Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/SdGiQmwiT4FYym8qc8_YgswMvnI.roa
File: SdGiQmwiT4FYym8qc8_YgswMvnI.roa (raw, json)
Hash identifier: XBXllI4+G1agIYZyp63ha9mtsrruxiBCoJAwF/7fnIg=
Subject key identifier: 49:D1:A2:42:6C:22:4F:81:58:CA:6F:2A:73:CF:D8:82:CC:0C:BE:72
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0182637C30D187CFAC64273469307865B725
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/SdGiQmwiT4FYym8qc8_YgswMvnI.roa
Signing time: Wed 03 Aug 2022 11:34:19 +0000
ROA not before: Wed 03 Aug 2022 11:34:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.160.33.0/24 maxlen: 24
109.160.32.0/24 maxlen: 24
109.160.35.0/24 maxlen: 24
109.160.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:7c:30:d1:87:cf:ac:64:27:34:69:30:78:65:b7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 3 11:34:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49d1a2426c224f8158ca6f2a73cfd882cc0cbe72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fe:ef:51:3f:b0:df:84:56:b9:8a:c7:aa:f5:
9d:db:8c:cf:25:c3:b5:a7:fd:9c:f1:e1:5c:4c:6c:
5a:a8:d6:e5:d6:5c:a0:57:a7:18:aa:6b:47:77:ca:
cb:c8:df:e7:6d:d3:b3:3c:dc:15:80:4b:49:14:88:
eb:4a:39:32:b8:ca:cf:2e:6a:92:86:5e:14:16:8e:
17:dc:bc:d6:df:17:95:71:39:7c:b3:58:52:a4:bc:
ef:95:19:50:79:65:80:d3:8d:45:a0:08:ef:e9:41:
76:a0:7f:82:97:fc:c6:8d:ce:31:1c:78:5e:7a:4f:
15:94:1c:9a:2d:d5:2b:50:d6:2d:bb:27:f3:49:0d:
02:44:c4:81:66:ee:47:f5:86:fe:c5:b9:a7:6d:89:
0c:d9:4e:46:ac:e1:c6:34:92:c3:f4:15:cb:73:97:
1b:4e:ba:6c:8a:68:56:72:32:90:48:ff:8b:a7:22:
da:cc:fc:c3:3e:57:ca:09:99:43:83:5f:e4:f4:73:
ee:10:eb:6f:e3:32:e1:cb:24:2b:8a:56:58:99:06:
08:b5:22:c0:c8:fa:3e:70:77:fa:df:72:84:b4:fb:
aa:26:8e:49:92:19:6b:77:e5:29:fd:1e:8f:30:c8:
17:9a:ba:b0:48:7f:9d:b4:54:91:53:d5:d4:27:3b:
70:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D1:A2:42:6C:22:4F:81:58:CA:6F:2A:73:CF:D8:82:CC:0C:BE:72
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/SdGiQmwiT4FYym8qc8_YgswMvnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:dc:b7:cf:e4:4f:17:dd:23:68:1e:36:dc:09:ae:4d:d6:6c:
62:56:91:93:54:ae:fe:44:14:8a:f1:b8:c6:07:f0:e2:d2:3e:
5f:ad:22:69:5a:89:b7:4a:67:77:95:38:64:52:9d:b2:e8:5f:
e4:e9:d3:07:c5:a1:10:dc:60:7d:58:fc:c6:e8:79:e1:7c:4d:
bb:cc:52:fb:de:a7:77:c8:3b:4e:b1:80:03:5b:ba:fc:6d:bf:
59:89:20:2a:d3:d6:36:05:81:8d:53:1d:94:2c:5b:bb:7a:51:
69:54:44:31:88:50:25:43:a9:75:54:94:55:c0:47:00:2f:0d:
e3:b9:99:dd:7c:5b:02:96:5e:bb:d4:4a:2a:4d:bd:df:b6:fb:
cd:f8:23:0c:81:25:11:0b:97:d7:24:a4:bd:6b:69:55:d8:20:
dd:de:24:ce:bc:7d:5f:cb:6d:ab:2d:2b:42:69:6b:78:d4:12:
bf:4c:30:2b:00:46:29:ef:74:fa:1a:dc:3f:90:5b:d7:7b:e7:
e2:de:4e:a9:9c:bf:40:11:37:68:24:22:e8:d3:46:a3:88:71:
f5:0b:d9:f4:a3:65:76:5c:eb:00:0d:02:dd:38:be:9e:1d:57:
d5:50:ff:24:03:c5:99:76:30:c9:69:94:5f:c5:ee:17:f7:92:
ee:86:e4:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJjfDDRh8+sZCc0aTB4ZbclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwODAzMTEzNDE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQxYTI0MjZjMjI0ZjgxNThjYTZmMmE3M2NmZDg4MmNjMGNiZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv7vUT+w34RWuYrHqvWd24zPJcO1
p/2c8eFcTGxaqNbl1lygV6cYqmtHd8rLyN/nbdOzPNwVgEtJFIjrSjkyuMrPLmqS
hl4UFo4X3LzW3xeVcTl8s1hSpLzvlRlQeWWA041FoAjv6UF2oH+Cl/zGjc4xHHhe
ek8VlByaLdUrUNYtuyfzSQ0CRMSBZu5H9Yb+xbmnbYkM2U5GrOHGNJLD9BXLc5cb
TrpsimhWcjKQSP+LpyLazPzDPlfKCZlDg1/k9HPuEOtv4zLhyyQrilZYmQYItSLA
yPo+cHf633KEtPuqJo5Jkhlrd+Up/R6PMMgXmrqwSH+dtFSRU9XUJztw6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnRokJsIk+BWMpvKnPP2ILMDL5yMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvU2RHaVFtd2lUNEZZeW04cWM4X1lnc3dNdm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbaAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBs3LfP5E8X3SNoHjbcCa5N1mxiVpGTVK7+RBSK8bjG
B/Di0j5frSJpWom3Smd3lThkUp2y6F/k6dMHxaEQ3GB9WPzG6HnhfE27zFL73qd3
yDtOsYADW7r8bb9ZiSAq09Y2BYGNUx2ULFu7elFpVEQxiFAlQ6l1VJRVwEcALw3j
uZndfFsCll671EoqTb3ftvvN+CMMgSURC5fXJKS9a2lV2CDd3iTOvH1fy22rLStC
aWt41BK/TDArAEYp73T6Gtw/kFvXe+fi3k6pnL9AETdoJCLo00ajiHH1C9n0o2V2
XOsADQLdOL6eHVfVUP8kA8WZdjDJaZRfxe4X95LuhuQd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:40 2023 by rpki-client on console-fra.rpki-client.org