Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/SEjzgRYVT9KQS61_SBqnTYd606E.roa
File: SEjzgRYVT9KQS61_SBqnTYd606E.roa (raw, json)
Hash identifier: OvpxSry6ydFwbSzT7cNaBKtmIGiAG2y2NmEhvhNVXgk=
Subject key identifier: 48:48:F3:81:16:15:4F:D2:90:4B:AD:7F:48:1A:A7:4D:87:7A:D3:A1
Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4
Certificate serial: 018534B3B560EE4133D23969DA351BAABA33
Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/SEjzgRYVT9KQS61_SBqnTYd606E.roa
Signing time: Wed 21 Dec 2022 12:41:10 +0000
ROA not before: Wed 21 Dec 2022 12:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42346
IP address blocks: 109.106.32.0/21 maxlen: 21
2a00:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:b3:b5:60:ee:41:33:d2:39:69:da:35:1b:aa:ba:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4
Validity
Not Before: Dec 21 12:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4848f38116154fd2904bad7f481aa74d877ad3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:08:03:5b:39:9f:61:95:0e:68:d5:65:d0:
c6:d9:8c:01:7c:95:3a:fc:99:d6:90:01:48:d8:77:
68:fb:f5:e0:4c:08:b4:8d:51:35:3b:1a:33:e5:c4:
2f:f4:d0:9d:89:1e:07:53:5f:20:5e:9b:b8:24:9b:
1e:f8:2d:b9:8c:3d:dc:c3:0b:a0:6a:a7:29:0f:26:
ff:8e:68:b5:23:b3:92:be:74:0f:b2:1d:14:53:fe:
9c:88:63:e3:45:46:d5:e0:47:0a:1a:1a:bd:b8:ad:
04:22:5f:9e:96:ba:07:61:fa:bb:b8:f0:bb:75:5a:
a2:c3:c4:b5:72:c3:c3:f2:90:69:85:0a:ac:9b:e6:
11:01:bd:88:c7:ca:03:09:eb:b5:52:69:74:76:bc:
ba:04:94:ac:c1:a0:6c:62:8e:ee:97:af:94:21:ea:
38:d4:c0:65:d0:89:3e:2f:9a:71:0a:da:d6:65:05:
48:d2:e2:58:f0:2c:69:9a:7a:c0:b7:c8:1b:d7:d1:
44:ec:73:11:08:53:dc:ae:87:c8:84:30:e5:cf:0a:
68:62:a7:5b:d5:b3:29:11:06:3a:2c:b8:85:0e:6a:
e2:39:1e:db:09:99:8a:e2:60:86:bd:f3:93:0d:30:
62:a3:b5:39:6d:ad:f9:de:e2:f4:af:c1:05:40:4d:
52:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:48:F3:81:16:15:4F:D2:90:4B:AD:7F:48:1A:A7:4D:87:7A:D3:A1
X509v3 Authority Key Identifier:
keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/SEjzgRYVT9KQS61_SBqnTYd606E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.32.0/21
IPv6:
2a00:5480::/29
Signature Algorithm: sha256WithRSAEncryption
4a:58:7a:2a:03:f4:17:d0:fa:85:fb:a8:ea:c5:9d:6e:47:60:
27:12:e1:bf:3b:aa:d7:1e:a7:76:16:13:0b:6c:ba:eb:cc:44:
e7:6c:fd:4b:49:d2:58:b1:db:2f:3a:d1:a3:cc:bd:2c:96:29:
db:4b:96:93:5b:81:4b:18:54:a0:20:dc:05:9d:69:08:bd:d2:
54:49:48:13:b1:af:4f:10:83:0b:68:80:a9:e0:65:32:b8:95:
ad:ed:02:fd:26:12:d3:ef:59:0f:de:d0:f3:58:26:7f:f1:b7:
52:d3:79:33:ea:a0:97:74:d6:a2:e4:ad:8f:13:16:9c:b6:48:
14:d9:aa:0b:cc:ce:ff:76:54:c8:14:99:9d:ed:c4:84:24:44:
3b:02:3b:bd:70:bd:ff:04:3a:29:2f:fd:6f:2c:95:92:66:cd:
c6:8b:1f:a7:13:49:13:d4:b9:88:de:2d:8f:78:99:49:54:00:
e2:36:6a:2d:d9:e7:53:5a:ee:0b:ba:b4:9f:0a:63:25:47:fa:
39:3b:57:af:0a:a7:fb:e1:f7:1f:0a:76:63:98:73:5d:3f:00:
5b:10:6d:79:2e:96:ea:29:35:b2:94:bf:38:67:ba:46:df:16:
a5:48:c6:86:e3:12:e3:5c:5c:3e:2a:1b:c7:1d:61:ac:5f:b0:
75:31:d8:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYU0s7Vg7kEz0jlp2jUbqrozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz
ZmZhZjQwHhcNMjIxMjIxMTI0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQ4ZjM4MTE2MTU0ZmQyOTA0YmFkN2Y0ODFhYTc0ZDg3N2FkM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmUIA1s5n2GVDmjVZdDG2YwBfJU6
/JnWkAFI2Hdo+/XgTAi0jVE1Oxoz5cQv9NCdiR4HU18gXpu4JJse+C25jD3cwwug
aqcpDyb/jmi1I7OSvnQPsh0UU/6ciGPjRUbV4EcKGhq9uK0EIl+elroHYfq7uPC7
dVqiw8S1csPD8pBphQqsm+YRAb2Ix8oDCeu1Uml0dry6BJSswaBsYo7ul6+UIeo4
1MBl0Ik+L5pxCtrWZQVI0uJY8CxpmnrAt8gb19FE7HMRCFPcrofIhDDlzwpoYqdb
1bMpEQY6LLiFDmriOR7bCZmK4mCGvfOTDTBio7U5ba353uL0r8EFQE1SOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEhI84EWFU/SkEutf0gap02HetOhMB8GA1UdIwQY
MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt
MjI2OGU5N2E4YmMxLzEvU0VqemdSWVZUOUtRUzYxX1NCcW5UWWQ2MDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx
LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbWogMA0E
AgACMAcDBQMqAFSAMA0GCSqGSIb3DQEBCwUAA4IBAQBKWHoqA/QX0PqF+6jqxZ1u
R2AnEuG/O6rXHqd2FhMLbLrrzETnbP1LSdJYsdsvOtGjzL0slinbS5aTW4FLGFSg
INwFnWkIvdJUSUgTsa9PEIMLaICp4GUyuJWt7QL9JhLT71kP3tDzWCZ/8bdS03kz
6qCXdNai5K2PExactkgU2aoLzM7/dlTIFJmd7cSEJEQ7Aju9cL3/BDopL/1vLJWS
Zs3Gix+nE0kT1LmI3i2PeJlJVADiNmot2edTWu4LurSfCmMlR/o5O1evCqf74fcf
CnZjmHNdPwBbEG15LpbqKTWylL84Z7pG3xalSMaG4xLjXFw+KhvHHWGsX7B1Mdj+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:26 2024 by rpki-client on console-ams.rpki-client.org