Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/jK4lJgUDIFBgyyev8s5yERhaSQc.roa
File: jK4lJgUDIFBgyyev8s5yERhaSQc.roa (raw, json)
Hash identifier: DzAUxcMc0rOV3HHjIIwyYfTyJORhQGVtpdCwkCm3eiA=
Subject key identifier: 8C:AE:25:26:05:03:20:50:60:CB:27:AF:F2:CE:72:11:18:5A:49:07
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0945BB22
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/jK4lJgUDIFBgyyev8s5yERhaSQc.roa
Signing time: Wed 18 May 2022 07:50:17 +0000
ROA not before: Wed 18 May 2022 07:50:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.69.18.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
212.69.11.0/24 maxlen: 24
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155564834 (0x945bb22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: May 18 07:50:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cae25260503205060cb27aff2ce7211185a4907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c8:20:71:1c:36:ff:1a:a3:31:e2:b0:d1:55:
62:af:b0:3d:58:a5:70:c2:bc:78:7c:7f:4c:23:ab:
c5:c7:30:40:4e:e3:c8:c1:9a:fe:77:cc:2a:a3:d9:
e6:aa:34:fa:89:9e:8a:dc:32:1e:08:1e:c0:f5:c6:
65:1e:99:c6:58:ba:cf:93:cc:c7:d6:65:44:5e:3b:
b1:b2:7e:76:4d:66:ab:f1:df:5b:e6:96:3c:08:11:
d8:90:53:1e:cd:a6:d4:64:d2:88:39:94:4f:a7:8f:
70:88:55:74:f5:ef:5b:32:f8:67:7e:61:c4:67:ba:
b1:9d:3f:78:17:6d:3b:d0:6d:78:cd:15:20:0b:e6:
c2:75:42:53:34:ce:20:c2:32:99:d4:6c:78:c3:99:
cf:38:fd:41:1c:32:7a:d6:99:34:64:d6:f4:de:0e:
0e:78:82:b3:6e:f2:9f:b6:2f:1a:a0:49:d1:db:21:
80:bc:04:31:10:41:7d:08:8d:3b:da:64:46:20:ae:
8e:37:a4:4d:55:3e:c9:68:16:e5:63:d0:62:3c:f7:
f9:84:c9:14:ed:a9:77:f3:4a:25:b1:1d:28:b7:ea:
19:ff:a9:45:55:b6:f9:02:42:33:6d:67:00:3a:86:
a0:54:71:48:2a:ef:55:18:02:b1:c1:9b:87:b3:73:
4f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AE:25:26:05:03:20:50:60:CB:27:AF:F2:CE:72:11:18:5A:49:07
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/jK4lJgUDIFBgyyev8s5yERhaSQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0-109.121.36.255
109.121.38.0/24
109.121.40.0/22
109.121.45.0-109.121.46.255
109.233.184.0/23
178.253.237.0/24
212.69.10.0/23
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
03:29:d6:ac:da:07:58:e8:03:1a:aa:b3:2c:46:2d:21:c5:6b:
f5:70:6d:86:b9:65:70:2d:36:58:76:eb:84:af:de:9a:ec:78:
0e:0a:29:5c:42:78:f9:b9:a7:6c:40:77:48:37:ca:7f:8e:d6:
e9:e5:9e:e1:8e:14:bf:26:4d:b8:61:cd:88:94:50:9b:1f:a4:
f5:b2:88:a3:71:56:c3:0f:6c:d6:dc:04:df:6b:b3:ef:72:6e:
2f:9b:09:7c:23:b0:71:4e:b0:51:a6:2b:fe:22:1e:4a:f8:12:
51:38:79:7b:3f:a6:66:aa:87:50:c7:89:d7:36:a8:5c:a6:b9:
ac:4c:b2:fc:6a:33:44:db:ab:1d:56:1b:a1:d7:0b:41:5f:7d:
03:47:57:d3:96:09:81:ad:37:d4:2d:ec:37:c5:f4:25:94:d5:
ce:b1:aa:de:3a:8f:80:50:41:b0:7a:c5:e1:59:6e:c6:ea:e3:
4e:70:ac:59:6d:3e:18:d1:90:89:e6:84:88:f0:33:a6:26:72:
fc:2e:a6:bb:32:3f:8b:d6:3d:99:b7:be:94:d2:e6:44:52:47:
76:c4:29:59:33:c7:64:38:b8:4a:5e:53:d5:9b:78:ea:01:18:
fd:33:96:09:e1:02:cb:49:c2:12:cf:a7:03:19:67:ea:1e:47:
7c:39:a6:2c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIECUW7IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDUx
ODA3NTAxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhZTI1MjYwNTAz
MjA1MDYwY2IyN2FmZjJjZTcyMTExODVhNDkwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzIIHEcNv8aozHisNFVYq+wPVilcMK8eHx/TCOrxccwQE7j
yMGa/nfMKqPZ5qo0+omeitwyHggewPXGZR6Zxli6z5PMx9ZlRF47sbJ+dk1mq/Hf
W+aWPAgR2JBTHs2m1GTSiDmUT6ePcIhVdPXvWzL4Z35hxGe6sZ0/eBdtO9BteM0V
IAvmwnVCUzTOIMIymdRseMOZzzj9QRwyetaZNGTW9N4ODniCs27yn7YvGqBJ0dsh
gLwEMRBBfQiNO9pkRiCujjekTVU+yWgW5WPQYjz3+YTJFO2pd/NKJbEdKLfqGf+p
RVW2+QJCM21nADqGoFRxSCrvVRgCscGbh7NzT6sCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSMriUmBQMgUGDLJ6/yznIRGFpJBzAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L2pLNGxKZ1VESUZCZ3l5ZXY4czV5RVJoYVNRYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEBW15ADAMAwQAbXkhAwQAbXkkAwQA
bXkmAwQCbXkoMAwDBABteS0DBABteS4DBAFt6bgDBACy/e0DBAHURQoDBADURRIw
DQYJKoZIhvcNAQELBQADggEBAAMp1qzaB1joAxqqsyxGLSHFa/VwbYa5ZXAtNlh2
64Sv3prseA4KKVxCePm5p2xAd0g3yn+O1unlnuGOFL8mTbhhzYiUUJsfpPWyiKNx
VsMPbNbcBN9rs+9ybi+bCXwjsHFOsFGmK/4iHkr4ElE4eXs/pmaqh1DHidc2qFym
uaxMsvxqM0Tbqx1WG6HXC0FffQNHV9OWCYGtN9Qt7DfF9CWU1c6xqt46j4BQQbB6
xeFZbsbq405wrFltPhjRkInmhIjwM6YmcvwuprsyP4vWPZm3vpTS5kRSR3bEKVkz
x2Q4uEpeU9WbeOoBGP0zlgnhAstJwhLPpwMZZ+oeR3w5piw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:20 2023 by rpki-client on console-ams.rpki-client.org