Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/ComkMkjzSfUCzG2Y3_oa79njeRM.roa
File: ComkMkjzSfUCzG2Y3_oa79njeRM.roa (raw, json)
Hash identifier: +uFN0+NkTalN4xpzjSebmx1W9o761/N4JUK/vZBRy/0=
Subject key identifier: 0A:89:A4:32:48:F3:49:F5:02:CC:6D:98:DF:FA:1A:EF:D9:E3:79:13
Certificate issuer: /CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Certificate serial: 013519DF
Authority key identifier: 5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/ComkMkjzSfUCzG2Y3_oa79njeRM.roa
Signing time: Fri 25 Mar 2022 08:11:50 +0000
ROA not before: Fri 25 Mar 2022 08:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29622
IP address blocks: 109.160.24.0/24 maxlen: 24
109.160.24.0/21 maxlen: 21
109.160.24.0/22 maxlen: 22
109.160.30.0/24 maxlen: 24
109.160.29.0/24 maxlen: 24
109.160.31.0/24 maxlen: 24
109.160.26.0/24 maxlen: 24
109.160.25.0/24 maxlen: 24
109.160.28.0/24 maxlen: 24
109.160.28.0/22 maxlen: 22
109.160.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20257247 (0x13519df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Validity
Not Before: Mar 25 08:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a89a43248f349f502cc6d98dffa1aefd9e37913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a1:5e:60:26:e2:19:58:64:b3:0c:ea:94:f9:
1b:a8:45:4b:5e:eb:57:8e:85:3c:38:58:df:4b:d0:
ea:ee:f4:35:7a:1c:11:80:a8:16:cb:5b:f8:d3:da:
86:24:45:e1:ec:34:7b:76:2a:1a:77:de:ae:47:53:
19:8e:ba:c8:f3:20:ea:b6:7d:71:ae:f7:8d:89:8b:
e0:ba:86:c3:25:7f:22:69:aa:9f:e8:93:d6:13:ed:
44:02:f1:ff:b3:35:a6:93:08:19:c5:44:2b:89:45:
d3:c7:46:82:8a:23:05:09:1f:ab:d4:d0:70:89:f3:
5b:0d:4f:2a:2a:62:73:00:52:fd:c3:03:63:ee:e8:
f7:0a:61:60:8c:2e:28:fe:c1:90:45:0d:ee:25:0a:
89:75:58:0a:f2:c4:13:2c:0d:90:f4:93:5a:b3:4e:
a3:be:8e:f7:77:7f:e4:cf:e0:9b:ea:96:68:e6:a6:
d5:7e:b1:19:22:dc:bc:9f:16:94:0a:e3:1e:5f:ed:
f1:65:09:a7:48:46:bb:47:a7:86:47:86:f9:01:d3:
8e:7e:cb:7f:ae:7c:5c:65:6f:75:a6:b3:ac:5c:f4:
38:f6:d2:7d:89:40:92:1e:86:5f:7a:6b:31:2c:30:
03:5a:dd:c4:b2:88:86:28:d6:c7:f0:1b:20:47:b9:
3a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:89:A4:32:48:F3:49:F5:02:CC:6D:98:DF:FA:1A:EF:D9:E3:79:13
X509v3 Authority Key Identifier:
keyid:5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/ComkMkjzSfUCzG2Y3_oa79njeRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/XYjk96MCQSwxaju1mc3SBCtf9IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.24.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:d9:1c:a3:e3:f6:ff:9a:c0:31:81:93:53:0d:18:4b:73:4d:
