Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/DQMfRwduUwZg0Y4XTMsepQEqLVQ.roa
File: DQMfRwduUwZg0Y4XTMsepQEqLVQ.roa (raw, json)
Hash identifier: /IkPJTjg+LKyZimvBwlX3TIHukQr1+vE9qEslzKmrQ8=
Subject key identifier: 0D:03:1F:47:07:6E:53:06:60:D1:8E:17:4C:CB:1E:A5:01:2A:2D:54
Certificate issuer: /CN=607e13578c680ee98fdaad202370f10e3c282afc
Certificate serial: 8656BE
Authority key identifier: 60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/DQMfRwduUwZg0Y4XTMsepQEqLVQ.roa
Signing time: Sat 01 Jan 2022 00:50:18 +0000
ROA not before: Sat 01 Jan 2022 00:50:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197095
IP address blocks: 109.232.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8804030 (0x8656be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607e13578c680ee98fdaad202370f10e3c282afc
Validity
Not Before: Jan 1 00:50:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d031f47076e530660d18e174ccb1ea5012a2d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5b:08:d5:98:68:8c:36:76:64:38:59:17:7c:
ba:f0:82:43:58:31:bc:73:1a:5f:3f:04:9b:9d:99:
7b:05:3b:64:6a:dd:96:60:c1:7b:11:92:72:a1:14:
17:b2:c0:29:34:15:83:f7:cc:c4:2d:ab:45:29:f0:
65:bb:85:bb:6a:90:04:4a:83:61:6e:c6:a3:67:d2:
a0:3e:77:ec:b1:63:d0:ce:6e:fb:d6:5b:2b:b7:53:
1f:6e:b6:b3:3a:44:00:a4:79:78:e9:af:98:79:9a:
34:a7:30:71:0d:17:c0:6a:49:f6:0c:84:ab:e3:65:
ae:bb:a7:25:35:c1:15:ad:b1:7b:c4:42:9c:b5:4a:
db:2d:8b:f8:85:73:bd:27:e4:b6:a7:b0:88:2f:a2:
e5:3c:60:21:de:f3:f5:13:7b:9d:dc:c8:f4:e6:90:
9d:59:24:4d:4e:2b:9d:bb:4d:68:c5:cf:81:7e:32:
07:bf:4b:e1:ef:34:72:f1:3b:38:4e:94:39:96:7a:
e4:5a:18:70:27:bb:1f:86:a7:dd:63:93:05:c2:6d:
ae:71:88:c1:ee:87:a0:cd:32:21:98:68:cf:f4:63:
87:e1:6d:4f:5c:85:5b:ba:c6:c3:a7:f2:6f:66:37:
54:1d:83:ba:56:40:8c:8c:97:a9:cd:bf:e3:22:58:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:03:1F:47:07:6E:53:06:60:D1:8E:17:4C:CB:1E:A5:01:2A:2D:54
X509v3 Authority Key Identifier:
keyid:60:7E:13:57:8C:68:0E:E9:8F:DA:AD:20:23:70:F1:0E:3C:28:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH4TV4xoDumP2q0gI3DxDjwoKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/DQMfRwduUwZg0Y4XTMsepQEqLVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a21bbe-ba4d-4e03-bef8-baffe3b677df/1/YH4TV4xoDumP2q0gI3DxDjwoKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.120.0/21
Signature Algorithm: sha256WithRSAEncryption
88:b2:00:48:38:d5:34:21:4f:85:c8:0c:f1:41:47:b3:f3:9e:
8a:be:19:74:72:d7:9e:03:75:63:ec:c2:0e:e9:5b:1b:d6:c9:
b1:df:15:1a:1d:63:3a:e7:d6:0a:5f:82:17:87:68:9e:20:47:
9d:3a:23:c1:36:47:b3:0d:d8:47:4e:7b:36:52:8e:04:e6:46:
81:4d:4c:bf:42:e5:4c:ba:11:ee:7a:66:5e:68:70:1d:3f:2c:
71:3b:e5:c1:9e:ae:9e:d7:da:44:66:cb:ea:0d:77:de:32:fd:
50:2a:df:86:01:ea:bd:13:74:8a:67:59:3f:89:8d:43:aa:6e:
07:34:6e:e5:6f:80:32:3a:0c:32:f5:13:8e:4f:7b:89:d3:df:
4d:b6:ec:d6:10:4c:87:46:35:f3:7c:92:69:04:4e:80:b5:fc:
44:f8:9b:21:3b:1e:ad:1a:76:60:34:27:70:44:d1:a2:3c:ef:
35:74:60:6f:d9:3d:f8:fa:dd:15:ae:ad:b1:bd:bd:b2:0f:2d:
46:4d:fa:ce:ba:c0:18:8d:22:fe:0d:b6:c7:e1:fc:5b:d8:04:
41:3b:40:7d:1f:36:bc:e1:60:af:91:00:11:30:86:c6:49:5a:
88:a3:61:8f:16:f0:6f:e3:5a:9c:bf:57:c5:98:cb:09:72:28:
72:2e:cd:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIZWvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDdlMTM1NzhjNjgwZWU5OGZkYWFkMjAyMzcwZjEwZTNjMjgyYWZjMB4XDTIyMDEw
MTAwNTAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQwMzFmNDcwNzZl
NTMwNjYwZDE4ZTE3NGNjYjFlYTUwMTJhMmQ1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFbCNWYaIw2dmQ4WRd8uvCCQ1gxvHMaXz8Em52ZewU7ZGrd
lmDBexGScqEUF7LAKTQVg/fMxC2rRSnwZbuFu2qQBEqDYW7Go2fSoD537LFj0M5u
+9ZbK7dTH262szpEAKR5eOmvmHmaNKcwcQ0XwGpJ9gyEq+NlrrunJTXBFa2xe8RC
nLVK2y2L+IVzvSfktqewiC+i5TxgId7z9RN7ndzI9OaQnVkkTU4rnbtNaMXPgX4y
B79L4e80cvE7OE6UOZZ65FoYcCe7H4an3WOTBcJtrnGIwe6HoM0yIZhoz/Rjh+Ft
T1yFW7rGw6fyb2Y3VB2DulZAjIyXqc2/4yJYgPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNAx9HB25TBmDRjhdMyx6lASotVDAfBgNVHSMEGDAWgBRgfhNXjGgO6Y/a
rSAjcPEOPCgq/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lINFRWNHhvRHVtUDJxMGdJM0R4RGp3b0t2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvYTIxYmJlLWJhNGQtNGUwMy1iZWY4LWJhZmZlM2I2NzdkZi8x
L0RRTWZSd2R1VXdaZzBZNFhUTXNlcFFFcUxWUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
YTIxYmJlLWJhNGQtNGUwMy1iZWY4LWJhZmZlM2I2NzdkZi8xL1lINFRWNHhvRHVt
UDJxMGdJM0R4RGp3b0t2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA23oeDANBgkqhkiG9w0BAQsFAAOC
AQEAiLIASDjVNCFPhcgM8UFHs/Oeir4ZdHLXngN1Y+zCDulbG9bJsd8VGh1jOufW
Cl+CF4doniBHnTojwTZHsw3YR057NlKOBOZGgU1Mv0LlTLoR7npmXmhwHT8scTvl
wZ6untfaRGbL6g133jL9UCrfhgHqvRN0imdZP4mNQ6puBzRu5W+AMjoMMvUTjk97
idPfTbbs1hBMh0Y183ySaQROgLX8RPibITserRp2YDQncETRojzvNXRgb9k9+Prd
Fa6tsb29sg8tRk36zrrAGI0i/g22x+H8W9gEQTtAfR82vOFgr5EAETCGxklaiKNh
jxbwb+NanL9XxZjLCXIoci7NjQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:41:44 2025 by rpki-client