Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/V40mkt8l-A9qVvgMumH5Ys_KX_k.roa
File: V40mkt8l-A9qVvgMumH5Ys_KX_k.roa (raw, json)
Hash identifier: MTdntlvWzxww/A8/+9K1fNm8n2NeIdNBVUgc9Ekul4s=
Subject key identifier: 57:8D:26:92:DF:25:F8:0F:6A:56:F8:0C:BA:61:F9:62:CF:CA:5F:F9
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018475407250D1054260692B664B0011F71A
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/V40mkt8l-A9qVvgMumH5Ys_KX_k.roa
Signing time: Mon 14 Nov 2022 08:27:48 +0000
ROA not before: Mon 14 Nov 2022 08:27:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210439
IP address blocks: 188.255.200.0/24 maxlen: 24
109.233.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:40:72:50:d1:05:42:60:69:2b:66:4b:00:11:f7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Nov 14 08:27:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=578d2692df25f80f6a56f80cba61f962cfca5ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e1:5b:09:eb:30:49:03:eb:93:db:26:66:f4:
8d:e6:8a:77:55:ae:47:a4:44:f1:99:35:ca:4d:f6:
25:b6:c1:30:ca:06:ef:43:55:42:55:78:f5:46:ab:
27:d6:45:f4:36:10:56:51:66:c3:bf:79:37:23:c3:
47:de:18:34:02:ef:56:ea:13:c1:f4:b6:09:73:40:
a6:38:11:2c:74:01:c5:34:d3:a8:46:1a:66:58:0b:
17:6f:cc:24:4c:d5:c1:13:4d:11:ee:4d:2d:55:bf:
fa:6d:75:19:f1:cc:7f:fe:ef:b4:da:8d:ba:df:b9:
f5:3d:5d:8d:00:20:12:f5:8b:00:f9:a9:8e:be:53:
ef:f4:9c:d5:03:39:f0:90:34:45:e0:f4:47:5a:3e:
56:54:17:5c:d5:5e:2c:94:77:79:f3:1a:a9:56:14:
6b:8c:f9:d8:dd:43:e2:51:c0:f9:29:65:ea:b5:6c:
f5:f7:82:3e:cb:5b:a1:a8:88:f4:6e:af:20:e7:e9:
6e:b1:bf:7e:45:2f:13:75:11:33:46:c8:48:49:e7:
d4:03:90:20:31:29:8c:27:43:31:48:99:26:0a:8c:
b9:84:fe:74:f8:63:d4:80:e0:ee:51:4e:73:f3:c9:
a0:37:aa:b7:d5:63:02:b5:72:bd:ee:c9:1a:4f:ba:
14:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:8D:26:92:DF:25:F8:0F:6A:56:F8:0C:BA:61:F9:62:CF:CA:5F:F9
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/V40mkt8l-A9qVvgMumH5Ys_KX_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.189.0/24
188.255.200.0/24
Signature Algorithm: sha256WithRSAEncryption
72:5a:f1:2c:fb:5e:63:27:1c:55:a8:40:e2:87:06:c6:30:e1:
71:cf:32:12:85:57:73:ec:64:77:8c:84:84:b9:0e:1a:62:0a:
f0:b6:c5:1f:47:e1:8b:1d:2d:bc:bf:34:70:5b:57:08:41:68:
94:93:55:ee:ee:21:ef:bf:06:e8:7b:be:ac:47:60:50:a4:08:
8f:01:9f:d0:b6:2a:5e:41:df:d4:02:a4:7d:90:14:17:9b:24:
d5:81:d9:dc:1c:30:65:4d:a3:4e:3b:eb:57:f6:06:03:93:1a:
36:05:bd:74:51:fe:5a:db:5e:e7:9a:1f:6d:11:7b:53:96:f6:
15:11:76:f3:08:5d:0f:d7:bc:9d:47:fb:3c:fb:ba:ce:41:99:
7a:6c:8e:ec:5f:58:1c:49:6e:42:c6:bd:60:8a:3d:bb:87:35:
7c:2f:74:24:d5:e8:07:4d:fd:ca:d5:8a:e4:1d:cd:61:bd:16:
f8:bd:78:3e:47:4c:25:cb:c2:8b:ef:14:a8:bc:59:64:d2:0e:
41:8c:52:4c:74:09:0a:22:d2:88:c5:1c:06:0e:45:7c:47:d1:
1f:77:e8:9a:c3:59:9b:54:72:72:f1:00:80:e6:84:7b:48:35:
92:b7:24:22:95:d0:34:9e:87:b3:88:5b:3c:d5:4e:a1:e2:c3:
8f:75:b8:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR1QHJQ0QVCYGkrZksAEfcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTE0MDgyNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzhkMjY5MmRmMjVmODBmNmE1NmY4MGNiYTYxZjk2MmNmY2E1ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueFbCeswSQPrk9smZvSN5op3Va5H
pETxmTXKTfYltsEwygbvQ1VCVXj1Rqsn1kX0NhBWUWbDv3k3I8NH3hg0Au9W6hPB
9LYJc0CmOBEsdAHFNNOoRhpmWAsXb8wkTNXBE00R7k0tVb/6bXUZ8cx//u+02o26
37n1PV2NACAS9YsA+amOvlPv9JzVAznwkDRF4PRHWj5WVBdc1V4slHd58xqpVhRr
jPnY3UPiUcD5KWXqtWz194I+y1uhqIj0bq8g5+lusb9+RS8TdREzRshISefUA5Ag
MSmMJ0MxSJkmCoy5hP50+GPUgODuUU5z88mgN6q31WMCtXK97skaT7oUMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFeNJpLfJfgPalb4DLph+WLPyl/5MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvVjQwbWt0OGwtQTlxVnZnTXVtSDVZc19LWF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbem9AwQA
vP/IMA0GCSqGSIb3DQEBCwUAA4IBAQByWvEs+15jJxxVqEDihwbGMOFxzzIShVdz
7GR3jISEuQ4aYgrwtsUfR+GLHS28vzRwW1cIQWiUk1Xu7iHvvwboe76sR2BQpAiP
AZ/QtipeQd/UAqR9kBQXmyTVgdncHDBlTaNOO+tX9gYDkxo2Bb10Uf5a217nmh9t
EXtTlvYVEXbzCF0P17ydR/s8+7rOQZl6bI7sX1gcSW5Cxr1gij27hzV8L3Qk1egH
Tf3K1YrkHc1hvRb4vXg+R0wly8KL7xSovFlk0g5BjFJMdAkKItKIxRwGDkV8R9Ef
d+iaw1mbVHJy8QCA5oR7SDWStyQildA0noeziFs81U6h4sOPdbiQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org