Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KNAqiVpwH5sLFk5Q70rpKVItZko.roa
File: KNAqiVpwH5sLFk5Q70rpKVItZko.roa (raw, json)
Hash identifier: nhgY16YoBZIjymo4YuRuquUbLwxizN7mYLDCqnFrfnw=
Subject key identifier: 28:D0:2A:89:5A:70:1F:9B:0B:16:4E:50:EF:4A:E9:29:52:2D:66:4A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01847F9FB7D9DCB486D453EADAF48C60153E
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KNAqiVpwH5sLFk5Q70rpKVItZko.roa
Signing time: Wed 16 Nov 2022 08:48:04 +0000
ROA not before: Wed 16 Nov 2022 08:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 109.121.38.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:9f:b7:d9:dc:b4:86:d4:53:ea:da:f4:8c:60:15:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Nov 16 08:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d02a895a701f9b0b164e50ef4ae929522d664a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bf:d5:c9:b2:f7:af:db:43:9e:a5:b3:96:92:
e2:a9:90:d6:e3:a8:0f:f6:40:24:93:a3:1b:83:07:
88:c1:d9:78:33:d3:78:ed:c9:b9:02:9b:a2:b0:64:
f9:f4:bb:c1:cb:bf:43:55:24:dc:da:6c:4f:94:74:
18:69:2a:63:46:d0:26:9b:c8:a9:6c:cc:3f:ed:94:
65:15:84:c3:08:a7:c2:94:2d:a8:a0:6a:27:b3:88:
10:ed:1b:0a:e0:39:40:d5:5e:99:a8:10:11:18:eb:
48:ce:2d:80:c8:b3:d2:59:0f:0f:ed:f8:5d:17:86:
fc:60:da:e9:0f:3e:af:7c:c2:ce:92:cb:11:26:24:
1b:28:8b:8e:11:2c:94:90:1e:0f:c1:2e:a2:35:aa:
8d:36:81:3c:61:86:18:0f:af:c5:cb:96:8e:38:d6:
93:53:c3:d8:c4:75:f3:72:65:51:c5:ed:71:29:58:
95:5a:6b:b4:2e:15:8e:e7:86:24:41:7d:39:9b:46:
89:66:c5:74:96:9d:78:d6:6c:4a:29:f1:00:11:fb:
43:31:1e:df:6a:0d:40:ff:3a:dc:9d:26:16:d6:e7:
46:8b:16:24:9e:b7:d3:89:21:e1:ec:c5:79:92:1e:
e3:aa:4b:33:4a:36:96:c6:7a:85:95:50:82:7d:94:
04:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D0:2A:89:5A:70:1F:9B:0B:16:4E:50:EF:4A:E9:29:52:2D:66:4A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/KNAqiVpwH5sLFk5Q70rpKVItZko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.38.0/24
109.121.41.0/24
Signature Algorithm: sha256WithRSAEncryption
44:c4:ee:5f:b2:b7:a2:c4:95:b1:0c:6d:6a:9c:6a:e6:36:7b:
06:dc:4a:b2:b5:ab:d4:9a:d5:2f:31:de:8c:98:0e:8f:a0:26:
97:a9:9a:d1:c7:4b:25:57:e8:d7:f1:83:18:74:73:92:35:17:
72:59:03:53:e4:a9:36:6a:b3:fa:8f:7d:ad:4e:bd:b1:f8:a8:
2f:7a:87:77:5c:1e:33:da:37:96:0f:d7:9d:96:90:e7:9e:b6:
9e:d1:37:75:09:74:bd:2e:29:fa:4b:3c:0f:64:1e:7c:a5:46:
79:ca:28:8b:a6:57:cf:98:b3:a4:4a:8c:9d:10:eb:7c:7c:dd:
c9:84:d3:0f:5f:91:e1:2e:e2:14:35:5b:a8:39:fc:70:a2:a1:
b6:53:3b:68:31:64:18:ab:35:99:ba:e5:e0:55:90:51:1e:d4:
bd:3a:07:89:c6:ca:04:7f:d1:c4:16:90:5e:19:15:24:9c:9e:
3e:a0:91:e8:eb:e7:7b:27:fa:9f:ff:52:fc:86:e3:c4:23:1e:
ad:4f:0e:04:50:c8:02:f7:a3:7d:8a:a1:85:43:fa:3d:fe:65:
9a:63:f7:3a:70:0d:0b:0d:5b:ed:85:25:27:19:61:06:21:82:
92:99:61:4a:e8:5a:ab:64:73:e6:44:8a:86:19:c1:b3:6d:52:
52:02:81:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR/n7fZ3LSG1FPq2vSMYBU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTE2MDg0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQwMmE4OTVhNzAxZjliMGIxNjRlNTBlZjRhZTkyOTUyMmQ2NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb/VybL3r9tDnqWzlpLiqZDW46gP
9kAkk6MbgweIwdl4M9N47cm5ApuisGT59LvBy79DVSTc2mxPlHQYaSpjRtAmm8ip
bMw/7ZRlFYTDCKfClC2ooGons4gQ7RsK4DlA1V6ZqBARGOtIzi2AyLPSWQ8P7fhd
F4b8YNrpDz6vfMLOkssRJiQbKIuOESyUkB4PwS6iNaqNNoE8YYYYD6/Fy5aOONaT
U8PYxHXzcmVRxe1xKViVWmu0LhWO54YkQX05m0aJZsV0lp141mxKKfEAEftDMR7f
ag1A/zrcnSYW1udGixYknrfTiSHh7MV5kh7jqkszSjaWxnqFlVCCfZQEzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCjQKolacB+bCxZOUO9K6SlSLWZKMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvS05BcWlWcHdINXNMRms1UTcwcnBLVkl0WmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXkmAwQA
bXkpMA0GCSqGSIb3DQEBCwUAA4IBAQBExO5fsreixJWxDG1qnGrmNnsG3EqytavU
mtUvMd6MmA6PoCaXqZrRx0slV+jX8YMYdHOSNRdyWQNT5Kk2arP6j32tTr2x+Kgv
eod3XB4z2jeWD9edlpDnnrae0Td1CXS9Lin6SzwPZB58pUZ5yiiLplfPmLOkSoyd
EOt8fN3JhNMPX5HhLuIUNVuoOfxwoqG2UztoMWQYqzWZuuXgVZBRHtS9OgeJxsoE
f9HEFpBeGRUknJ4+oJHo6+d7J/qf/1L8huPEIx6tTw4EUMgC96N9iqGFQ/o9/mWa
Y/c6cA0LDVvthSUnGWEGIYKSmWFK6FqrZHPmRIqGGcGzbVJSAoGv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org