Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CnSU6sZzsjpIwh2Ad71EsGsGbF0.roa
File: CnSU6sZzsjpIwh2Ad71EsGsGbF0.roa (raw, json)
Hash identifier: 33+trKx6660bmm2hg5VrdK3WhL5Pkrzje5Ohr6W+Jgk=
Subject key identifier: 0A:74:94:EA:C6:73:B2:3A:48:C2:1D:80:77:BD:44:B0:6B:06:6C:5D
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0182C6F49FACC74BFE58C75B75007321A49D
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CnSU6sZzsjpIwh2Ad71EsGsGbF0.roa
Signing time: Mon 22 Aug 2022 19:08:16 +0000
ROA not before: Mon 22 Aug 2022 19:08:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 188.255.212.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:f4:9f:ac:c7:4b:fe:58:c7:5b:75:00:73:21:a4:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 22 19:08:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a7494eac673b23a48c21d8077bd44b06b066c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:68:d2:c7:47:f3:47:92:bf:f1:44:98:62:c7:
8b:70:69:1e:03:30:4f:53:8f:a3:a7:3d:c1:ee:dc:
31:3b:fb:21:e4:12:82:93:03:f1:32:17:73:44:5d:
bc:39:b5:14:f1:8b:a8:71:63:d0:60:91:79:a3:31:
4f:37:bb:13:fd:60:eb:bd:88:eb:df:21:37:50:88:
16:4e:45:a7:1d:7f:9b:ad:71:1b:68:47:db:c1:d7:
92:2c:12:21:6f:f0:ea:b8:09:0a:c9:a0:cc:ff:38:
f3:51:26:c8:03:e2:65:e1:27:e7:21:5d:67:4e:17:
c2:65:74:ab:37:b0:04:3a:5f:1b:0a:f7:51:d6:9b:
4e:c8:03:f9:a7:ac:c0:d7:fe:d4:97:c6:2e:eb:fb:
78:6e:b7:f2:bf:8b:c6:42:9a:6a:19:c8:25:1d:8b:
42:bb:87:c2:50:ba:9e:72:f3:60:d2:ab:94:ef:50:
b6:3b:75:be:8d:b1:2b:fc:2b:8c:3f:1d:c2:cc:25:
cd:58:ea:2d:ba:b7:d9:1d:65:49:ce:02:c5:0e:4a:
bf:df:e1:6c:94:fc:3f:ad:08:3c:38:13:a5:30:7f:
08:47:7b:65:a3:f7:6b:fe:af:a9:aa:b9:b3:fc:df:
01:0b:54:9b:e1:ea:ef:12:30:e1:b8:d0:4b:e1:19:
fe:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:74:94:EA:C6:73:B2:3A:48:C2:1D:80:77:BD:44:B0:6B:06:6C:5D
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CnSU6sZzsjpIwh2Ad71EsGsGbF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.33.0/24
109.121.37.0/24
109.121.39.0/24
109.121.42.0/24
109.121.45.0/24
109.121.47.0/24
188.255.212.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:44:0b:62:d4:38:41:2a:9c:52:e1:b2:1e:f9:0b:e1:a1:b7:
84:bf:b9:b4:cc:1c:d1:e2:6a:46:2a:dc:8f:e3:86:a7:5c:0b:
99:04:21:63:f9:c7:f8:6f:1e:12:01:ed:e1:8c:13:28:30:88:
a5:78:43:e7:30:02:d0:22:aa:9c:ab:a5:9f:cf:47:b3:f1:2c:
04:0e:bc:53:f7:68:19:9c:9f:e5:2e:a0:76:bf:b8:d7:c0:96:
e8:c7:0a:cb:fe:9f:22:96:d5:21:1b:91:cd:ee:65:9b:48:8e:
52:48:84:af:b7:b6:f3:59:12:20:98:47:c0:23:bb:ed:7f:46:
1c:76:cd:83:9c:0e:74:52:46:71:7a:ae:95:bc:b7:8a:41:cb:
b5:e2:59:49:e3:80:47:63:0f:d6:8c:18:55:07:54:79:73:b3:
ae:81:ca:23:92:aa:97:fc:ed:4e:7b:d6:35:7c:35:10:1c:83:
e7:15:91:98:ef:df:b3:be:eb:b2:e0:80:67:e4:37:0d:e3:c5:
5e:c0:58:29:91:05:f9:9f:e7:e3:b5:f8:2e:15:48:8d:0c:a5:
87:0a:71:f3:a7:0f:1b:dd:4b:08:51:fe:2f:7b:dc:57:97:c0:
bf:35:90:fd:dc:aa:42:fc:71:fa:f5:c6:79:f7:78:6a:70:70:
79:69:47:74
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYLG9J+sx0v+WMdbdQBzIaSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwODIyMTkwODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc0OTRlYWM2NzNiMjNhNDhjMjFkODA3N2JkNDRiMDZiMDY2YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmjSx0fzR5K/8USYYseLcGkeAzBP
U4+jpz3B7twxO/sh5BKCkwPxMhdzRF28ObUU8YuocWPQYJF5ozFPN7sT/WDrvYjr
3yE3UIgWTkWnHX+brXEbaEfbwdeSLBIhb/DquAkKyaDM/zjzUSbIA+Jl4SfnIV1n
ThfCZXSrN7AEOl8bCvdR1ptOyAP5p6zA1/7Ul8Yu6/t4brfyv4vGQppqGcglHYtC
u4fCULqecvNg0quU71C2O3W+jbEr/CuMPx3CzCXNWOoturfZHWVJzgLFDkq/3+Fs
lPw/rQg8OBOlMH8IR3tlo/dr/q+pqrmz/N8BC1Sb4ervEjDhuNBL4Rn+lQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAp0lOrGc7I6SMIdgHe9RLBrBmxdMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQ25TVTZzWnpzanBJd2gyQWQ3MUVzR3NHYkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAbXkhAwQA
bXklAwQAbXknAwQAbXkqAwQAbXktAwQAbXkvAwQAvP/UAwQA1EULMA0GCSqGSIb3
DQEBCwUAA4IBAQB/RAti1DhBKpxS4bIe+QvhobeEv7m0zBzR4mpGKtyP44anXAuZ
BCFj+cf4bx4SAe3hjBMoMIileEPnMALQIqqcq6Wfz0ez8SwEDrxT92gZnJ/lLqB2
v7jXwJboxwrL/p8iltUhG5HN7mWbSI5SSISvt7bzWRIgmEfAI7vtf0Ycds2DnA50
UkZxeq6VvLeKQcu14llJ44BHYw/WjBhVB1R5c7OugcojkqqX/O1Oe9Y1fDUQHIPn
FZGY79+zvuuy4IBn5DcN48VewFgpkQX5n+fjtfguFUiNDKWHCnHzpw8b3UsIUf4v
e9xXl8C/NZD93KpC/HH69cZ593hqcHB5aUd0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org