Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/KVQI4A9UbTYw0Tq4orcN2xfDSv0.roa
File: KVQI4A9UbTYw0Tq4orcN2xfDSv0.roa (raw, json)
Hash identifier: plsM+UVIfVvdmmkRN5BEVoA+bUspetaem/dKjpUHdAY=
Subject key identifier: 29:54:08:E0:0F:54:6D:36:30:D1:3A:B8:A2:B7:0D:DB:17:C3:4A:FD
Certificate issuer: /CN=3a3c63cbd934825e55bbe359cb7306869ed451cd
Certificate serial: 04E0F678
Authority key identifier: 3A:3C:63:CB:D9:34:82:5E:55:BB:E3:59:CB:73:06:86:9E:D4:51:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ojxjy9k0gl5Vu-NZy3MGhp7UUc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/KVQI4A9UbTYw0Tq4orcN2xfDSv0.roa
Signing time: Sat 01 Jan 2022 10:54:53 +0000
ROA not before: Sat 01 Jan 2022 10:54:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25264
IP address blocks: 109.206.253.0/24 maxlen: 24
109.206.252.0/24 maxlen: 24
109.206.252.0/22 maxlen: 22
109.206.255.0/24 maxlen: 24
109.206.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81852024 (0x4e0f678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a3c63cbd934825e55bbe359cb7306869ed451cd
Validity
Not Before: Jan 1 10:54:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=295408e00f546d3630d13ab8a2b70ddb17c34afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:22:3f:f0:35:16:7c:37:62:5b:43:dc:28:a8:
da:9f:b0:a2:8e:81:bd:56:27:37:c1:5a:6b:78:23:
9b:38:3f:e6:fd:04:a4:96:e9:2a:ad:5b:97:cb:53:
c3:28:47:dd:47:ad:ad:dc:90:1b:4d:33:20:3d:57:
90:4e:91:41:e7:00:6a:a3:3b:e3:c6:1a:be:23:27:
e7:ca:fe:36:50:95:14:25:0a:88:86:ec:c6:4b:17:
ad:2b:dd:56:66:d6:c9:b6:17:61:61:44:e1:26:87:
94:0c:9c:a7:b5:8b:0b:22:2f:53:37:cf:02:fd:f7:
10:24:e8:ea:29:9f:8c:a9:7f:fe:bf:2f:e8:89:d3:
41:37:38:15:8f:e6:f7:57:7d:94:d7:1b:95:fc:d0:
e2:38:22:93:e2:7c:4b:1d:60:e5:b1:df:10:39:bf:
9d:8d:2c:96:06:71:15:5e:40:33:e5:ae:b0:56:47:
cc:46:ae:27:6b:d6:1e:ed:a1:a2:e7:32:e9:4e:cf:
d7:e5:58:a7:c8:23:51:81:80:2d:43:82:f8:c4:fa:
2e:39:65:c6:e6:54:6b:92:d5:39:02:4f:f4:a6:27:
63:15:56:b2:06:ff:43:07:49:5f:31:3a:31:5d:cd:
35:22:40:48:15:99:27:58:68:d1:83:92:3b:ea:1a:
5f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:08:E0:0F:54:6D:36:30:D1:3A:B8:A2:B7:0D:DB:17:C3:4A:FD
X509v3 Authority Key Identifier:
keyid:3A:3C:63:CB:D9:34:82:5E:55:BB:E3:59:CB:73:06:86:9E:D4:51:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ojxjy9k0gl5Vu-NZy3MGhp7UUc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/KVQI4A9UbTYw0Tq4orcN2xfDSv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3770f8-62fe-40a5-94b5-548e7e4b102b/1/Ojxjy9k0gl5Vu-NZy3MGhp7UUc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.252.0/22
