Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/fOevk3Dt4VPiLoNnfvP5tBSy07A.roa
File: fOevk3Dt4VPiLoNnfvP5tBSy07A.roa (raw, json)
Hash identifier: 912nMJsV07UD1+t79g4iEo3qHig9r+LGJtojtGTz5ec=
Subject key identifier: 7C:E7:AF:93:70:ED:E1:53:E2:2E:83:67:7E:F3:F9:B4:14:B2:D3:B0
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 097CEB19
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/fOevk3Dt4VPiLoNnfvP5tBSy07A.roa
Signing time: Wed 08 Jun 2022 10:29:04 +0000
ROA not before: Wed 08 Jun 2022 10:29:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.121.34.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
212.69.11.0/24 maxlen: 24
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159181593 (0x97ceb19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 8 10:29:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ce7af9370ede153e22e83677ef3f9b414b2d3b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a6:1e:58:85:31:b0:dc:1c:56:e3:27:dc:70:
18:12:28:ba:4c:c2:83:8d:48:56:ee:16:f7:4c:aa:
c7:f1:a1:99:39:8b:3f:42:da:6e:7b:c7:52:57:df:
62:cb:03:ed:89:e5:3a:f9:2c:4c:72:48:a0:fa:02:
a1:6c:d9:e1:ab:1e:63:45:95:28:9e:22:30:3b:16:
e9:c4:11:67:76:ef:50:60:10:69:a9:5b:8a:89:d1:
6a:ad:19:0e:f8:fb:5a:4f:67:fb:4b:e0:27:4d:5b:
07:48:43:bd:84:38:d1:37:3e:6d:25:e0:21:c4:c6:
5f:f8:d1:ae:8a:53:61:c0:9e:f9:52:63:4b:69:6c:
c4:c9:5a:d9:87:f9:4b:c2:f7:f3:b0:4b:89:a6:7f:
6e:2e:62:2c:e3:7d:75:cf:a6:bc:c7:0a:36:6a:f0:
23:3e:c8:54:48:68:f8:01:74:c8:8d:b9:8b:22:a9:
93:50:0e:b6:75:95:e5:d9:bd:6b:4f:b9:db:3e:8c:
17:ab:f5:25:7d:1b:3f:0a:b3:9f:c7:56:07:91:4d:
c5:c4:2a:d1:41:47:3f:2d:14:c0:6f:cd:36:4e:ac:
66:b1:36:4f:57:e7:bf:a1:b9:f8:e7:69:89:12:2b:
62:87:47:d3:97:a3:fa:72:6d:32:86:c7:5d:20:e7:
aa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E7:AF:93:70:ED:E1:53:E2:2E:83:67:7E:F3:F9:B4:14:B2:D3:B0
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/fOevk3Dt4VPiLoNnfvP5tBSy07A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0-109.121.36.255
109.121.38.0/24
109.121.40.0/22
109.121.45.0-109.121.46.255
109.233.184.0/23
178.253.237.0/24
212.69.10.0/23
Signature Algorithm: sha256WithRSAEncryption
85:2d:a2:bd:fa:7a:da:0c:2b:9a:bd:40:4a:b2:b7:63:c3:96:
48:df:95:17:3b:22:0f:e0:d9:aa:c4:38:80:78:69:a1:39:2d:
82:4d:26:04:e7:94:ee:71:8a:4a:ec:52:57:c4:2f:f0:ab:1f:
f0:e2:e6:ad:f0:1f:d1:93:de:cc:37:b0:74:fd:c7:59:48:ac:
2a:b4:c7:03:8b:a8:f4:55:f1:5e:fc:54:5c:15:65:11:f0:5f:
23:2e:f0:bf:ef:11:c1:1a:9d:07:d3:40:52:3c:ed:e2:57:23:
e5:65:bb:b7:81:39:9a:2b:5b:6f:11:63:97:73:44:b2:f1:18:
29:21:d8:bc:88:f4:60:08:2e:81:17:9c:6d:19:fc:9a:14:45:
3c:7a:07:2f:04:42:19:78:c9:7b:93:41:cf:62:9e:a0:1b:fe:
c0:21:2d:b7:8a:87:a6:75:ed:f3:1e:1e:2e:bc:db:cf:03:4d:
95:f9:29:60:54:28:f1:b7:c6:46:9e:1f:9a:43:4e:c6:65:f7:
4e:4a:83:4c:6e:d4:8c:9b:2f:e2:72:ed:8d:8a:ab:1a:5e:a0:
c9:46:ec:3e:9f:19:c8:96:89:45:17:50:dc:d5:e6:ac:77:11:
0e:c9:4f:c0:6e:2c:2d:8e:14:bd:08:b7:63:3f:83:d9:07:2d:
39:04:d2:87
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECXzrGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDYw
ODEwMjkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2NlN2FmOTM3MGVk
ZTE1M2UyMmU4MzY3N2VmM2Y5YjQxNGIyZDNiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMemHliFMbDcHFbjJ9xwGBIoukzCg41IVu4W90yqx/GhmTmL
P0LabnvHUlffYssD7YnlOvksTHJIoPoCoWzZ4aseY0WVKJ4iMDsW6cQRZ3bvUGAQ
aalbionRaq0ZDvj7Wk9n+0vgJ01bB0hDvYQ40Tc+bSXgIcTGX/jRropTYcCe+VJj
S2lsxMla2Yf5S8L387BLiaZ/bi5iLON9dc+mvMcKNmrwIz7IVEho+AF0yI25iyKp
k1AOtnWV5dm9a0+52z6MF6v1JX0bPwqzn8dWB5FNxcQq0UFHPy0UwG/NNk6sZrE2
T1fnv6G5+OdpiRIrYodH05ej+nJtMobHXSDnqrkCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBR856+TcO3hU+Iug2d+8/m0FLLTsDAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L2ZPZXZrM0R0NFZQaUxvTm5mdlA1dEJTeTA3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEBW15ADAMAwQAbXkhAwQAbXkkAwQA
bXkmAwQCbXkoMAwDBABteS0DBABteS4DBAFt6bgDBACy/e0DBAHURQowDQYJKoZI
hvcNAQELBQADggEBAIUtor36etoMK5q9QEqyt2PDlkjflRc7Ig/g2arEOIB4aaE5
LYJNJgTnlO5xikrsUlfEL/CrH/Di5q3wH9GT3sw3sHT9x1lIrCq0xwOLqPRV8V78
VFwVZRHwXyMu8L/vEcEanQfTQFI87eJXI+Vlu7eBOZorW28RY5dzRLLxGCkh2LyI
9GAILoEXnG0Z/JoURTx6By8EQhl4yXuTQc9inqAb/sAhLbeKh6Z17fMeHi68288D
TZX5KWBUKPG3xkaeH5pDTsZl905Kg0xu1IybL+Jy7Y2KqxpeoMlG7D6fGciWiUUX
UNzV5qx3EQ7JT8BuLC2OFL0It2M/g9kHLTkE0oc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:04 2024 by rpki-client on console-ams.rpki-client.org