Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/deEnLyipTU7aBB0pIfflN4mHUlQ.roa
File: deEnLyipTU7aBB0pIfflN4mHUlQ.roa (raw, json)
Hash identifier: wgLfTrEHjYm1nJ+dann7PfqvDI050rc1wQmPLYLPpTo=
Subject key identifier: 75:E1:27:2F:28:A9:4D:4E:DA:04:1D:29:21:F7:E5:37:89:87:52:54
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018380D3D00BA9A0B6E61685D32AC7A9B701
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/deEnLyipTU7aBB0pIfflN4mHUlQ.roa
Signing time: Tue 27 Sep 2022 21:21:48 +0000
ROA not before: Tue 27 Sep 2022 21:21:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 188.255.206.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
178.253.243.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:80:d3:d0:0b:a9:a0:b6:e6:16:85:d3:2a:c7:a9:b7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Sep 27 21:21:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75e1272f28a94d4eda041d2921f7e53789875254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:ed:58:b3:9c:c7:7b:84:f2:42:f5:f8:10:
be:42:60:64:81:de:f1:a3:61:58:44:89:e2:a4:c1:
60:7f:a7:69:3d:00:b8:b6:3c:72:4d:bd:d7:a4:e4:
5d:23:57:d0:ca:e7:90:6a:56:e7:49:9e:9f:ca:3b:
1c:a7:58:12:51:2e:71:be:65:08:41:56:ce:fb:10:
cb:13:72:02:0b:5f:98:0d:cb:a1:0f:87:43:5f:aa:
63:b8:a6:d3:55:28:76:e1:6f:ed:70:90:6a:59:c3:
f9:6c:b1:f6:6f:36:5d:a6:5a:ee:32:b2:89:99:6f:
a5:5b:ab:68:da:51:ff:68:db:f8:93:52:e9:d6:47:
25:55:a4:44:85:71:c0:2c:2a:0a:38:93:6a:f5:54:
65:12:58:0f:c9:7c:04:c9:0d:da:73:a8:e0:61:d5:
41:5c:db:dc:e8:d0:31:7f:96:fd:5c:eb:28:9f:ad:
31:19:e4:45:af:dc:c3:7a:08:65:3c:3a:40:0e:82:
dc:0f:2c:16:f0:ed:42:f9:64:c6:d7:67:fb:c1:d3:
c6:c0:ff:72:13:f3:a2:0c:8b:b7:f9:d3:ce:36:3d:
50:54:0c:30:a0:16:0b:94:60:c4:ea:bc:e0:d4:48:
a3:fb:1e:e8:af:5f:7b:35:95:b9:03:9d:47:a5:ea:
1a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E1:27:2F:28:A9:4D:4E:DA:04:1D:29:21:F7:E5:37:89:87:52:54
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/deEnLyipTU7aBB0pIfflN4mHUlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.233.184.0/23
178.253.237.0/24
178.253.243.0/24
185.47.91.0/24
188.255.134.0/24
188.255.206.0/24
212.69.10.0/23
Signature Algorithm: sha256WithRSAEncryption
45:cd:6b:56:db:6c:15:a7:3e:da:dc:d2:31:a4:1e:ae:23:ff:
47:1b:af:94:1f:b2:bf:db:a1:47:ab:51:68:90:42:39:90:10:
bd:ce:6c:01:f9:df:2d:e8:0f:4b:d9:5e:f0:f1:8c:cf:68:80:
fb:34:ff:71:d8:18:cb:be:f8:f4:18:f7:39:f6:a4:5f:f2:ed:
07:f4:f8:c2:df:74:a8:98:49:cd:b8:98:5a:5d:f1:93:92:04:
01:a0:0b:65:8e:fc:9b:8b:2b:05:d0:10:6c:f7:7c:5c:1b:7e:
97:82:da:ca:27:16:e6:d4:f9:1a:d2:b6:d7:35:50:fd:21:e2:
ab:6a:6a:3f:3e:05:16:96:b5:ff:b9:4d:bb:d7:59:d9:a4:66:
b2:04:e5:dd:76:a0:35:33:4d:f0:84:66:52:2a:0c:ba:48:56:
bc:12:59:03:95:57:4f:72:ae:d7:06:50:3e:c7:8e:69:ea:f7:
68:15:bf:05:8e:23:85:e0:22:43:8c:ec:8b:32:33:eb:b3:29:
b3:58:cc:78:91:c8:ec:59:3f:8b:20:60:9a:fb:ee:3a:d0:12:
5c:a2:eb:5a:03:e6:95:92:fe:8e:0b:5b:84:8b:ca:6c:90:5f:
c9:6e:96:e0:08:2a:57:e0:80:f9:aa:5a:af:22:62:11:79:eb:
de:a1:bb:ce
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYOA09ALqaC25haF0yrHqbcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwOTI3MjEyMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWUxMjcyZjI4YTk0ZDRlZGEwNDFkMjkyMWY3ZTUzNzg5ODc1MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2PtWLOcx3uE8kL1+BC+QmBkgd7x
o2FYRInipMFgf6dpPQC4tjxyTb3XpORdI1fQyueQalbnSZ6fyjscp1gSUS5xvmUI
QVbO+xDLE3ICC1+YDcuhD4dDX6pjuKbTVSh24W/tcJBqWcP5bLH2bzZdplruMrKJ
mW+lW6to2lH/aNv4k1Lp1kclVaREhXHALCoKOJNq9VRlElgPyXwEyQ3ac6jgYdVB
XNvc6NAxf5b9XOson60xGeRFr9zDeghlPDpADoLcDywW8O1C+WTG12f7wdPGwP9y
E/OiDIu3+dPONj1QVAwwoBYLlGDE6rzg1Eij+x7or197NZW5A51HpeoaHwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHXhJy8oqU1O2gQdKSH35TeJh1JUMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvZGVFbkx5aXBUVTdhQkIwcElmZmxONG1IVWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQFbXkAAwQB
bem4AwQAsv3tAwQAsv3zAwQAuS9bAwQAvP+GAwQAvP/OAwQB1EUKMA0GCSqGSIb3
DQEBCwUAA4IBAQBFzWtW22wVpz7a3NIxpB6uI/9HG6+UH7K/26FHq1FokEI5kBC9
zmwB+d8t6A9L2V7w8YzPaID7NP9x2BjLvvj0GPc59qRf8u0H9PjC33SomEnNuJha
XfGTkgQBoAtljvybiysF0BBs93xcG36XgtrKJxbm1Pka0rbXNVD9IeKramo/PgUW
lrX/uU2711nZpGayBOXddqA1M03whGZSKgy6SFa8ElkDlVdPcq7XBlA+x45p6vdo
Fb8FjiOF4CJDjOyLMjPrsymzWMx4kcjsWT+LIGCa++460BJcoutaA+aVkv6OC1uE
i8pskF/JbpbgCCpX4ID5qlqvImIReeveobvO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org