Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/WhyJnozGrFdOZUu7cKbqn0-6R84.roa
File: WhyJnozGrFdOZUu7cKbqn0-6R84.roa (raw, json)
Hash identifier: leQ1h4JcWA3MkSBou7CkPlBU5Jei0hNr1Wr+dwEF5L8=
Subject key identifier: 5A:1C:89:9E:8C:C6:AC:57:4E:65:4B:BB:70:A6:EA:9F:4F:BA:47:CE
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 099F4AB4
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/WhyJnozGrFdOZUu7cKbqn0-6R84.roa
Signing time: Mon 20 Jun 2022 07:39:45 +0000
ROA not before: Mon 20 Jun 2022 07:39:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.38.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.32.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
77.105.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161434292 (0x99f4ab4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 20 07:39:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a1c899e8cc6ac574e654bbb70a6ea9f4fba47ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c8:f6:a5:30:ee:ab:cd:4b:6c:51:28:05:b7:
de:f3:43:4c:e9:3e:13:55:1e:ce:95:e8:62:40:09:
a5:9c:8f:27:35:7f:00:72:f9:99:1b:5b:d7:69:70:
6b:1c:76:c9:d4:43:e5:64:71:d9:0e:79:78:de:87:
d2:a4:43:f4:76:ce:28:c0:4a:bb:39:f3:f2:5f:f2:
a7:59:e4:c7:3b:8b:dc:30:07:2b:95:9a:34:8f:45:
72:68:50:e4:f6:0d:ca:dc:6d:96:cf:a7:8e:20:6f:
79:ca:88:75:2a:0f:24:b4:2f:48:c1:62:10:08:7e:
1c:27:ef:d4:28:ca:8a:2f:a4:b2:d7:c3:28:1e:54:
3e:72:b1:1e:01:9f:25:42:9f:a2:2a:91:c6:7c:d1:
8d:d9:81:15:3a:59:b0:2f:01:f4:c9:a8:0d:4e:c9:
47:c8:b1:b0:32:88:d0:1b:0a:06:6c:80:93:1f:30:
e0:9c:3d:cb:57:b2:e9:61:ac:86:59:b4:6a:dd:eb:
3b:5a:86:35:d5:a1:1d:7c:0e:56:95:57:7d:8a:e4:
57:ad:ac:3a:88:4f:2e:6b:0f:63:42:cb:95:b6:a0:
16:73:f1:d2:e7:fe:17:36:9c:f4:0a:6f:eb:d8:b5:
33:7b:b9:a6:6e:05:f8:86:19:0e:2e:4c:c0:b7:22:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1C:89:9E:8C:C6:AC:57:4E:65:4B:BB:70:A6:EA:9F:4F:BA:47:CE
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/WhyJnozGrFdOZUu7cKbqn0-6R84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
109.121.32.0/24
109.121.34.0-109.121.36.255
109.121.38.0/24
109.121.40.0/23
109.121.43.0-109.121.44.255
109.121.46.0/24
109.233.184.0/23
Signature Algorithm: sha256WithRSAEncryption
94:ee:63:a2:aa:0c:cd:9a:74:43:f2:a7:11:13:9a:ab:d9:e5:
ad:f7:0d:7e:4d:41:dd:bc:ba:87:1f:65:a4:c2:77:f5:f0:65:
bb:ee:eb:3f:eb:b8:7d:76:bf:0c:0e:b6:b9:18:20:fa:ee:72:
0c:78:84:05:37:b2:69:a1:9a:7b:ec:42:60:a1:78:e5:50:1e:
92:6c:af:9f:b1:9b:7d:d2:93:34:60:01:14:c5:7f:36:ea:39:
fe:84:81:7d:15:71:60:83:fb:fd:53:1b:5a:68:be:da:c2:9e:
f5:ee:24:3c:a6:91:31:c5:38:a5:46:36:0b:3b:0e:06:e1:9a:
f4:06:f9:94:2d:c4:5e:05:d7:67:0e:cc:26:1a:da:0d:0d:1e:
1c:3e:21:c4:4a:03:a9:03:49:1f:af:cc:7b:fc:b5:02:09:c6:
60:21:e9:83:d2:12:21:16:07:8c:38:46:b2:be:19:ae:ec:0b:
f2:00:85:a1:a9:d9:db:61:c2:60:48:d4:e9:db:77:ef:d8:44:
a2:4c:eb:75:78:08:2c:ed:78:f4:8c:df:62:df:48:24:94:76:
4e:06:c5:4a:02:9c:04:d0:0b:17:d6:aa:f8:05:c5:f0:a6:a8:
97:53:6c:d6:05:88:10:3f:5d:c8:19:05:08:a9:64:9d:c7:79:
3a:56:e6:c0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECZ9KtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDYy
MDA3Mzk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWExYzg5OWU4Y2M2
YWM1NzRlNjU0YmJiNzBhNmVhOWY0ZmJhNDdjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvI9qUw7qvNS2xRKAW33vNDTOk+E1UezpXoYkAJpZyPJzV/
AHL5mRtb12lwaxx2ydRD5WRx2Q55eN6H0qRD9HbOKMBKuznz8l/yp1nkxzuL3DAH
K5WaNI9FcmhQ5PYNytxtls+njiBvecqIdSoPJLQvSMFiEAh+HCfv1CjKii+kstfD
KB5UPnKxHgGfJUKfoiqRxnzRjdmBFTpZsC8B9MmoDU7JR8ixsDKI0BsKBmyAkx8w
4Jw9y1ey6WGshlm0at3rO1qGNdWhHXwOVpVXfYrkV62sOohPLmsPY0LLlbagFnPx
0uf+Fzac9Apv69i1M3u5pm4F+IYZDi5MwLciSVcCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBRaHImejMasV05lS7twpuqfT7pHzjAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L1doeUpub3pHckZkT1pVdTdjS2JxbjAtNlI4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAE1pBAMEAG15IDAMAwQBbXkiAwQA
bXkkAwQAbXkmAwQBbXkoMAwDBABteSsDBABteSwDBABteS4DBAFt6bgwDQYJKoZI
hvcNAQELBQADggEBAJTuY6KqDM2adEPypxETmqvZ5a33DX5NQd28uocfZaTCd/Xw
Zbvu6z/ruH12vwwOtrkYIPrucgx4hAU3smmhmnvsQmCheOVQHpJsr5+xm33SkzRg
ARTFfzbqOf6EgX0VcWCD+/1TG1povtrCnvXuJDymkTHFOKVGNgs7DgbhmvQG+ZQt
xF4F12cOzCYa2g0NHhw+IcRKA6kDSR+vzHv8tQIJxmAh6YPSEiEWB4w4RrK+Ga7s
C/IAhaGp2dthwmBI1Onbd+/YRKJM63V4CCztePSM32LfSCSUdk4GxUoCnATQCxfW
qvgFxfCmqJdTbNYFiBA/XcgZBQipZJ3HeTpW5sA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org