Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/MiIjRoq9l5b5ynsd55KK_d3xaiU.roa
File: MiIjRoq9l5b5ynsd55KK_d3xaiU.roa (raw, json)
Hash identifier: DWyQcLBAxmTPEYuqB4qP+FK24OaDXb8XGx2IoDhXci0=
Subject key identifier: 32:22:23:46:8A:BD:97:96:F9:CA:7B:1D:E7:92:8A:FD:DD:F1:6A:25
Certificate issuer: /CN=0fc4f70a92d46ac02c8dfe7f975be48abd62e7a4
Certificate serial: 334C385A
Authority key identifier: 0F:C4:F7:0A:92:D4:6A:C0:2C:8D:FE:7F:97:5B:E4:8A:BD:62:E7:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/MiIjRoq9l5b5ynsd55KK_d3xaiU.roa
Signing time: Sat 01 Jan 2022 06:59:01 +0000
ROA not before: Sat 01 Jan 2022 06:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196865
IP address blocks: 178.19.160.0/21 maxlen: 21
178.19.168.0/22 maxlen: 22
185.142.168.0/22 maxlen: 22
185.75.108.0/22 maxlen: 22
109.232.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 860633178 (0x334c385a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc4f70a92d46ac02c8dfe7f975be48abd62e7a4
Validity
Not Before: Jan 1 06:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=322223468abd9796f9ca7b1de7928afdddf16a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8a:88:76:66:32:31:ea:41:7f:f9:f4:70:f9:
19:20:f0:b4:8e:2d:a9:43:84:c3:56:8b:21:7b:ca:
87:6e:08:0d:5a:70:90:2f:c7:79:76:06:0b:2d:0b:
44:d6:28:c4:ec:c6:9e:2b:09:81:65:10:75:f9:48:
92:4c:9e:59:01:19:a8:6d:48:51:20:a7:34:87:ca:
14:6d:7b:2c:50:34:07:a1:b7:24:15:6c:5f:53:60:
c9:18:0f:71:3d:c4:87:1f:4b:16:13:6f:14:85:48:
11:a6:a9:5f:83:47:ac:be:40:2f:62:07:f7:99:49:
38:4f:46:f5:df:a8:51:26:f6:17:a9:cf:09:f1:18:
e9:79:36:86:9b:ec:c5:61:c2:f0:00:84:24:8c:d5:
6b:09:24:bf:03:ed:79:5b:fc:43:3f:d0:0b:88:03:
82:ef:18:a9:4b:2a:fa:20:5e:39:c0:a5:f1:9b:f5:
b3:f0:fa:87:68:1c:56:62:a0:93:da:75:2f:5d:9f:
87:b9:41:05:a9:cb:fe:bd:4d:e4:9d:0e:83:08:69:
fb:8f:6a:d0:ff:66:73:44:16:45:a8:27:91:f8:f3:
7e:3b:d1:55:19:00:83:6b:f5:6f:c8:ad:34:8f:e0:
1c:bd:75:d5:47:34:31:c1:4b:80:0e:1b:11:c6:46:
63:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:22:23:46:8A:BD:97:96:F9:CA:7B:1D:E7:92:8A:FD:DD:F1:6A:25
X509v3 Authority Key Identifier:
keyid:0F:C4:F7:0A:92:D4:6A:C0:2C:8D:FE:7F:97:5B:E4:8A:BD:62:E7:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8T3CpLUasAsjf5_l1vkir1i56Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/MiIjRoq9l5b5ynsd55KK_d3xaiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/46e400-87fa-49e9-9198-65b86a035a08/1/D8T3CpLUasAsjf5_l1vkir1i56Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.136.0/21
178.19.160.0-178.19.171.255
185.75.108.0/22