Signature Algorithm: sha256WithRSAEncryption
91:a3:8c:a8:16:80:c2:cb:42:47:39:d3:08:d5:fc:c0:9a:e1:
3b:fa:1f:1c:0a:7f:e9:1b:13:ed:bf:28:79:24:c1:e5:92:8e:
e9:14:d6:d0:92:d8:e0:ff:59:83:56:2f:26:ba:63:d4:a9:2c:
58:01:c7:49:1b:74:25:c7:bd:73:52:9b:30:a3:8c:20:9f:29:
d6:06:2d:d0:b9:09:51:51:01:78:7e:89:c8:9f:c9:9a:7a:d6:
10:9b:0f:f8:c3:b7:49:73:0b:75:43:db:3d:ce:5d:05:77:48:
56:f1:ed:b8:f6:ad:ca:a7:3a:35:8e:9a:4b:1e:f7:1c:92:ef:
55:db:b9:24:f6:7b:63:17:c7:ae:e8:61:24:52:c7:a6:cc:94:
30:ee:cf:9f:4d:30:69:f5:2d:bc:e0:a6:37:8e:58:79:e5:ab:
3a:7c:19:d2:a6:64:42:a7:ef:9c:b8:82:00:d2:19:03:80:2b:
2e:4f:69:89:b7:f6:e6:a0:c4:bf:b4:6f:ec:93:80:57:e7:5c:
ca:f2:62:42:d0:8b:1f:2e:a9:03:43:41:fa:16:96:bf:73:1d:
2b:e5:71:4e:87:d1:d7:d3:77:3e:ff:72:fb:bf:3d:45:2e:aa:
7d:62:21:52:9a:61:7c:c3:f0:70:e1:aa:9c:89:99:2a:84:0f:
26:5e:d2:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBOD2eDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTNjNjNjYmQ5MzQ4MjVlNTViYmUzNTljYjczMDY4NjllZDQ1MWNkMB4XDTIyMDEw
MTEwNTQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk1NDA4ZTAwZjU0
NmQzNjMwZDEzYWI4YTJiNzBkZGIxN2MzNGFmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwiP/A1Fnw3YltD3Cio2p+woo6BvVYnN8Faa3gjmzg/5v0E
pJbpKq1bl8tTwyhH3UetrdyQG00zID1XkE6RQecAaqM748YaviMn58r+NlCVFCUK
iIbsxksXrSvdVmbWybYXYWFE4SaHlAycp7WLCyIvUzfPAv33ECTo6imfjKl//r8v
6InTQTc4FY/m91d9lNcblfzQ4jgik+J8Sx1g5bHfEDm/nY0slgZxFV5AM+WusFZH
zEauJ2vWHu2houcy6U7P1+VYp8gjUYGALUOC+MT6LjllxuZUa5LVOQJP9KYnYxVW
sgb/QwdJXzE6MV3NNSJASBWZJ1ho0YOSO+oaX40CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQpVAjgD1RtNjDROriitw3bF8NK/TAfBgNVHSMEGDAWgBQ6PGPL2TSCXlW7
41nLcwaGntRRzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09qeGp5OWswZ2w1VnUtTlp5M01HaHA3VVVjMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMzc3MGY4LTYyZmUtNDBhNS05NGI1LTU0OGU3ZTRiMTAyYi8x
L0tWUUk0QTlVYlRZdzBUcTRvcmNOMnhmRFN2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
Mzc3MGY4LTYyZmUtNDBhNS05NGI1LTU0OGU3ZTRiMTAyYi8xL09qeGp5OWswZ2w1
VnUtTlp5M01HaHA3VVVjMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAm3O/DANBgkqhkiG9w0BAQsFAAOC
AQEAkaOMqBaAwstCRznTCNX8wJrhO/ofHAp/6RsT7b8oeSTB5ZKO6RTW0JLY4P9Z
g1YvJrpj1KksWAHHSRt0Jce9c1KbMKOMIJ8p1gYt0LkJUVEBeH6JyJ/JmnrWEJsP
+MO3SXMLdUPbPc5dBXdIVvHtuPatyqc6NY6aSx73HJLvVdu5JPZ7YxfHruhhJFLH
psyUMO7Pn00wafUtvOCmN45YeeWrOnwZ0qZkQqfvnLiCANIZA4ArLk9pibf25qDE
v7Rv7JOAV+dcyvJiQtCLHy6pA0NB+haWv3MdK+VxTofR19N3Pv9y+789RS6qfWIh
UpphfMPwcOGqnImZKoQPJl7Sfg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:20 2023 by rpki-client on console-ams.rpki-client.org