Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/LxU5oiQn5RPMb_REz3CNG54IREE.roa
File: LxU5oiQn5RPMb_REz3CNG54IREE.roa (raw, json)
Hash identifier: FahQYU0CwUyZtdWZKEqchWze6yzwCQcDX76SCYBhkO8=
Subject key identifier: 2F:15:39:A2:24:27:E5:13:CC:6F:F4:44:CF:70:8D:1B:9E:08:44:41
Certificate issuer: /CN=166dcaf076c3ec103117deaa67990c968bcd644d
Certificate serial: CE400C
Authority key identifier: 16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/LxU5oiQn5RPMb_REz3CNG54IREE.roa
Signing time: Sat 01 Jan 2022 00:52:32 +0000
ROA not before: Sat 01 Jan 2022 00:52:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34661
IP address blocks: 109.122.0.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13516812 (0xce400c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166dcaf076c3ec103117deaa67990c968bcd644d
Validity
Not Before: Jan 1 00:52:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f1539a22427e513cc6ff444cf708d1b9e084441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bd:36:ce:1e:fe:e9:ad:3b:f8:2a:26:f2:4c:
1c:fb:62:81:e1:01:1e:37:59:35:17:fd:fd:9a:ae:
79:7b:85:e1:a7:b2:aa:89:aa:36:69:74:db:56:16:
fa:71:ec:fd:78:81:6a:41:fc:6d:8a:d3:2f:8b:79:
fd:41:e2:44:42:8c:03:1b:b2:32:94:28:26:68:a9:
2e:b9:f1:17:b6:f2:6b:77:d6:91:4a:a3:5c:82:34:
c8:f9:8e:26:eb:4a:38:d7:62:f7:51:5f:7f:eb:36:
3c:c3:18:a5:e3:8f:08:4d:45:a0:84:cf:39:3f:37:
0b:01:76:8d:0c:c2:6e:3d:e7:c1:8a:0f:0b:d1:cc:
f1:84:38:21:98:8b:7e:0a:aa:06:ca:9a:88:e3:a5:
a4:23:dd:af:35:bd:d8:a9:71:18:1e:cd:29:d9:ef:
03:3b:16:99:7d:c1:cc:3d:3b:ad:34:02:d9:41:58:
bb:e7:b4:2d:1b:ef:e3:33:cc:23:88:c4:63:b1:ed:
3f:11:ac:7f:ce:b0:13:84:be:67:15:18:6e:01:3a:
c0:36:16:74:d5:46:26:12:bb:fb:1e:c9:a4:72:68:
28:af:14:9e:fa:0e:21:57:41:05:d8:78:26:72:48:
b1:9f:0e:83:cc:f9:bc:bf:02:e8:a3:c6:70:d1:6d:
ac:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:15:39:A2:24:27:E5:13:CC:6F:F4:44:CF:70:8D:1B:9E:08:44:41
X509v3 Authority Key Identifier:
keyid:16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/LxU5oiQn5RPMb_REz3CNG54IREE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/Fm3K8HbD7BAxF96qZ5kMlovNZE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:76:86:75:7a:8a:f9:98:5c:78:70:5a:9d:0d:a4:0d:57:f9:
05:67:43:b0:19:81:b5:c1:72:c7:c1:ed:5a:77:65:de:da:82:
7c:35:5c:db:9a:f3:02:d5:cd:f6:0f:10:07:39:ea:fd:a9:6a:
43:0b:0e:f4:47:07:e8:10:27:5e:71:8f:19:a2:ea:7b:f8:91:
37:ae:75:6b:ea:f7:24:14:4e:fb:84:1b:a9:3c:92:5e:d4:b6:
af:a5:32:15:41:2d:09:c2:24:50:3a:a4:2f:9c:39:7a:b3:89:
74:4c:4a:bc:85:ba:2f:7f:9c:1f:e4:b4:8d:55:3a:57:f4:e8:
37:13:21:73:47:8e:05:2f:c9:36:4b:4e:79:9c:0a:8d:a9:55:
7d:07:a1:ea:74:28:f9:18:e9:ff:e0:56:7d:ea:d9:23:76:50:
7e:bd:8a:1b:fd:bd:c6:2d:eb:d9:b9:e4:a3:44:a8:da:0e:d6:
6f:cf:6a:38:8b:05:f4:9b:8a:1c:75:4d:93:57:dd:7f:1b:30:
ed:ac:6b:e7:f7:77:0f:47:b9:e2:77:44:1b:a7:39:bb:46:8b:
a4:82:e7:08:73:c4:f2:b3:f0:d1:1d:34:b5:71:4b:3d:8a:fe:
0a:f8:5e:94:36:fb:8f:ce:5e:bd:4f:52:68:e2:27:27:47:4f:
7b:30:0d:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAM5ADDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjZkY2FmMDc2YzNlYzEwMzExN2RlYWE2Nzk5MGM5NjhiY2Q2NDRkMB4XDTIyMDEw
MTAwNTIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYxNTM5YTIyNDI3
ZTUxM2NjNmZmNDQ0Y2Y3MDhkMWI5ZTA4NDQ0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMa9Ns4e/umtO/gqJvJMHPtigeEBHjdZNRf9/ZqueXuF4aey
qomqNml021YW+nHs/XiBakH8bYrTL4t5/UHiREKMAxuyMpQoJmipLrnxF7bya3fW
kUqjXII0yPmOJutKONdi91Fff+s2PMMYpeOPCE1FoITPOT83CwF2jQzCbj3nwYoP
C9HM8YQ4IZiLfgqqBsqaiOOlpCPdrzW92KlxGB7NKdnvAzsWmX3BzD07rTQC2UFY
u+e0LRvv4zPMI4jEY7HtPxGsf86wE4S+ZxUYbgE6wDYWdNVGJhK7+x7JpHJoKK8U
nvoOIVdBBdh4JnJIsZ8Og8z5vL8C6KPGcNFtrH0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQvFTmiJCflE8xv9ETPcI0bnghEQTAfBgNVHSMEGDAWgBQWbcrwdsPsEDEX
3qpnmQyWi81kTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZtM0s4SGJEN0JBeEY5NnFaNWtNbG92TlpFMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvM2FmMWU2LTdmNmQtNGFjOC1hMDIyLWZhYjliYWIyZjg5NC8x
L0x4VTVvaVFuNVJQTWJfUkV6M0NORzU0SVJFRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
M2FmMWU2LTdmNmQtNGFjOC1hMDIyLWZhYjliYWIyZjg5NC8xL0ZtM0s4SGJEN0JB
eEY5NnFaNWtNbG92TlpFMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBW16ADANBgkqhkiG9w0BAQsFAAOC
AQEAcnaGdXqK+ZhceHBanQ2kDVf5BWdDsBmBtcFyx8HtWndl3tqCfDVc25rzAtXN
9g8QBznq/alqQwsO9EcH6BAnXnGPGaLqe/iRN651a+r3JBRO+4QbqTySXtS2r6Uy
FUEtCcIkUDqkL5w5erOJdExKvIW6L3+cH+S0jVU6V/ToNxMhc0eOBS/JNktOeZwK
jalVfQeh6nQo+Rjp/+BWferZI3ZQfr2KG/29xi3r2bnko0So2g7Wb89qOIsF9JuK
HHVNk1fdfxsw7axr5/d3D0e54ndEG6c5u0aLpILnCHPE8rPw0R00tXFLPYr+Cvhe
lDb7j85evU9SaOInJ0dPezANOg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:27 2023 by rpki-client on console-fra.rpki-client.org