Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/fkPJJS5YEV585jQ4XuguNfOqQik.roa
File: fkPJJS5YEV585jQ4XuguNfOqQik.roa (raw, json)
Hash identifier: kgRpepgpriNs2zwxmPVYjRK2S3KbECz4eDVizMrIOIA=
Subject key identifier: 7E:43:C9:25:2E:58:11:5E:7C:E6:34:38:5E:E8:2E:35:F3:AA:42:29
Certificate issuer: /CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Certificate serial: 0133523C
Authority key identifier: 5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/fkPJJS5YEV585jQ4XuguNfOqQik.roa
Signing time: Thu 24 Mar 2022 09:59:24 +0000
ROA not before: Thu 24 Mar 2022 09:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29622
IP address blocks: 109.160.24.0/24 maxlen: 24
109.160.24.0/21 maxlen: 21
109.160.30.0/24 maxlen: 24
109.160.29.0/24 maxlen: 24
109.160.31.0/24 maxlen: 24
109.160.26.0/24 maxlen: 24
109.160.25.0/24 maxlen: 24
109.160.28.0/24 maxlen: 24
109.160.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20140604 (0x133523c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d88e4f7a302412c316a3bb599cdd2042b5ff485
Validity
Not Before: Mar 24 09:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e43c9252e58115e7ce634385ee82e35f3aa4229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:77:39:55:27:a9:62:d4:ef:69:94:17:bf:e6:
bb:45:26:2d:24:8d:bc:ac:48:81:54:50:a2:f7:f1:
00:51:19:97:e4:71:be:ae:a3:7b:bd:1a:87:b1:2c:
7e:f5:0a:1b:fb:c8:8d:a5:c4:e3:5a:44:12:60:c3:
ee:56:29:fb:7e:9a:30:b2:ac:8c:65:fc:d0:b0:0c:
59:33:08:9f:bc:08:0a:85:cc:31:68:c5:c9:eb:11:
f6:2f:35:fe:af:51:e7:5e:cd:5f:f6:e7:01:4c:0d:
1a:56:09:23:21:be:24:fb:b9:b4:5e:ec:0f:25:e5:
86:98:59:21:1a:53:cc:1d:a0:10:b6:fb:d4:06:4c:
a4:73:b5:87:ab:96:f8:4b:a4:ca:4a:00:54:59:28:
01:ad:e3:9a:57:a6:73:98:1e:36:17:ba:3e:df:38:
92:9d:08:a5:76:e4:b3:09:57:60:0f:32:1e:b7:86:
68:a0:4b:c3:25:f6:65:dc:fc:35:24:af:a9:83:9b:
97:f4:9e:49:81:2f:ba:e1:3b:93:53:1c:e3:d4:ab:
50:2f:35:7a:8a:a2:c1:f7:f4:ab:61:97:82:cb:10:
7d:4d:17:e9:53:bb:93:b5:5b:ad:1e:93:73:d9:a0:
40:44:3c:e7:1d:f6:8d:ec:c5:0a:19:b6:7b:35:c6:
c8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:43:C9:25:2E:58:11:5E:7C:E6:34:38:5E:E8:2E:35:F3:AA:42:29
X509v3 Authority Key Identifier:
keyid:5D:88:E4:F7:A3:02:41:2C:31:6A:3B:B5:99:CD:D2:04:2B:5F:F4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYjk96MCQSwxaju1mc3SBCtf9IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/fkPJJS5YEV585jQ4XuguNfOqQik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/760c0f-12ab-483d-8cdb-57e1d5b72b2d/1/XYjk96MCQSwxaju1mc3SBCtf9IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.24.0/21
