Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/9sShTqizE9EXMzYQcvgjcNi7jqg.roa
File: 9sShTqizE9EXMzYQcvgjcNi7jqg.roa (raw, json)
Hash identifier: dVBDWVr9ZVaLd3RFZ4Ng+p2v+bX/XiJfxAq+Jt2CyQk=
Subject key identifier: F6:C4:A1:4E:A8:B3:13:D1:17:33:36:10:72:F8:23:70:D8:BB:8E:A8
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 02F6EA76
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/9sShTqizE9EXMzYQcvgjcNi7jqg.roa
Signing time: Fri 18 Mar 2022 10:24:04 +0000
ROA not before: Fri 18 Mar 2022 10:24:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 109.166.40.0/21 maxlen: 21
109.166.48.0/21 maxlen: 21
151.248.72.0/21 maxlen: 21
151.248.80.0/21 maxlen: 21
151.248.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49736310 (0x2f6ea76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Mar 18 10:24:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6c4a14ea8b313d11733361072f82370d8bb8ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fb:6d:ef:37:75:8b:6b:92:91:95:cd:76:6e:
59:96:29:26:ae:02:5c:fc:d7:01:9f:74:97:a6:14:
ec:9d:37:a7:bc:42:24:5e:80:21:a0:d0:4b:73:3f:
d3:98:eb:f3:1d:ee:34:48:3c:36:c6:36:d3:9c:1b:
6e:6d:af:2a:07:58:be:74:f4:a5:ac:bf:66:44:5c:
d2:6c:50:8a:39:35:fe:fd:89:77:da:bc:a1:8a:6e:
1b:39:65:e0:32:ee:34:1e:76:1e:d9:c1:11:a9:78:
ad:1d:70:41:21:bf:f6:3f:49:97:c7:99:83:02:40:
fb:f7:d6:1f:24:22:13:df:42:23:05:a4:3b:99:06:
eb:77:0f:c2:54:ef:65:b5:fc:af:db:73:5f:f6:66:
6d:83:87:47:47:78:87:0a:03:97:6f:36:2a:a6:95:
39:8f:42:d1:39:08:0d:7a:95:b3:d1:64:86:d3:5b:
6c:cd:ff:12:65:3d:2b:bf:ca:51:87:fb:74:64:7d:
9b:49:bb:bb:3b:20:31:ee:a2:5b:a9:05:04:54:ec:
60:b9:c3:04:e3:8a:a2:97:55:5e:88:6f:5d:48:43:
8a:02:0f:5b:d4:13:34:93:a7:4e:2b:ef:81:72:4d:
56:76:9b:49:c4:b8:ce:21:cd:94:cc:3a:fb:f1:65:
b6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C4:A1:4E:A8:B3:13:D1:17:33:36:10:72:F8:23:70:D8:BB:8E:A8
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/9sShTqizE9EXMzYQcvgjcNi7jqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.40.0-109.166.55.255
151.248.72.0-151.248.91.255
Signature Algorithm: sha256WithRSAEncryption
89:df:43:c1:15:76:89:c4:d7:eb:d4:af:2d:2d:91:fd:cd:65:
76:d9:0a:bf:12:bb:0d:0f:87:7d:b8:62:49:de:af:ab:4e:5d:
16:c9:d7:71:25:83:22:13:ba:4e:43:1c:5b:63:a8:aa:fe:92:
5e:26:4e:9f:80:77:b3:67:b6:ae:4d:ae:00:11:53:57:60:d1:
73:65:17:71:5f:e1:30:bd:55:55:9b:c9:6b:62:22:eb:0f:b9:
57:82:34:9e:88:85:ea:80:1a:62:6a:88:f0:11:a6:d5:0c:b9:
be:12:6b:74:54:0b:9b:48:26:e1:e0:67:b7:66:c3:02:a1:8b:
05:c0:8c:55:de:ad:0e:1c:e4:d5:83:50:45:94:f2:61:5c:be:
5a:0c:e7:d3:e3:2e:5e:2f:09:e3:6b:2f:26:01:d4:0c:fa:c4:
27:8b:7a:7d:be:e6:82:5e:9f:d5:7b:10:2a:c8:99:ae:55:54:
18:01:a5:6b:20:74:95:44:ef:09:d4:17:0c:12:ab:06:a6:cd:
03:b0:f0:65:0f:f6:ba:d9:ac:b2:f7:5e:bd:8f:ac:1b:01:9b:
6f:ab:6e:90:81:fe:a2:8c:b3:8a:10:99:30:22:ce:37:74:e7:
cc:af:27:7d:c4:ba:92:db:39:83:35:51:f0:35:bb:1e:14:5a:
a8:65:8b:3d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEAvbqdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYyYzJlN2JjMWRhNTRkOTE5Y2E1YjU5NDFkMzc4ODkyYjJjY2IyMB4XDTIyMDMx
ODEwMjQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZjNGExNGVhOGIz
MTNkMTE3MzMzNjEwNzJmODIzNzBkOGJiOGVhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJP7be83dYtrkpGVzXZuWZYpJq4CXPzXAZ90l6YU7J03p7xC
JF6AIaDQS3M/05jr8x3uNEg8NsY205wbbm2vKgdYvnT0pay/ZkRc0mxQijk1/v2J
d9q8oYpuGzll4DLuNB52HtnBEal4rR1wQSG/9j9Jl8eZgwJA+/fWHyQiE99CIwWk
O5kG63cPwlTvZbX8r9tzX/ZmbYOHR0d4hwoDl282KqaVOY9C0TkIDXqVs9FkhtNb
bM3/EmU9K7/KUYf7dGR9m0m7uzsgMe6iW6kFBFTsYLnDBOOKopdVXohvXUhDigIP
W9QTNJOnTivvgXJNVnabScS4ziHNlMw6+/FlttsCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBT2xKFOqLMT0RczNhBy+CNw2LuOqDAfBgNVHSMEGDAWgBQi8sLnvB2lTZGc
pbWUHTeIkrLMsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TEM1N3dkcFUyUm5LVzFsQjAzaUpLeXpMSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8x
LzlzU2hUcWl6RTlFWE16WVFjdmdqY05pN2pxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NjAyNTMwLTZkMjItNDZmMS04ZTA1LTAyZGVmNmU4NGM5MS8xL0l2TEM1N3dkcFUy
Um5LVzFsQjAzaUpLeXpMSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQDbaYoAwQDbaYwMAwDBAOX+EgD
BAKX+FgwDQYJKoZIhvcNAQELBQADggEBAInfQ8EVdonE1+vUry0tkf3NZXbZCr8S
uw0Ph324Ykner6tOXRbJ13ElgyITuk5DHFtjqKr+kl4mTp+Ad7Nntq5NrgARU1dg
0XNlF3Ff4TC9VVWbyWtiIusPuVeCNJ6IheqAGmJqiPARptUMub4Sa3RUC5tIJuHg
Z7dmwwKhiwXAjFXerQ4c5NWDUEWU8mFcvloM59PjLl4vCeNrLyYB1Az6xCeLen2+
5oJen9V7ECrIma5VVBgBpWsgdJVE7wnUFwwSqwamzQOw8GUP9rrZrLL3Xr2PrBsB
m2+rbpCB/qKMs4oQmTAizjd058yvJ33EupLbOYM1UfA1ux4UWqhliz0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org