Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/U9cGUlD_s1knLMqODqvLBg-hhds.roa
File: U9cGUlD_s1knLMqODqvLBg-hhds.roa (raw, json)
Hash identifier: oUojOraMcFTXE+C2Hd/Ug0jDSNHLVllLYP3zn1D6mgs=
Subject key identifier: 53:D7:06:52:50:FF:B3:59:27:2C:CA:8E:0E:AB:CB:06:0F:A1:85:DB
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 09996EF1
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/U9cGUlD_s1knLMqODqvLBg-hhds.roa
Signing time: Sun 19 Jun 2022 06:25:05 +0000
ROA not before: Sun 19 Jun 2022 06:25:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.121.36.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
212.69.11.0/24 maxlen: 24
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161050353 (0x9996ef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 19 06:25:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53d7065250ffb359272cca8e0eabcb060fa185db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ef:c7:7d:24:94:9e:29:14:e9:40:9b:13:1a:
aa:cb:48:5d:66:60:b3:18:f3:ba:ac:c3:2b:13:25:
51:e6:a6:69:93:5d:23:e3:49:fb:40:63:2f:5d:ac:
66:f0:dc:11:54:96:32:17:8e:0c:ac:1f:be:04:c4:
73:b6:98:dd:50:2e:25:48:03:89:a0:c4:e7:24:82:
ca:8e:c4:3e:71:87:fc:7f:fa:97:5c:b1:2d:af:ab:
eb:0c:89:44:63:6a:6d:46:b0:6c:54:e8:2e:c0:c1:
e3:c1:94:18:7d:d4:7b:fb:4b:79:2b:d0:44:1b:4d:
9e:a3:d7:51:b8:7b:3b:cc:1d:de:07:e2:b6:ab:54:
88:1b:56:a7:2e:5c:4f:8e:92:a5:97:1a:51:a0:47:
2d:7e:91:db:f1:d3:c7:96:e0:48:f6:e8:45:06:0b:
ac:05:a6:e1:ed:11:66:3e:54:1d:5c:74:3a:a8:72:
51:f9:34:b0:41:42:2e:d1:dd:fd:2d:51:0e:67:96:
41:ad:4a:2a:2d:c6:76:67:51:86:5e:83:5c:38:d8:
5c:4a:7e:00:15:01:d8:f5:f7:a9:a0:a8:17:60:30:
2d:7d:78:e3:e8:6e:b0:6d:4a:e0:36:d9:aa:7f:c2:
88:9d:3a:53:13:a4:70:41:99:60:00:70:32:d5:90:
e7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D7:06:52:50:FF:B3:59:27:2C:CA:8E:0E:AB:CB:06:0F:A1:85:DB
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/U9cGUlD_s1knLMqODqvLBg-hhds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0/24
109.121.36.0/24
109.121.42.0/24
109.121.45.0/24
109.233.184.0/23
178.253.237.0/24
212.69.10.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:aa:f1:c2:a0:72:3e:e5:78:b7:95:b7:32:22:62:1d:2a:df:
ae:2f:5f:bb:f5:25:f7:c7:8a:82:52:62:3a:b1:6f:d0:93:b9:
21:ba:8c:13:55:16:26:70:ed:45:8c:f1:61:85:95:ae:64:22:
e5:d7:de:79:33:87:84:7b:5e:ed:25:cc:c1:26:52:27:92:27:
18:e3:af:ef:69:7b:60:69:f4:0e:0a:17:19:ab:cb:be:a2:db:
e1:0d:df:e7:73:a5:7b:92:b4:3c:5b:28:1c:75:2a:61:74:30:
4a:aa:99:51:7e:f6:68:f6:bf:ff:fb:58:bc:0c:80:6b:6a:ab:
30:f7:ab:56:b8:20:a2:f8:ce:17:35:6a:fa:4f:46:3e:8b:82:
e1:b3:de:8a:32:39:c9:c5:3d:5f:cb:f5:0d:08:89:f5:82:46:
f9:4e:5f:09:fd:86:e9:7f:f5:0c:b5:42:db:6a:19:c4:15:64:
b2:43:f5:ad:f8:bf:43:46:21:58:7a:29:50:96:4e:a6:c7:4a:
9b:e2:0c:e8:b9:14:de:ce:3e:43:3f:d6:e6:d2:64:ec:31:eb:
62:97:d7:72:cf:91:27:fb:f2:6f:58:d2:9a:b3:65:5f:e6:65:
cd:c7:59:42:ac:1e:d2:05:0f:84:7f:e1:61:8d:30:fb:2a:19:
65:f3:85:fc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECZlu8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDYx
OTA2MjUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNkNzA2NTI1MGZm
YjM1OTI3MmNjYThlMGVhYmNiMDYwZmExODVkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfvx30klJ4pFOlAmxMaqstIXWZgsxjzuqzDKxMlUeamaZNd
I+NJ+0BjL12sZvDcEVSWMheODKwfvgTEc7aY3VAuJUgDiaDE5ySCyo7EPnGH/H/6
l1yxLa+r6wyJRGNqbUawbFToLsDB48GUGH3Ue/tLeSvQRBtNnqPXUbh7O8wd3gfi
tqtUiBtWpy5cT46SpZcaUaBHLX6R2/HTx5bgSPboRQYLrAWm4e0RZj5UHVx0Oqhy
Ufk0sEFCLtHd/S1RDmeWQa1KKi3GdmdRhl6DXDjYXEp+ABUB2PX3qaCoF2AwLX14
4+husG1K4DbZqn/CiJ06UxOkcEGZYABwMtWQ5/kCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRT1wZSUP+zWScsyo4Oq8sGD6GF2zAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L1U5Y0dVbERfczFrbkxNcU9EcXZMQmctaGhkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEBW15AAMEAG15IQMEAG15JAMEAG15
KgMEAG15LQMEAW3puAMEALL97QMEAdRFCjANBgkqhkiG9w0BAQsFAAOCAQEAC6rx
wqByPuV4t5W3MiJiHSrfri9fu/Ul98eKglJiOrFv0JO5IbqME1UWJnDtRYzxYYWV
rmQi5dfeeTOHhHte7SXMwSZSJ5InGOOv72l7YGn0DgoXGavLvqLb4Q3f53Ole5K0
PFsoHHUqYXQwSqqZUX72aPa///tYvAyAa2qrMPerVrggovjOFzVq+k9GPouC4bPe
ijI5ycU9X8v1DQiJ9YJG+U5fCf2G6X/1DLVC22oZxBVkskP1rfi/Q0YhWHopUJZO
psdKm+IM6LkU3s4+Qz/W5tJk7DHrYpfXcs+RJ/vyb1jSmrNlX+ZlzcdZQqwe0gUP
hH/hYY0w+yoZZfOF/A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org