03:16:38:b1:6c:5e:cb:fa:d7:49:4f:88:5e:cb:06:b1:a9:d9:
7c:91:5e:f1:cf:e2:b1:a5:23:56:b8:c3:51:01:fa:74:e6:f1:
43:7b:c8:cd:10:2c:69:c7:15:bd:c0:b1:72:ac:21:e5:2f:87:
3c:57:45:2f:71:1f:4d:0a:71:5d:2c:40:78:a4:2a:93:d2:d9:
90:fe:14:d0:4a:43:2c:18:67:a7:53:2e:56:9d:bd:06:16:8c:
14:23:03:c4:db:9a:a1:d5:95:90:e7:1f:9c:05:81:fb:dd:8e:
9f:74:18:18:95:4d:e9:fe:89:ea:20:71:11:a8:2a:4f:2d:ce:
8b:ad:7c:7c:75:0b:d0:30:93:a0:09:b3:00:f9:e2:3e:c5:82:
37:52:d4:c2:61:92:ec:3b:25:6d:ab:20:17:51:30:65:1a:0d:
bd:7c:41:87:db:47:bd:7e:bf:d0:d1:bb:da:33:35:af:0d:78:
f4:95:83:13:26:f1:da:dc:e6:72:cf:b3:53:0f:13:0d:2f:8f:
a2:4d:4c:4f:9a:08:57:db:e4:22:b0:d2:2f:53:5d:1e:c4:0c:
87:70:06:58:a8:96:b7:7c:36:b8:25:12:8f:5e:5d:9f:d0:cf:
e2:2d:8c:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATUZ3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDg4ZTRmN2EzMDI0MTJjMzE2YTNiYjU5OWNkZDIwNDJiNWZmNDg1MB4XDTIyMDMy
NTA4MTE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE4OWE0MzI0OGYz
NDlmNTAyY2M2ZDk4ZGZmYTFhZWZkOWUzNzkxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOShXmAm4hlYZLMM6pT5G6hFS17rV46FPDhY30vQ6u70NXoc
EYCoFstb+NPahiRF4ew0e3YqGnferkdTGY66yPMg6rZ9ca73jYmL4LqGwyV/Immq
n+iT1hPtRALx/7M1ppMIGcVEK4lF08dGgoojBQkfq9TQcInzWw1PKipicwBS/cMD
Y+7o9wphYIwuKP7BkEUN7iUKiXVYCvLEEywNkPSTWrNOo76O93d/5M/gm+qWaOam
1X6xGSLcvJ8WlArjHl/t8WUJp0hGu0enhkeG+QHTjn7Lf658XGVvdaazrFz0OPbS
fYlAkh6GX3prMSwwA1rdxLKIhijWx/AbIEe5OqsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKiaQySPNJ9QLMbZjf+hrv2eN5EzAfBgNVHSMEGDAWgBRdiOT3owJBLDFq
O7WZzdIEK1/0hTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hZams5Nk1DUVN3eGFqdTFtYzNTQkN0ZjlJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzYwYzBmLTEyYWItNDgzZC04Y2RiLTU3ZTFkNWI3MmIyZC8x
L0NvbWtNa2p6U2ZVQ3pHMlkzX29hNzluamVSTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzYwYzBmLTEyYWItNDgzZC04Y2RiLTU3ZTFkNWI3MmIyZC8xL1hZams5Nk1DUVN3
eGFqdTFtYzNTQkN0ZjlJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA22gGDANBgkqhkiG9w0BAQsFAAOC
AQEAH9kco+P2/5rAMYGTUw0YS3NNAxY4sWxey/rXSU+IXssGsanZfJFe8c/isaUj
VrjDUQH6dObxQ3vIzRAsaccVvcCxcqwh5S+HPFdFL3EfTQpxXSxAeKQqk9LZkP4U
0EpDLBhnp1MuVp29BhaMFCMDxNuaodWVkOcfnAWB+92On3QYGJVN6f6J6iBxEagq
Ty3Oi618fHUL0DCToAmzAPniPsWCN1LUwmGS7DslbasgF1EwZRoNvXxBh9tHvX6/
0NG72jM1rw149JWDEybx2tzmcs+zUw8TDS+Pok1MT5oIV9vkIrDSL1NdHsQMh3AG
WKiWt3w2uCUSj15dn9DP4i2MBA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:57 2025 by rpki-client