185.142.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:bc:85:c7:5b:37:8e:73:d6:58:d2:fd:4c:fc:6f:50:9f:86:
a7:7b:44:1b:21:a8:e0:cf:f2:8b:8f:f0:e9:ec:20:73:4c:d8:
2e:2e:01:7a:f8:47:b9:c2:5e:18:60:77:5e:d6:cd:a2:59:d7:
aa:ef:30:ec:35:82:fb:77:24:cd:f9:b0:60:af:d5:08:1e:ea:
42:0f:38:3c:aa:04:29:24:da:ab:68:2c:85:90:f7:40:f4:30:
bb:c8:a7:de:95:b2:63:54:4e:9d:fd:f8:a3:be:8c:da:08:2c:
12:9e:98:4e:70:50:8a:bf:b7:31:43:e5:6c:85:b9:e7:9d:ac:
d5:19:d2:c5:a8:e9:3f:48:c2:ec:f9:b3:39:0f:eb:e8:ad:58:
c4:23:db:0c:63:25:d1:e6:3b:81:d2:63:b6:ba:1f:21:c2:bf:
6a:2e:5b:e2:14:a3:96:d0:96:b1:ed:31:3e:ee:08:1e:25:49:
61:4f:13:42:cb:df:df:55:88:fd:40:aa:cb:1b:36:e3:ab:b9:
78:a9:a9:ba:4a:87:1d:ab:e4:f5:94:2c:80:71:e5:5b:b3:13:
65:76:3a:01:73:0a:a1:d1:b2:e5:42:55:23:85:91:aa:d0:b1:
f0:88:11:33:ae:c6:ec:16:8c:83:fa:5b:2f:97:42:30:94:ca:
9e:7a:6d:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEM0w4WjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZmM0ZjcwYTkyZDQ2YWMwMmM4ZGZlN2Y5NzViZTQ4YWJkNjJlN2E0MB4XDTIyMDEw
MTA2NTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIyMjIzNDY4YWJk
OTc5NmY5Y2E3YjFkZTc5MjhhZmRkZGYxNmEyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqKiHZmMjHqQX/59HD5GSDwtI4tqUOEw1aLIXvKh24IDVpw
kC/HeXYGCy0LRNYoxOzGnisJgWUQdflIkkyeWQEZqG1IUSCnNIfKFG17LFA0B6G3
JBVsX1NgyRgPcT3Ehx9LFhNvFIVIEaapX4NHrL5AL2IH95lJOE9G9d+oUSb2F6nP
CfEY6Xk2hpvsxWHC8ACEJIzVawkkvwPteVv8Qz/QC4gDgu8YqUsq+iBeOcCl8Zv1
s/D6h2gcVmKgk9p1L12fh7lBBanL/r1N5J0Ogwhp+49q0P9mc0QWRagnkfjzfjvR
VRkAg2v1b8itNI/gHL111Uc0McFLgA4bEcZGY+0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQyIiNGir2XlvnKex3nkor93fFqJTAfBgNVHSMEGDAWgBQPxPcKktRqwCyN
/n+XW+SKvWLnpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Q4VDNDcExVYXNBc2pmNV9sMXZraXIxaTU2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvNDZlNDAwLTg3ZmEtNDllOS05MTk4LTY1Yjg2YTAzNWEwOC8x
L01pSWpSb3E5bDViNXluc2Q1NUtLX2QzeGFpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
NDZlNDAwLTg3ZmEtNDllOS05MTk4LTY1Yjg2YTAzNWEwOC8xL0Q4VDNDcExVYXNB
c2pmNV9sMXZraXIxaTU2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEA23oiDAMAwQFshOgAwQCshOoAwQC
uUtsAwQCuY6oMA0GCSqGSIb3DQEBCwUAA4IBAQBLvIXHWzeOc9ZY0v1M/G9Qn4an
e0QbIajgz/KLj/Dp7CBzTNguLgF6+Ee5wl4YYHde1s2iWdeq7zDsNYL7dyTN+bBg
r9UIHupCDzg8qgQpJNqraCyFkPdA9DC7yKfelbJjVE6d/fijvozaCCwSnphOcFCK
v7cxQ+VshbnnnazVGdLFqOk/SMLs+bM5D+vorVjEI9sMYyXR5juB0mO2uh8hwr9q
LlviFKOW0Jax7TE+7ggeJUlhTxNCy9/fVYj9QKrLGzbjq7l4qam6Socdq+T1lCyA
ceVbsxNldjoBcwqh0bLlQlUjhZGq0LHwiBEzrsbsFoyD+lsvl0IwlMqeem0O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:22 2024 by rpki-client on console-ams.rpki-client.org