Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/MlokCdziiR94r4XVH0iFZTBKdvM.roa
File: MlokCdziiR94r4XVH0iFZTBKdvM.roa (raw, json)
Hash identifier: FX4rvFG4UgZPgkKfazYIR3V5YBY7CcWVIyCb0YE3eEg=
Subject key identifier: 32:5A:24:09:DC:E2:89:1F:78:AF:85:D5:1F:48:85:65:30:4A:76:F3
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 30EE1128
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/MlokCdziiR94r4XVH0iFZTBKdvM.roa
Signing time: Sun 10 Apr 2022 13:33:15 +0000
ROA not before: Sun 10 Apr 2022 13:33:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 109.160.34.0/24 maxlen: 24
109.160.38.0/24 maxlen: 24
109.160.37.0/24 maxlen: 24
109.160.32.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 820908328 (0x30ee1128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Apr 10 13:33:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=325a2409dce2891f78af85d51f488565304a76f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ab:23:0b:06:6b:99:8b:62:b6:6b:51:2f:85:
d7:22:ee:97:5d:8a:b7:b1:f8:58:c8:5a:9f:e0:3c:
14:56:8a:87:b3:2a:33:4f:f8:a9:9a:34:d4:6d:79:
24:b8:2f:f4:13:18:37:b1:a9:a5:12:b9:3c:a5:d7:
53:91:06:d0:9f:09:95:bf:20:4d:5a:f7:7c:4f:f0:
93:7a:9c:33:5f:32:fe:c5:8a:fb:8c:90:34:96:3f:
38:17:f9:f4:e3:19:93:34:11:b8:be:fc:fb:fa:4f:
6a:30:71:52:7d:fd:fc:67:23:89:20:3c:87:e0:b1:
24:6c:d6:c1:e5:33:03:6a:e1:ce:aa:c8:34:3b:19:
97:16:ab:87:49:d4:26:b8:f2:f6:91:fd:ac:96:4b:
d2:03:8e:7b:6a:aa:2e:a6:be:df:85:02:82:b1:b6:
a6:eb:30:82:8c:9b:3f:8a:64:71:0e:aa:8c:c2:6c:
05:c4:3f:27:53:c7:4f:92:71:87:83:d3:eb:e8:4a:
84:9d:cf:5d:57:de:71:3e:49:18:93:ac:1d:11:70:
46:a3:b1:d3:96:91:63:12:a6:34:86:00:4e:e5:cf:
4a:b4:c0:0d:f6:f3:8d:2b:24:63:a8:16:b3:a4:a9:
3d:39:bf:1a:bb:66:bd:85:a8:66:6d:51:35:30:8b:
1a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5A:24:09:DC:E2:89:1F:78:AF:85:D5:1F:48:85:65:30:4A:76:F3
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/MlokCdziiR94r4XVH0iFZTBKdvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0/24
109.160.34.0/24
109.160.37.0-109.160.39.255
Signature Algorithm: sha256WithRSAEncryption
36:fd:ac:d8:3c:ac:0d:6c:21:67:2f:7a:b3:08:e1:56:6a:a6:
5f:c5:02:46:73:9a:35:fb:f6:e1:46:35:9c:67:fd:09:f1:f4:
c0:1e:94:e7:a2:05:56:81:02:ff:2d:90:dd:50:c6:9f:a4:f8:
c8:4b:7a:98:17:2f:3b:1c:c0:1d:42:f9:1f:6d:94:89:6a:af:
ae:46:25:00:32:fe:79:98:2f:ab:2a:34:9b:6c:41:1e:db:34:
f1:0f:f8:8e:31:d7:6a:09:e8:51:e4:85:6e:fd:a8:4c:26:ff:
d6:7a:8c:2e:46:4b:97:0e:0a:98:11:8c:04:ee:57:e2:4e:e3:
6d:f3:2a:f4:20:27:b0:bb:7b:95:19:84:d1:4f:a4:d3:d1:be:
ce:a1:c2:55:01:bb:1f:c9:d3:85:10:5a:88:ee:67:ba:c9:51:
55:22:20:61:43:33:87:8c:d9:29:56:91:ca:2f:6a:af:0e:71:
f7:56:d0:05:27:41:7f:6b:66:11:d1:6f:3e:46:bb:d1:0b:14:
2a:1e:c7:b7:77:4d:80:7a:64:17:7b:70:a4:66:f5:ba:31:c6:
c9:b5:c5:f5:84:fb:a6:a7:a9:05:48:93:8d:91:68:2b:61:82:
08:4f:2f:21:e7:4f:12:21:23:b5:08:29:42:e2:99:36:6b:a7:
93:1d:c2:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEMO4RKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjJhOGMxZDMxMTg5NTAxNjEwOGZmYmQxNDU3NWM3N2NjMjg3NzNhMB4XDTIyMDQx
MDEzMzMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI1YTI0MDlkY2Uy
ODkxZjc4YWY4NWQ1MWY0ODg1NjUzMDRhNzZmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKrIwsGa5mLYrZrUS+F1yLul12Kt7H4WMhan+A8FFaKh7Mq
M0/4qZo01G15JLgv9BMYN7GppRK5PKXXU5EG0J8Jlb8gTVr3fE/wk3qcM18y/sWK
+4yQNJY/OBf59OMZkzQRuL78+/pPajBxUn39/GcjiSA8h+CxJGzWweUzA2rhzqrI
NDsZlxarh0nUJrjy9pH9rJZL0gOOe2qqLqa+34UCgrG2puswgoybP4pkcQ6qjMJs
BcQ/J1PHT5Jxh4PT6+hKhJ3PXVfecT5JGJOsHRFwRqOx05aRYxKmNIYATuXPSrTA
DfbzjSskY6gWs6SpPTm/GrtmvYWoZm1RNTCLGq0CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBQyWiQJ3OKJH3ivhdUfSIVlMEp28zAfBgNVHSMEGDAWgBRyKowdMRiVAWEI
/70UV1x3zCh3OjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpcU1IVEVZbFFGaENQLTlGRmRjZDh3b2R6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8x
L01sb2tDZHppaVI5NHI0WFZIMGlGWlRCS2R2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
YjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8xL2NpcU1IVEVZbFFG
aENQLTlGRmRjZDh3b2R6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAG2gIAMEAG2gIjAMAwQAbaAlAwQD
baAgMA0GCSqGSIb3DQEBCwUAA4IBAQA2/azYPKwNbCFnL3qzCOFWaqZfxQJGc5o1
+/bhRjWcZ/0J8fTAHpTnogVWgQL/LZDdUMafpPjIS3qYFy87HMAdQvkfbZSJaq+u
RiUAMv55mC+rKjSbbEEe2zTxD/iOMddqCehR5IVu/ahMJv/WeowuRkuXDgqYEYwE
7lfiTuNt8yr0ICewu3uVGYTRT6TT0b7OocJVAbsfydOFEFqI7me6yVFVIiBhQzOH
jNkpVpHKL2qvDnH3VtAFJ0F/a2YR0W8+RrvRCxQqHse3d02AemQXe3CkZvW6McbJ
tcX1hPump6kFSJONkWgrYYIITy8h508SISO1CClC4pk2a6eTHcJQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:40 2023 by rpki-client on console-fra.rpki-client.org