Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/UP0sTrsXbMZdcMktW2n-VLKmOhc.roa
File: UP0sTrsXbMZdcMktW2n-VLKmOhc.roa (raw, json)
Hash identifier: 3KQPBQBOQ3bI8XZF054vo+kDVFJS+3/tG51+sqVnITg=
Subject key identifier: 50:FD:2C:4E:BB:17:6C:C6:5D:70:C9:2D:5B:69:FE:54:B2:A6:3A:17
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0888A254
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/UP0sTrsXbMZdcMktW2n-VLKmOhc.roa
Signing time: Fri 25 Mar 2022 08:41:53 +0000
ROA not before: Fri 25 Mar 2022 08:41:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.121.37.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
188.255.135.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143172180 (0x888a254)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 25 08:41:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50fd2c4ebb176cc65d70c92d5b69fe54b2a63a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:93:fc:69:63:3b:fb:08:a0:77:26:11:71:10:
33:85:ca:f1:af:dc:d5:34:49:39:9b:58:ea:ff:5f:
10:d9:00:1c:e8:66:86:55:d9:9d:d8:bc:44:e0:9d:
78:66:6b:6f:3d:4f:9c:05:61:97:8a:d7:6d:3e:9a:
66:69:23:f8:d4:ba:21:4d:f8:2d:80:ca:51:aa:23:
6a:36:c9:47:44:b9:c7:9c:b3:5a:bb:2f:5f:f8:88:
a7:a1:51:22:36:c1:25:00:da:6a:46:f9:4f:16:fd:
a9:55:56:8a:38:e9:58:41:3f:6f:42:95:ed:55:70:
11:40:8f:a4:b0:06:84:74:34:6d:97:8e:b7:6b:74:
c5:84:d9:f6:12:70:01:9d:7e:fa:e2:0d:5b:64:9d:
e1:7e:11:79:a5:bd:47:16:a0:d7:e6:eb:3c:2d:3a:
ea:85:61:3a:4b:d8:04:9e:26:85:1b:d1:bd:9b:3f:
8f:f8:d6:b7:8d:5d:61:d6:9a:5f:18:18:aa:cc:02:
4b:0c:b1:50:d4:7f:ac:91:b2:90:d9:24:48:3f:be:
ae:5c:90:91:dc:b3:c9:71:29:5b:0b:63:c1:e3:e4:
42:94:cc:c5:54:d6:b2:65:5a:be:73:de:81:5b:be:
48:7c:db:30:37:ee:b5:4e:a9:03:24:b6:8b:9c:4b:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FD:2C:4E:BB:17:6C:C6:5D:70:C9:2D:5B:69:FE:54:B2:A6:3A:17
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/UP0sTrsXbMZdcMktW2n-VLKmOhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0/24
109.121.37.0/24
109.121.39.0/24
109.121.42.0/24
109.121.45.0-109.121.47.255
178.253.237.0/24
188.255.135.0/24
212.69.10.0/23
Signature Algorithm: sha256WithRSAEncryption
96:59:18:52:7a:35:bf:b5:d1:04:df:95:cb:23:e4:eb:a2:b5:
af:48:0a:7d:eb:10:ff:30:c7:69:e8:95:65:2e:f7:1d:23:f3:
b1:21:5b:e3:b7:47:7d:7c:7d:5a:9c:a9:13:a8:46:75:88:7e:
ed:fd:fa:ee:ec:5c:0b:b3:2f:4d:4a:41:b1:a5:ab:c7:d5:8a:
6e:41:64:fb:ce:82:a0:14:05:32:a5:e9:c4:a1:03:6c:d0:93:
76:e8:10:d5:25:09:fd:3f:07:54:18:61:27:03:b6:7f:1d:3e:
b1:38:85:c2:ea:34:e3:e4:7f:dd:02:29:1b:50:92:40:56:dd:
b9:50:ae:ef:5c:37:2f:ab:c1:0b:1e:11:13:cd:67:4a:02:a0:
5e:10:2b:f2:0a:b4:06:be:0b:1c:28:93:40:60:8a:ef:92:da:
5f:2b:1f:49:17:a9:f9:1c:d6:e9:26:fe:fb:49:ef:a2:68:0f:
72:89:43:91:0a:e9:9e:ee:0b:af:fd:a3:35:75:11:c2:1f:f3:
2b:05:e6:56:7a:e0:77:38:00:07:5d:29:c9:e8:6c:e5:92:bf:
96:b8:e6:52:46:1a:ed:fc:41:7e:04:2b:bf:df:9a:1a:3b:44:
5b:47:a2:33:fb:23:42:7c:8c:90:b2:48:f2:18:7b:b9:4a:19:
66:cb:fe:ce
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIECIiiVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDMy
NTA4NDE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBmZDJjNGViYjE3
NmNjNjVkNzBjOTJkNWI2OWZlNTRiMmE2M2ExNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANST/GljO/sIoHcmEXEQM4XK8a/c1TRJOZtY6v9fENkAHOhm
hlXZndi8ROCdeGZrbz1PnAVhl4rXbT6aZmkj+NS6IU34LYDKUaojajbJR0S5x5yz
WrsvX/iIp6FRIjbBJQDaakb5Txb9qVVWijjpWEE/b0KV7VVwEUCPpLAGhHQ0bZeO
t2t0xYTZ9hJwAZ1++uINW2Sd4X4ReaW9Rxag1+brPC066oVhOkvYBJ4mhRvRvZs/
j/jWt41dYdaaXxgYqswCSwyxUNR/rJGykNkkSD++rlyQkdyzyXEpWwtjwePkQpTM
xVTWsmVavnPegVu+SHzbMDfutU6pAyS2i5xL6nECAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBRQ/SxOuxdsxl1wyS1baf5UsqY6FzAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L1VQMHNUcnNYYk1aZGNNa3RXMm4tVkxLbU9oYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPgMEBW15AAMEAG15IQMEAG15JQMEAG15
JwMEAG15KjAMAwQAbXktAwQEbXkgAwQAsv3tAwQAvP+HAwQB1EUKMA0GCSqGSIb3
DQEBCwUAA4IBAQCWWRhSejW/tdEE35XLI+TrorWvSAp96xD/MMdp6JVlLvcdI/Ox
IVvjt0d9fH1anKkTqEZ1iH7t/fru7FwLsy9NSkGxpavH1YpuQWT7zoKgFAUypenE
oQNs0JN26BDVJQn9PwdUGGEnA7Z/HT6xOIXC6jTj5H/dAikbUJJAVt25UK7vXDcv
q8ELHhETzWdKAqBeECvyCrQGvgscKJNAYIrvktpfKx9JF6n5HNbpJv77Se+iaA9y
iUORCume7guv/aM1dRHCH/MrBeZWeuB3OAAHXSnJ6Gzlkr+WuOZSRhrt/EF+BCu/
35oaO0RbR6Iz+yNCfIyQskjyGHu5Shlmy/7O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org