Signature Algorithm: sha256WithRSAEncryption
56:4a:75:dc:1b:e3:1e:dd:9d:52:cc:c7:f2:b7:ca:b6:a3:3a:
91:26:24:ba:07:ba:ae:59:14:8d:86:f5:0d:35:3b:df:54:9a:
96:72:60:e0:5b:db:28:7e:54:b4:a0:34:b5:52:7e:d3:52:2a:
01:b9:2f:ea:3c:6e:55:97:50:99:03:e3:cd:20:4e:ff:57:e7:
d5:a5:5a:d0:67:63:7a:db:5b:f2:06:40:db:3c:6e:1d:df:e7:
55:95:d1:6d:83:e9:9a:a9:02:2e:b3:a7:41:de:06:7f:4c:4c:
11:89:aa:be:5f:06:9e:cc:d9:b2:ad:f6:87:60:a8:a1:29:fb:
00:4f:d7:ea:ab:cb:71:20:7f:70:59:27:4e:8f:34:e7:1b:a2:
19:c7:0b:5f:28:36:78:b8:4a:7b:a5:6b:92:f3:b6:92:d9:89:
20:2b:30:de:35:14:0f:02:ee:f1:4f:92:e8:d4:fe:93:89:2d:
c8:8b:b9:e7:4b:79:aa:a3:8b:2a:58:3f:23:5f:d8:b7:85:5b:
c2:87:8b:73:69:d7:17:8a:f3:cd:b3:59:34:b1:6a:7f:a8:1a:
e6:08:a3:2c:c2:3a:cb:3d:f8:16:5b:08:60:1a:32:02:bb:db:
80:a3:71:40:58:8b:7c:0d:d2:35:e1:7b:34:32:a2:a9:43:c4:
a4:ef:7f:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATNSPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDg4ZTRmN2EzMDI0MTJjMzE2YTNiYjU5OWNkZDIwNDJiNWZmNDg1MB4XDTIyMDMy
NDA5NTkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U0M2M5MjUyZTU4
MTE1ZTdjZTYzNDM4NWVlODJlMzVmM2FhNDIyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM13OVUnqWLU72mUF7/mu0UmLSSNvKxIgVRQovfxAFEZl+Rx
vq6je70ah7EsfvUKG/vIjaXE41pEEmDD7lYp+36aMLKsjGX80LAMWTMIn7wICoXM
MWjFyesR9i81/q9R517NX/bnAUwNGlYJIyG+JPu5tF7sDyXlhphZIRpTzB2gELb7
1AZMpHO1h6uW+EukykoAVFkoAa3jmlemc5geNhe6Pt84kp0IpXbkswlXYA8yHreG
aKBLwyX2Zdz8NSSvqYObl/SeSYEvuuE7k1Mc49SrUC81eoqiwff0q2GXgssQfU0X
6VO7k7VbrR6Tc9mgQEQ85x32jezFChm2ezXGyKMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR+Q8klLlgRXnzmNDhe6C4186pCKTAfBgNVHSMEGDAWgBRdiOT3owJBLDFq
O7WZzdIEK1/0hTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hZams5Nk1DUVN3eGFqdTFtYzNTQkN0ZjlJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvNzYwYzBmLTEyYWItNDgzZC04Y2RiLTU3ZTFkNWI3MmIyZC8x
L2ZrUEpKUzVZRVY1ODVqUTRYdWd1TmZPcVFpay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
NzYwYzBmLTEyYWItNDgzZC04Y2RiLTU3ZTFkNWI3MmIyZC8xL1hZams5Nk1DUVN3
eGFqdTFtYzNTQkN0ZjlJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA22gGDANBgkqhkiG9w0BAQsFAAOC
AQEAVkp13BvjHt2dUszH8rfKtqM6kSYkuge6rlkUjYb1DTU731SalnJg4FvbKH5U
tKA0tVJ+01IqAbkv6jxuVZdQmQPjzSBO/1fn1aVa0Gdjettb8gZA2zxuHd/nVZXR
bYPpmqkCLrOnQd4Gf0xMEYmqvl8GnszZsq32h2CooSn7AE/X6qvLcSB/cFknTo80
5xuiGccLXyg2eLhKe6VrkvO2ktmJICsw3jUUDwLu8U+S6NT+k4ktyIu550t5qqOL
Klg/I1/Yt4VbwoeLc2nXF4rzzbNZNLFqf6ga5gijLMI6yz34FlsIYBoyArvbgKNx
QFiLfA3SNeF7NDKiqUPEpO9/og==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:45 2025 by rpki-client