Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/l_optiduzsxckQmSP86jfP8GFM0.roa
File: l_optiduzsxckQmSP86jfP8GFM0.roa (raw, json)
Hash identifier: qjXRacEYPgyjHpzN7ng4pe/lCKMz31b9arCRvsNnddU=
Subject key identifier: 97:FA:29:B6:27:6E:CE:CC:5C:91:09:92:3F:CE:A3:7C:FF:06:14:CD
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01841D92821A97CA475A011E1D640675D298
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/l_optiduzsxckQmSP86jfP8GFM0.roa
Signing time: Fri 28 Oct 2022 07:50:51 +0000
ROA not before: Fri 28 Oct 2022 07:50:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 109.121.38.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
79.175.117.0/24 maxlen: 24
109.121.32.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.44.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
77.105.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:92:82:1a:97:ca:47:5a:01:1e:1d:64:06:75:d2:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 28 07:50:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97fa29b6276ececc5c9109923fcea37cff0614cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d6:3b:dd:e5:04:52:7b:bf:3c:93:f2:80:80:
39:90:db:a2:43:03:27:42:3e:1e:c1:25:19:4f:1b:
b8:f6:e6:86:bc:8e:11:19:6e:0c:bb:2f:8d:28:e1:
fd:c6:7c:43:a2:35:1a:41:d2:c0:8f:85:77:00:f4:
8c:2d:ab:e2:fe:92:bc:42:aa:ba:5a:a8:76:1a:a3:
03:41:28:15:52:ad:91:e9:80:53:cd:47:3f:4e:66:
38:f1:4d:64:8c:b5:d3:7e:b6:9d:fa:58:c2:4d:8b:
46:f7:b9:fb:62:2a:8e:40:8f:eb:ad:2f:e8:11:aa:
ec:8e:5a:00:ae:10:3f:07:6f:a7:b6:9d:d8:e7:21:
bd:01:e4:34:68:25:64:dd:2d:f3:76:a9:16:81:79:
9a:0a:38:9b:5b:38:cb:b3:2c:be:c1:1e:ea:cc:4e:
83:11:3c:4e:3f:d6:2c:75:04:9f:12:cc:97:21:d8:
d3:a2:30:e9:d9:6c:96:fc:63:b8:28:a3:8c:07:61:
ae:6e:99:ba:78:a8:df:2a:25:d6:c2:35:01:cb:18:
d5:f3:ef:93:9b:a9:0a:77:bf:63:8d:c3:f2:e7:4f:
ae:3c:db:82:78:db:33:c6:44:c7:39:84:11:ce:45:
27:43:4f:f2:eb:4b:99:d0:1a:82:06:ec:9a:84:fb:
54:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:FA:29:B6:27:6E:CE:CC:5C:91:09:92:3F:CE:A3:7C:FF:06:14:CD
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/l_optiduzsxckQmSP86jfP8GFM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.4.0/24
79.175.117.0/24
109.121.32.0/24
109.121.35.0/24
109.121.38.0/24
109.121.40.0/23
109.121.43.0-109.121.44.255
109.121.46.0/24
109.233.184.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:d5:63:18:b7:3f:5a:4e:92:1f:65:bd:af:61:e9:07:98:4e:
21:d0:5c:13:e9:79:85:36:41:af:b4:0a:31:fb:99:2c:44:c3:
72:0f:4a:87:ab:36:7f:3e:b6:45:6b:36:1d:41:34:0e:be:1b:
87:34:fb:8e:af:e1:9d:25:99:ca:16:88:9a:db:98:1c:d5:75:
a3:5c:09:6b:55:9d:d8:00:6f:a1:31:ca:e9:13:57:25:9f:60:
38:f0:77:06:21:88:40:a5:25:9b:f1:59:f0:8a:f5:d5:71:b4:
25:60:66:ff:fa:a8:f1:1a:d6:0b:36:30:13:ea:b1:f9:00:30:
9c:b4:68:34:d4:ef:ed:cd:4d:00:e1:ce:ea:dc:7d:af:ef:a0:
d0:79:4d:8b:e8:f0:05:50:ce:7c:4e:68:5a:fe:0e:86:e4:b4:
d9:e5:98:d3:a8:59:58:80:cc:0e:62:32:8b:39:44:9d:bd:a7:
f1:4d:90:24:66:58:f0:2f:e1:0d:10:da:0b:c5:e5:6e:39:e4:
a7:d3:63:02:27:47:e6:56:84:32:38:3a:de:62:65:31:6a:d2:
32:3d:9a:92:5a:aa:e9:ab:64:1a:4c:e2:e7:58:6a:48:d1:0b:
e9:9f:83:f4:bc:fc:2d:4f:ee:40:11:52:1e:eb:90:19:ce:a7:
68:5f:d1:81
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYQdkoIal8pHWgEeHWQGddKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIxMDI4MDc1MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ZhMjliNjI3NmVjZWNjNWM5MTA5OTIzZmNlYTM3Y2ZmMDYxNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNY73eUEUnu/PJPygIA5kNuiQwMn
Qj4ewSUZTxu49uaGvI4RGW4Muy+NKOH9xnxDojUaQdLAj4V3APSMLavi/pK8Qqq6
Wqh2GqMDQSgVUq2R6YBTzUc/TmY48U1kjLXTfrad+ljCTYtG97n7YiqOQI/rrS/o
EarsjloArhA/B2+ntp3Y5yG9AeQ0aCVk3S3zdqkWgXmaCjibWzjLsyy+wR7qzE6D
ETxOP9YsdQSfEsyXIdjTojDp2WyW/GO4KKOMB2Gubpm6eKjfKiXWwjUByxjV8++T
m6kKd79jjcPy50+uPNuCeNszxkTHOYQRzkUnQ0/y60uZ0BqCBuyahPtUSQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJf6KbYnbs7MXJEJkj/Oo3z/BhTNMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvbF9vcHRpZHV6c3hja1FtU1A4NmpmUDhHRk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQATWkEAwQA
T691AwQAbXkgAwQAbXkjAwQAbXkmAwQBbXkoMAwDBABteSsDBABteSwDBABteS4D
BABt6bgwDQYJKoZIhvcNAQELBQADggEBAH/VYxi3P1pOkh9lva9h6QeYTiHQXBPp
eYU2Qa+0CjH7mSxEw3IPSoerNn8+tkVrNh1BNA6+G4c0+46v4Z0lmcoWiJrbmBzV
daNcCWtVndgAb6ExyukTVyWfYDjwdwYhiEClJZvxWfCK9dVxtCVgZv/6qPEa1gs2
MBPqsfkAMJy0aDTU7+3NTQDhzurcfa/voNB5TYvo8AVQznxOaFr+DobktNnlmNOo
WViAzA5iMos5RJ29p/FNkCRmWPAv4Q0Q2gvF5W455KfTYwInR+ZWhDI4Ot5iZTFq
0jI9mpJaqumrZBpM4udYakjRC+mfg/S8/C1P7kARUh7rkBnOp2hf0YE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org