Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bJbPOVQMhQcFjed9N9kK-h6u3B8.roa
File: bJbPOVQMhQcFjed9N9kK-h6u3B8.roa (raw, json)
Hash identifier: xqjQj0f7I8U938r/o/pvzxFJHJ2skxtsEJj1vjgEGxg=
Subject key identifier: 6C:96:CF:39:54:0C:85:07:05:8D:E7:7D:37:D9:0A:FA:1E:AE:DC:1F
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01847F9FB88ACF412D75397B599ADC08EF64
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bJbPOVQMhQcFjed9N9kK-h6u3B8.roa
Signing time: Wed 16 Nov 2022 08:48:04 +0000
ROA not before: Wed 16 Nov 2022 08:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.34.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
79.175.117.0/24 maxlen: 24
109.121.32.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
77.105.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:9f:b8:8a:cf:41:2d:75:39:7b:59:9a:dc:08:ef:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Nov 16 08:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c96cf39540c8507058de77d37d90afa1eaedc1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8d:c0:9a:b3:c4:81:59:ad:71:90:00:bb:b9:
ef:14:cc:79:e5:26:4e:d2:a5:fd:2d:87:f5:ab:35:
ef:ec:e7:fa:65:d3:59:40:85:78:c3:b6:93:2d:92:
2c:63:c2:88:28:81:ba:a1:25:74:40:fd:44:3d:d6:
db:c3:0f:b9:a2:b2:4b:82:80:4d:ee:6e:6c:74:16:
d9:f1:92:97:43:88:03:2e:b1:80:52:9b:25:0b:08:
1f:72:33:e1:cd:89:c0:cf:70:e7:34:61:2b:fd:f4:
e6:57:16:cb:6b:3e:8b:6f:95:b0:c1:ae:16:3e:55:
65:81:ee:71:73:fb:a7:15:73:27:94:fa:ec:79:bb:
9c:7f:9d:62:f4:52:46:08:74:d8:62:8e:17:dc:a4:
e3:02:3a:f4:53:9b:a1:27:2d:8d:fa:45:87:fb:89:
ca:c6:23:78:aa:d6:5f:33:fc:20:14:c4:3b:6f:f1:
3a:82:27:f2:9e:bf:c0:2f:c5:19:4b:6a:5b:d6:74:
70:e2:65:16:fb:33:7a:2c:95:12:35:d3:6b:7d:c4:
c0:9f:3d:57:38:87:08:db:b0:26:7b:39:50:52:6b:
8d:72:d5:76:5c:a0:eb:c5:0c:46:f2:54:8c:66:e9:
98:80:90:ba:48:33:f4:eb:bb:fe:a3:b0:e0:65:99:
0f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:96:CF:39:54:0C:85:07:05:8D:E7:7D:37:D9:0A:FA:1E:AE:DC:1F
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bJbPOVQMhQcFjed9N9kK-h6u3B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
79.175.117.0/24
109.121.32.0/24
109.121.34.0/23
109.121.40.0/24
109.121.43.0-109.121.44.255
109.121.46.0/24
109.233.184.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:96:4b:50:67:3c:53:06:1e:f7:ea:36:80:6c:61:43:03:b6:
93:3b:00:49:05:81:8e:f7:31:ea:b1:5a:f8:80:09:61:cf:10:
44:a3:e4:9f:5c:e7:ad:8d:98:52:28:e3:ab:d0:37:b0:74:5c:
97:48:24:d7:b2:b1:98:fa:69:09:5b:c8:56:33:0a:51:72:8d:
7f:5a:57:7e:c4:6d:16:1e:ac:0a:e6:8e:ab:47:07:97:5d:cc:
be:c5:8d:b1:35:44:44:85:fe:13:38:cc:7c:51:67:01:7c:06:
6b:ea:7f:29:b9:3f:09:61:d1:b8:d3:16:6a:8c:d3:e8:1a:29:
70:6e:14:59:40:aa:be:1c:d6:9d:25:66:59:84:1d:c7:8e:8b:
82:fb:8c:b5:2f:86:6c:44:b8:54:92:60:bf:65:a6:61:22:29:
54:0d:fc:32:49:7b:ad:c7:3d:6b:fc:e0:08:2c:5c:94:ac:39:
08:d0:da:9d:ae:46:37:fd:94:3d:69:27:ef:24:e8:d2:85:17:
ec:23:fe:af:71:65:0c:c0:c6:bb:1b:91:f0:7f:65:26:d1:65:
0a:cc:ef:ea:c1:10:17:a6:98:4a:c1:e5:ff:4e:8b:c4:b1:96:
fb:4c:ca:02:d8:42:b1:ba:b7:03:91:2a:09:79:d8:00:32:13:
8a:0d:f4:3d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYR/n7iKz0EtdTl7WZrcCO9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMTE2MDg0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk2Y2YzOTU0MGM4NTA3MDU4ZGU3N2QzN2Q5MGFmYTFlYWVkYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI3AmrPEgVmtcZAAu7nvFMx55SZO
0qX9LYf1qzXv7Of6ZdNZQIV4w7aTLZIsY8KIKIG6oSV0QP1EPdbbww+5orJLgoBN
7m5sdBbZ8ZKXQ4gDLrGAUpslCwgfcjPhzYnAz3DnNGEr/fTmVxbLaz6Lb5Wwwa4W
PlVlge5xc/unFXMnlPrsebucf51i9FJGCHTYYo4X3KTjAjr0U5uhJy2N+kWH+4nK
xiN4qtZfM/wgFMQ7b/E6gifynr/AL8UZS2pb1nRw4mUW+zN6LJUSNdNrfcTAnz1X
OIcI27AmezlQUmuNctV2XKDrxQxG8lSMZumYgJC6SDP067v+o7DgZZkPlwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGyWzzlUDIUHBY3nfTfZCvoertwfMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYkpiUE9WUU1oUWNGamVkOU45a0staDZ1M0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATWkEAwQA
T691AwQAbXkgAwQBbXkiAwQAbXkoMAwDBABteSsDBABteSwDBABteS4DBABt6bgw
DQYJKoZIhvcNAQELBQADggEBAJ6WS1BnPFMGHvfqNoBsYUMDtpM7AEkFgY73Meqx
WviACWHPEESj5J9c562NmFIo46vQN7B0XJdIJNeysZj6aQlbyFYzClFyjX9aV37E
bRYerArmjqtHB5ddzL7FjbE1RESF/hM4zHxRZwF8Bmvqfym5Pwlh0bjTFmqM0+ga
KXBuFFlAqr4c1p0lZlmEHceOi4L7jLUvhmxEuFSSYL9lpmEiKVQN/DJJe63HPWv8
4AgsXJSsOQjQ2p2uRjf9lD1pJ+8k6NKFF+wj/q9xZQzAxrsbkfB/ZSbRZQrM7+rB
EBemmErB5f9Oi8SxlvtMygLYQrG6twORKgl52AAyE4oN9D0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org