a4:16:ca:99:53:f1:33:00:47:
b5:ab:8d:a4:e2:ce:84:17:c9:e2:00:e1:f1:b9:bd:32:6f:07:
2b:e9:fc:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIECNFQOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDQw
NzEwMjg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0ODk3MmU0NDI4
OWM1MDMyYzk5YjFiMjZhMWIxOGU1N2Q3Mjk5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd8IbyMWdeRAHs6M9ZA9Zjjc5qji42G3bSHkVx/xRjrov7t
8lfe2ve0ogaNFRFq1WokguI5S9jDezhr0RbFhOBJ67RVLTo93VZsOXgAnp38ND0E
dTAeUBau8A+v7FtWY1JofxCRP8DlYNBQ404IrwO4YeeOB/5zmcTaRqL0rlhOidZw
/4hz1jq3YFucfWn/KvZ8XOHDxMM6JVonU6smEFVMQ3wfa/YB5RRthwDj/vyaPJO/
JzWkbj+3O4/7XvXnzmTQ+VD3vbvAlUZExtk6Y2OG1Y1g0Nd9wNZH6QjVhm+GXzfB
O1akrOqMRycn+DIdn1Zkw/DCtju0QqWXFfwalOkCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBQASJcuRCicUDLJmxsmobGOV9cplDAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L0FFaVhMa1FvbkZBeXlac2JKcUd4amxmWEtaUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwUgQCAAEwTAMEBW15ADAMAwQAbXkhAwQAbXkkAwQA
bXkmAwQCbXkoMAwDBABteS0DBABteS4DBAFt6bgDBACy/e0DBAC8/4cDBAHURQoD
BADURRIwDQYJKoZIhvcNAQELBQADggEBAB/EnZCS6gsgnQbIpR7kLUdUQs/TF1ib
6jfsZpWImBPKHMq0qVaV3lIiLlv69eDWxgMPlbotitmAPgh//2Ub8mrkYffA0JHE
JeOaELHAH6hFFt8JI/W7rQPkOIvDt7CGIm63xSfwWbbUpu6il8FaebGtd0lcdLkk
hEtoe0admfFOEMxFq1Ce+SMMvSS3DQ3XzLwMK9r3LFYnMWzSx/biA8LCOGQ7GdL/
pjAY6LYPlXNVDS5uUThHDqZxoyN7P1RcphQpjGr3Pgi8j1AeiGUghibV4gzPg3ZP
RD2qUxtXRKWwvqQWyplT8TMAR7WrjaTizoQXyeIA4fG5vTJvByvp/Cs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-fra.rpki-client.org