Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ctdI6zw_cJRosD1knetDU0ILblQ.roa
File: ctdI6zw_cJRosD1knetDU0ILblQ.roa (raw, json)
Hash identifier: RCwpzG+JILePUE7wnuCbRPqFuBAGyuQ4jaj4LrsDslI=
Subject key identifier: 72:D7:48:EB:3C:3F:70:94:68:B0:3D:64:9D:EB:43:53:42:0B:6E:54
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0183F4E8FA6BE876AAAFEC7562C32513A20A
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ctdI6zw_cJRosD1knetDU0ILblQ.roa
Signing time: Thu 20 Oct 2022 10:20:52 +0000
ROA not before: Thu 20 Oct 2022 10:20:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48359
IP address blocks: 185.126.42.0/23 maxlen: 23
109.232.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:e8:fa:6b:e8:76:aa:af:ec:75:62:c3:25:13:a2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 20 10:20:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72d748eb3c3f709468b03d649deb4353420b6e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:28:50:82:f9:b1:b9:9b:95:ab:1f:08:1d:c5:
00:2d:c0:76:68:f4:aa:cf:ee:66:fb:93:0d:74:df:
08:c5:8c:77:e9:ae:c0:3d:fe:0e:51:78:06:e8:b7:
75:c1:d2:41:7c:a9:78:95:77:c1:e3:0d:72:d4:fe:
d6:5b:8e:23:ba:ad:99:1e:ab:13:8a:60:3b:bb:5e:
9d:0f:17:29:5e:bb:47:26:1c:26:fb:9d:ef:a7:15:
2e:8d:1f:17:7c:ef:5f:c4:bf:bd:a1:2a:4d:df:8a:
fd:e2:7d:c1:0c:75:3a:55:4b:7a:f6:78:66:89:ea:
ff:c5:2e:66:7e:aa:0b:b3:c7:83:4f:8b:b0:9e:95:
84:09:5e:b0:9c:a1:1f:26:ef:c3:95:d0:36:b0:fb:
ec:2f:32:7b:98:54:9d:ad:a7:ff:d6:f1:31:7c:4b:
27:9c:0a:37:b9:10:22:e8:ca:9b:90:e7:a4:ea:98:
ed:ca:db:17:9e:31:e4:b6:94:2a:fb:05:e8:e9:ea:
71:4d:2b:7e:0f:86:9e:f3:d9:29:f1:17:86:a9:92:
e8:43:cb:ec:7f:0a:97:17:b8:b3:a6:50:62:b5:1c:
6b:f5:ce:a3:19:d7:52:90:1d:02:50:7a:eb:aa:22:
b1:1b:05:c7:1a:60:52:25:e7:15:cf:ff:b9:bf:75:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D7:48:EB:3C:3F:70:94:68:B0:3D:64:9D:EB:43:53:42:0B:6E:54
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ctdI6zw_cJRosD1knetDU0ILblQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.5.0/24
185.126.42.0/23
Signature Algorithm: sha256WithRSAEncryption
20:87:7c:75:f9:aa:09:1d:1d:53:ec:e8:26:2f:cc:e5:be:a2:
2f:35:23:c2:50:79:7e:29:e1:65:96:2c:6c:46:5c:26:d4:97:
7b:94:72:a1:99:c6:11:bb:b0:52:bc:fb:eb:9d:48:4d:f1:b1:
d6:75:9b:cb:81:22:85:22:ed:fd:c5:2c:f9:5b:d9:5f:ca:2c:
e3:56:2e:c8:22:ba:dc:8f:6e:fd:74:6d:c1:53:92:c4:5c:1b:
9f:ef:ff:40:a2:5c:05:5f:1e:ed:f1:60:c3:01:e6:08:93:c2:
2f:15:dc:fe:31:02:98:79:88:6e:84:cb:c9:b4:c3:d2:cc:3d:
31:e3:c6:9d:1a:5e:fa:1b:17:2b:66:20:75:54:a0:f8:1b:33:
13:2f:3b:80:7f:4a:13:40:30:59:72:85:f1:29:c7:07:74:39:
a7:47:4a:80:36:82:65:86:55:6a:c2:da:0a:f3:74:0e:d4:f6:
a4:f9:1d:fd:3d:ad:9f:a2:81:79:1f:52:c9:05:0d:2f:6b:18:
64:cc:f1:47:52:18:a1:aa:8a:3e:fa:9b:20:91:f8:e1:cd:4b:
8a:aa:4a:71:de:85:e0:ad:24:be:79:47:ec:cc:60:b8:08:7c:
c5:ad:67:33:b3:ed:45:d4:27:98:36:8a:29:1c:ff:27:c7:4c:
0f:78:6a:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP06Ppr6Haqr+x1YsMlE6IKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIxMDIwMTAyMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ3NDhlYjNjM2Y3MDk0NjhiMDNkNjQ5ZGViNDM1MzQyMGI2ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlChQgvmxuZuVqx8IHcUALcB2aPSq
z+5m+5MNdN8IxYx36a7APf4OUXgG6Ld1wdJBfKl4lXfB4w1y1P7WW44juq2ZHqsT
imA7u16dDxcpXrtHJhwm+53vpxUujR8XfO9fxL+9oSpN34r94n3BDHU6VUt69nhm
ier/xS5mfqoLs8eDT4uwnpWECV6wnKEfJu/DldA2sPvsLzJ7mFSdraf/1vExfEsn
nAo3uRAi6MqbkOek6pjtytsXnjHktpQq+wXo6epxTSt+D4ae89kp8ReGqZLoQ8vs
fwqXF7izplBitRxr9c6jGddSkB0CUHrrqiKxGwXHGmBSJecVz/+5v3XKNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLXSOs8P3CUaLA9ZJ3rQ1NCC25UMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvY3RkSTZ6d19jSlJvc0Qxa25ldERVMElMYmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbegFAwQB
uX4qMA0GCSqGSIb3DQEBCwUAA4IBAQAgh3x1+aoJHR1T7OgmL8zlvqIvNSPCUHl+
KeFllixsRlwm1Jd7lHKhmcYRu7BSvPvrnUhN8bHWdZvLgSKFIu39xSz5W9lfyizj
Vi7IIrrcj279dG3BU5LEXBuf7/9AolwFXx7t8WDDAeYIk8IvFdz+MQKYeYhuhMvJ
tMPSzD0x48adGl76GxcrZiB1VKD4GzMTLzuAf0oTQDBZcoXxKccHdDmnR0qANoJl
hlVqwtoK83QO1Pak+R39Pa2fooF5H1LJBQ0vaxhkzPFHUhihqoo++psgkfjhzUuK
qkpx3oXgrSS+eUfszGC4CHzFrWczs+1F1CeYNoopHP8nx0wPeGr/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org