Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/M4Y68UQ20OvSisPk6u1o6SlQQAg.roa
File: M4Y68UQ20OvSisPk6u1o6SlQQAg.roa (raw, json)
Hash identifier: hvSwEpNEDW0VVVTNFjNdviSsRk7TW6QLDbHLgKji3bs=
Subject key identifier: 33:86:3A:F1:44:36:D0:EB:D2:8A:C3:E4:EA:ED:68:E9:29:50:40:08
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 09374E05
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/M4Y68UQ20OvSisPk6u1o6SlQQAg.roa
Signing time: Thu 12 May 2022 07:53:02 +0000
ROA not before: Thu 12 May 2022 07:53:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.69.18.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154619397 (0x9374e05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 12 07:53:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33863af14436d0ebd28ac3e4eaed68e929504008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:74:f6:b3:b8:95:4d:1c:60:11:e4:65:fb:c5:
88:49:68:ae:dc:35:cf:13:13:4d:f1:df:ad:45:10:
54:43:a5:f6:82:c2:f4:e7:ed:cf:32:3f:c3:fa:60:
49:03:5b:81:5b:e5:6a:0d:22:c7:41:db:cc:1d:1f:
72:41:33:6e:d8:d7:03:8c:ec:1a:09:37:4a:58:83:
8d:34:4d:fe:b1:d1:da:e0:11:b3:41:d2:f5:59:98:
1e:97:dc:47:af:7b:14:0d:87:76:fb:ec:5d:bc:3f:
98:ac:17:4b:86:85:d9:cf:70:67:0f:7d:e6:51:d9:
8f:28:a5:f4:72:c2:8c:62:56:56:3e:f0:b2:39:9c:
e4:d7:31:ed:62:2b:0b:ed:4a:07:de:86:5c:fd:1d:
c6:ff:ff:20:df:aa:7a:b8:3b:26:ca:5a:03:b0:9e:
ee:96:ad:a5:4d:46:62:f0:ef:ba:c8:61:fd:f4:52:
86:32:99:02:c7:91:c2:61:ef:a9:b9:6b:13:e0:2f:
c1:cb:59:f2:3b:4a:d8:84:dd:72:ed:5e:11:c6:29:
5b:29:a5:95:8d:34:f2:91:53:43:80:9d:a0:dd:4c:
bb:d1:ee:0f:72:41:02:e7:a5:4b:f8:5b:2f:1c:1d:
f1:2e:86:f7:36:aa:f0:b9:b5:0d:a2:c6:43:dc:a0:
5c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:86:3A:F1:44:36:D0:EB:D2:8A:C3:E4:EA:ED:68:E9:29:50:40:08
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/M4Y68UQ20OvSisPk6u1o6SlQQAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0-109.121.36.255
109.121.38.0/24
109.121.40.0/22
109.121.45.0-109.121.46.255
109.233.184.0/23
178.253.237.0/24
212.69.10.0/23
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d5:95:f9:b9:f3:b4:e0:2b:27:1d:9c:e4:31:97:4c:51:de:
58:ff:30:3b:42:18:3c:3d:0d:b8:98:d6:81:70:40:a8:cf:cd:
0c:e4:e8:89:7f:91:49:27:0a:09:d5:81:02:55:bc:ce:62:7d:
ee:c9:c8:7b:aa:b2:9a:bf:6f:c4:d8:53:27:7c:fb:81:89:98:
e1:41:de:8f:1a:12:66:a0:16:5c:4d:2e:79:48:35:6a:e9:93:
19:68:94:c9:6d:3e:b0:a0:22:86:38:62:97:b4:37:0d:45:88:
32:a2:44:77:0f:a8:5f:b5:45:a2:27:2e:ce:9c:33:78:26:24:
69:25:fc:83:d7:c1:6e:b2:91:ba:39:e2:d0:bf:6a:5e:e8:5b:
f2:9f:bc:ab:3a:9c:6d:dc:3e:33:22:6e:be:28:57:8f:54:70:
31:40:d4:51:10:9a:62:7d:c5:1e:54:d3:25:a3:e7:8b:b6:5c:
27:39:be:99:f9:77:f2:09:c1:b7:d9:f1:6c:6d:a1:22:e9:5c:
6b:9c:ff:7f:49:ee:05:de:01:c0:0f:d1:83:dd:ec:db:fa:16:
30:d6:85:6a:29:47:01:d0:0f:8e:36:a8:2d:65:68:e5:3b:e2:
b4:e1:57:6d:d7:03:c2:2c:81:07:32:9b:db:28:03:4f:86:ef:
cb:d2:69:84
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIECTdOBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDUx
MjA3NTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzM4NjNhZjE0NDM2
ZDBlYmQyOGFjM2U0ZWFlZDY4ZTkyOTUwNDAwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK909rO4lU0cYBHkZfvFiElortw1zxMTTfHfrUUQVEOl9oLC
9OftzzI/w/pgSQNbgVvlag0ix0HbzB0fckEzbtjXA4zsGgk3SliDjTRN/rHR2uAR
s0HS9VmYHpfcR697FA2HdvvsXbw/mKwXS4aF2c9wZw995lHZjyil9HLCjGJWVj7w
sjmc5Ncx7WIrC+1KB96GXP0dxv//IN+qerg7JspaA7Ce7patpU1GYvDvushh/fRS
hjKZAseRwmHvqblrE+AvwctZ8jtK2ITdcu1eEcYpWymllY008pFTQ4CdoN1Mu9Hu
D3JBAuelS/hbLxwd8S6G9zaq8Lm1DaLGQ9ygXG0CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBQzhjrxRDbQ69KKw+Tq7WjpKVBACDAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L000WTY4VVEyME92U2lzUGs2dTFvNlNsUVFBZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEBW15ADAMAwQAbXkhAwQAbXkkAwQA
bXkmAwQCbXkoMAwDBABteS0DBABteS4DBAFt6bgDBACy/e0DBAHURQoDBADURRIw
DQYJKoZIhvcNAQELBQADggEBAI3Vlfm587TgKycdnOQxl0xR3lj/MDtCGDw9DbiY
1oFwQKjPzQzk6Il/kUknCgnVgQJVvM5ife7JyHuqspq/b8TYUyd8+4GJmOFB3o8a
EmagFlxNLnlINWrpkxlolMltPrCgIoY4Ype0Nw1FiDKiRHcPqF+1RaInLs6cM3gm
JGkl/IPXwW6ykbo54tC/al7oW/KfvKs6nG3cPjMibr4oV49UcDFA1FEQmmJ9xR5U
0yWj54u2XCc5vpn5d/IJwbfZ8WxtoSLpXGuc/39J7gXeAcAP0YPd7Nv6FjDWhWop
RwHQD442qC1laOU74rThV23XA8IsgQcym9soA0+G78vSaYQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org