Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/npwV5xUVZxLadzVN_zH9CBod8PU.roa
File: npwV5xUVZxLadzVN_zH9CBod8PU.roa (raw, json)
Hash identifier: JasESZ/XxbmGMCvvos/mi5UUuYPC2Ve6QfAOdlHo6uk=
Subject key identifier: 9E:9C:15:E7:15:15:67:12:DA:77:35:4D:FF:31:FD:08:1A:1D:F0:F5
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 088DB62B
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/npwV5xUVZxLadzVN_zH9CBod8PU.roa
Signing time: Sat 26 Mar 2022 09:57:22 +0000
ROA not before: Sat 26 Mar 2022 09:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 188.255.135.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
109.121.34.0/24 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.35.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.37.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.41.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.121.42.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
109.121.45.0/24 maxlen: 24
109.121.46.0/24 maxlen: 24
109.121.47.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
178.253.237.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143504939 (0x88db62b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 26 09:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e9c15e715156712da77354dff31fd081a1df0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:e5:29:45:00:58:2a:f9:de:61:3a:ae:0e:
86:37:e8:f6:ce:a3:e6:6d:db:6c:72:e7:17:95:5b:
84:b8:fe:38:f6:d9:88:83:8d:fe:cc:40:45:e4:ed:
61:19:39:cd:a9:99:d5:01:e4:bd:36:f6:6c:7f:f5:
5f:19:ad:69:6b:71:85:1f:dc:39:e8:be:1d:25:be:
ab:09:bd:8d:1f:9d:d5:ae:f0:26:ae:ef:ba:01:6b:
cd:56:07:f9:dc:2a:32:55:33:a9:36:4a:18:de:81:
a1:6d:9d:f0:c7:13:ec:3e:e3:e8:68:0c:48:c9:62:
5b:2e:b7:82:29:4a:79:ba:9f:30:10:80:64:40:53:
ab:2c:0e:70:be:2b:f9:5c:0e:18:28:17:f9:28:d5:
d1:83:83:07:2d:b9:fb:02:8d:ec:36:ea:89:8f:37:
8c:cf:41:39:4f:a4:87:f8:d0:33:8e:22:88:72:3f:
0c:f6:f0:24:30:39:68:a4:6c:15:9b:db:53:ac:3c:
6d:8c:cf:6d:bf:1a:7a:58:9b:35:c2:b6:bb:74:9e:
88:92:a8:5e:5a:2b:85:d3:a3:d6:9c:12:e7:70:ee:
c4:02:66:f5:8c:a8:68:f3:59:86:87:f7:6c:4b:70:
84:fb:d6:1b:c5:ba:bf:8b:9b:19:97:6f:6c:4d:8f:
38:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9C:15:E7:15:15:67:12:DA:77:35:4D:FF:31:FD:08:1A:1D:F0:F5
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/npwV5xUVZxLadzVN_zH9CBod8PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.121.33.0-109.121.43.255
109.121.45.0-109.121.47.255
178.253.237.0/24
188.255.135.0/24
212.69.10.0/23
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:1f:e7:50:c6:75:e7:8e:f4:2f:69:e9:f4:8a:c0:58:e0:43:
0c:7d:9c:92:a5:2a:ca:c2:18:c7:c7:cd:2e:51:d4:81:d4:39:
9f:ef:b5:f1:c8:9c:4b:9e:ce:57:7f:a2:0c:05:c7:13:4d:04:
55:af:61:a9:4e:45:aa:fd:3e:c6:e8:37:f9:26:91:96:12:14:
f0:b6:09:48:ad:97:ba:b1:79:0b:f8:77:a3:6d:59:7c:1e:bd:
ad:66:0d:fc:12:93:c5:29:0c:17:68:82:73:38:74:2b:a2:22:
54:55:91:7e:9d:3a:6e:75:f6:f1:92:3a:d7:50:92:a1:3d:fc:
76:18:4f:b8:87:74:c9:57:b0:8f:68:b3:bb:e9:97:8e:e6:31:
2f:a4:4b:d2:d4:af:cb:13:d2:cb:9f:91:3d:13:2a:2f:77:13:
62:a7:e9:f3:a7:e6:f2:02:82:f1:89:df:23:59:15:dc:f7:96:
b5:ef:dd:66:95:76:86:6d:30:07:d2:58:1b:e9:68:27:bc:87:
cf:c3:97:70:c8:ae:87:28:1a:0a:1b:78:f5:f1:52:97:73:5b:
ed:64:b2:cb:cb:03:a1:7f:8b:9f:09:2f:6b:56:b9:d9:88:4e:
2c:7c:7c:c9:b2:84:5d:f9:60:6a:e4:ea:9f:72:11:9f:a8:3d:
79:48:cd:65
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECI22KzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDMy
NjA5NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU5YzE1ZTcxNTE1
NjcxMmRhNzczNTRkZmYzMWZkMDgxYTFkZjBmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8M5SlFAFgq+d5hOq4Ohjfo9s6j5m3bbHLnF5VbhLj+OPbZ
iION/sxAReTtYRk5zamZ1QHkvTb2bH/1XxmtaWtxhR/cOei+HSW+qwm9jR+d1a7w
Jq7vugFrzVYH+dwqMlUzqTZKGN6BoW2d8McT7D7j6GgMSMliWy63gilKebqfMBCA
ZEBTqywOcL4r+VwOGCgX+SjV0YODBy25+wKN7DbqiY83jM9BOU+kh/jQM44iiHI/
DPbwJDA5aKRsFZvbU6w8bYzPbb8aelibNcK2u3SeiJKoXlorhdOj1pwS53DuxAJm
9YyoaPNZhof3bEtwhPvWG8W6v4ubGZdvbE2POKkCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBSenBXnFRVnEtp3NU3/Mf0IGh3w9TAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L25wd1Y1eFVWWnhMYWR6Vk5fekg5Q0JvZDhQVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEBW15ADAMAwQAbXkhAwQCbXkoMAwD
BABteS0DBARteSADBACy/e0DBAC8/4cDBAHURQoDBADURRIwDQYJKoZIhvcNAQEL
BQADggEBAJ0f51DGdeeO9C9p6fSKwFjgQwx9nJKlKsrCGMfHzS5R1IHUOZ/vtfHI
nEuezld/ogwFxxNNBFWvYalORar9PsboN/kmkZYSFPC2CUitl7qxeQv4d6NtWXwe
va1mDfwSk8UpDBdognM4dCuiIlRVkX6dOm519vGSOtdQkqE9/HYYT7iHdMlXsI9o
s7vpl47mMS+kS9LUr8sT0sufkT0TKi93E2Kn6fOn5vICgvGJ3yNZFdz3lrXv3WaV
doZtMAfSWBvpaCe8h8/Dl3DIrocoGgobePXxUpdzW+1kssvLA6F/i58JL2tWudmI
Tix8fMmyhF35YGrk6p9yEZ+oPXlIzWU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org