Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/0LrmaJOHgM4rq7zuGTO9kCuxQhs.roa
File: 0LrmaJOHgM4rq7zuGTO9kCuxQhs.roa (raw, json)
Hash identifier: Ob4t+GkA/lZq6CtHTkTYGLa/Wb539HuVHw0aUnUjC60=
Subject key identifier: D0:BA:E6:68:93:87:80:CE:2B:AB:BC:EE:19:33:BD:90:2B:B1:42:1B
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 01828E05CFF496A49B5951AE3F61A6B69525
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/0LrmaJOHgM4rq7zuGTO9kCuxQhs.roa
Signing time: Thu 11 Aug 2022 17:48:41 +0000
ROA not before: Thu 11 Aug 2022 17:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 109.160.37.0/24 maxlen: 24
109.160.36.0/24 maxlen: 24
109.160.38.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
109.160.40.0/24 maxlen: 24
109.160.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8e:05:cf:f4:96:a4:9b:59:51:ae:3f:61:a6:b6:95:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 11 17:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0bae668938780ce2babbcee1933bd902bb1421b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f5:09:4c:9f:77:50:7d:ca:d0:ad:4a:c0:e5:
7b:56:48:c2:4b:58:43:e3:7a:18:6d:b9:a8:4d:62:
f3:8a:e3:3d:ad:32:a8:45:63:9a:a5:18:30:8c:4f:
25:b5:82:88:0c:c1:b2:9d:23:31:a2:8d:3b:aa:8a:
a7:b4:68:a7:65:5f:1f:12:d7:0f:99:e7:06:be:7a:
ae:13:1f:41:1a:10:4b:d3:cc:c7:f2:bf:ae:48:b5:
38:e7:60:fa:d6:b9:27:e2:3e:4e:d5:a1:a0:11:14:
6a:05:e5:be:ef:82:a2:8e:12:2a:4d:0b:b9:aa:da:
7b:97:ac:67:17:b5:95:b8:de:34:86:9d:ec:72:dd:
b2:ad:3e:29:39:1d:44:b8:2d:06:5a:9b:93:64:60:
ea:96:74:7f:1c:c2:bc:ef:71:3b:ab:e6:17:24:1c:
50:a1:cc:c7:2b:b1:35:4e:7e:6c:8a:bc:24:cf:64:
8b:61:1a:fd:88:8e:54:8a:13:dc:08:4b:ea:5d:bb:
02:83:29:e9:7c:ad:46:e7:ef:21:ea:9c:55:6a:03:
3a:9d:88:dc:70:ae:ce:96:ff:2b:cf:95:85:21:81:
2c:e0:e6:e2:e1:98:a4:67:c6:4e:21:c0:c9:91:7a:
6f:b5:51:35:93:46:88:4b:00:55:90:9a:98:90:4a:
3c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BA:E6:68:93:87:80:CE:2B:AB:BC:EE:19:33:BD:90:2B:B1:42:1B
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/0LrmaJOHgM4rq7zuGTO9kCuxQhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.36.0-109.160.41.255
Signature Algorithm: sha256WithRSAEncryption
a2:00:c0:bc:dc:5a:cd:02:32:4a:06:19:70:ec:18:2f:c3:79:
54:cd:44:5e:42:a5:44:11:ce:e7:b6:67:9d:ea:f6:74:e4:69:
38:ad:b1:da:cb:57:2a:b9:c4:5f:9a:8b:b3:7f:c0:0a:56:69:
1a:3b:80:77:5e:09:81:11:89:18:6c:26:95:f3:a5:71:1d:2e:
2e:01:1f:d4:68:15:ec:ad:cf:4a:0f:49:a4:a4:4a:89:0d:d5:
f8:e8:80:ad:b0:10:ab:89:58:3b:7c:67:45:1e:e2:b7:cd:d6:
56:98:00:3f:c7:fa:01:ae:73:50:71:63:01:a7:33:fe:80:44:
71:a7:51:8b:96:39:2a:e4:26:e0:6b:f5:3a:60:6a:bb:30:49:
20:3f:c2:d9:9a:39:28:3a:3c:60:da:7d:dc:ba:4c:8f:07:20:
f2:93:39:e4:d7:ef:2c:1f:d7:ff:94:f7:a7:6f:24:97:88:9e:
c5:b8:40:57:0b:ab:ae:7c:3c:ba:7b:3d:6a:99:76:73:09:28:
0f:3b:d7:3f:62:63:01:56:c6:90:e7:2d:63:8f:8e:33:5e:f9:
6e:54:10:25:33:2e:8e:0a:ce:6c:61:64:00:75:b0:81:c0:45:
f3:bd:2f:c2:a8:a5:76:0f:76:b6:52:fa:9b:0d:96:50:40:94:
a1:6f:a5:6a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYKOBc/0lqSbWVGuP2GmtpUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwODExMTc0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGJhZTY2ODkzODc4MGNlMmJhYmJjZWUxOTMzYmQ5MDJiYjE0MjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPUJTJ93UH3K0K1KwOV7VkjCS1hD
43oYbbmoTWLziuM9rTKoRWOapRgwjE8ltYKIDMGynSMxoo07qoqntGinZV8fEtcP
mecGvnquEx9BGhBL08zH8r+uSLU452D61rkn4j5O1aGgERRqBeW+74KijhIqTQu5
qtp7l6xnF7WVuN40hp3sct2yrT4pOR1EuC0GWpuTZGDqlnR/HMK873E7q+YXJBxQ
oczHK7E1Tn5sirwkz2SLYRr9iI5UihPcCEvqXbsCgynpfK1G5+8h6pxVagM6nYjc
cK7Olv8rz5WFIYEs4Obi4ZikZ8ZOIcDJkXpvtVE1k0aISwBVkJqYkEo8lQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNC65miTh4DOK6u87hkzvZArsUIbMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvMExybWFKT0hnTTRycTd6dUdUTzlrQ3V4UWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJtoCQD
BAFtoCgwDQYJKoZIhvcNAQELBQADggEBAKIAwLzcWs0CMkoGGXDsGC/DeVTNRF5C
pUQRzue2Z53q9nTkaTitsdrLVyq5xF+ai7N/wApWaRo7gHdeCYERiRhsJpXzpXEd
Li4BH9RoFeytz0oPSaSkSokN1fjogK2wEKuJWDt8Z0Ue4rfN1laYAD/H+gGuc1Bx
YwGnM/6ARHGnUYuWOSrkJuBr9TpgarswSSA/wtmaOSg6PGDafdy6TI8HIPKTOeTX
7ywf1/+U96dvJJeInsW4QFcLq658PLp7PWqZdnMJKA871z9iYwFWxpDnLWOPjjNe
+W5UECUzLo4KzmxhZAB1sIHARfO9L8KopXYPdrZS+psNllBAlKFvpWo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org