Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/agDNgw00eT-JX71mzOARdCwboY0.roa
File: agDNgw00eT-JX71mzOARdCwboY0.roa (raw, json)
Hash identifier: yC4Iw21b80dVmt5tGU5ZcGD3/7XQ8YpaVUuCTq4VD8Y=
Subject key identifier: 6A:00:CD:83:0D:34:79:3F:89:5F:BD:66:CC:E0:11:74:2C:1B:A1:8D
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 2FDCE7F7
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/agDNgw00eT-JX71mzOARdCwboY0.roa
Signing time: Sat 01 Jan 2022 12:03:18 +0000
ROA not before: Sat 01 Jan 2022 12:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 109.160.34.0/24 maxlen: 24
109.160.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 803006455 (0x2fdce7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 12:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a00cd830d34793f895fbd66cce011742c1ba18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:a5:03:14:9b:1f:cb:0d:71:f3:92:d6:ab:
58:24:00:7a:9c:63:af:86:94:b9:b6:4d:96:0e:aa:
56:98:d0:ea:ad:38:8a:0b:cf:47:92:61:77:4b:ea:
43:54:54:a3:a1:29:9a:1a:29:39:da:6d:b0:92:5b:
c6:b2:6d:1b:ae:84:20:6b:69:bc:c9:9b:e4:10:c9:
31:7f:eb:bf:af:d4:c3:87:ee:78:71:f0:fb:33:2a:
fc:5e:30:f7:f6:4e:24:db:ac:db:ab:f2:da:34:56:
55:ed:08:6f:aa:be:e4:f2:0e:ad:0a:7c:bb:16:88:
60:8a:ab:b9:fd:8a:78:8c:d9:33:35:4a:e7:cb:e4:
b5:b9:55:5e:f8:f4:a3:22:27:12:81:7b:e6:52:ae:
21:ec:13:e1:db:b6:13:12:f8:0d:92:44:db:d0:37:
9a:75:ca:67:fd:d2:5d:34:fa:af:4e:ac:d3:52:9a:
2a:55:03:23:68:e1:5c:5c:f0:98:9e:c9:76:0f:6f:
43:80:6e:6f:f4:8f:c8:57:04:4c:55:c3:66:1a:10:
a8:ef:74:f6:06:b6:36:ab:4b:15:2e:f3:90:d2:c8:
dc:55:06:72:2e:c2:87:a5:07:a8:84:4f:27:2d:a3:
25:5d:12:57:c1:a1:fd:ab:d8:bf:b6:0b:af:0b:35:
ac:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:00:CD:83:0D:34:79:3F:89:5F:BD:66:CC:E0:11:74:2C:1B:A1:8D
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/agDNgw00eT-JX71mzOARdCwboY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0/24
109.160.34.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:2f:0b:a9:9e:f5:08:d3:27:79:4e:eb:1a:cc:4d:ed:4b:0d:
45:6b:bf:2e:3b:e4:a2:fd:1b:80:b2:9d:00:e9:97:8f:18:b6:
9e:4e:a9:7d:03:81:60:7d:65:8a:9f:9d:74:cf:47:a0:b0:0d:
4b:fe:b2:34:a3:79:43:f7:73:b6:1c:9c:50:5e:55:2e:8e:5c:
19:6d:b9:b4:18:70:85:a5:af:3d:3f:11:21:10:5e:90:88:c4:
b7:42:2a:8b:92:98:f0:d8:da:cb:13:91:74:32:e5:60:e6:24:
09:ad:36:ae:7a:8d:30:20:00:75:5b:7d:97:fc:93:87:95:a8:
07:00:be:8f:cf:76:bb:71:df:74:7e:e2:0a:af:69:6f:31:5c:
62:ab:e7:36:64:86:46:e1:8d:67:c4:40:24:af:79:60:5d:87:
e0:6f:f0:cd:c0:47:58:ce:b8:2c:89:dc:63:1b:df:cf:f6:79:
64:c4:84:67:f8:bd:d7:bc:54:ad:31:2c:c1:85:a2:f6:f0:b3:
bd:d4:ed:70:17:d7:50:b6:9d:f3:90:9e:d4:18:ea:c4:c9:51:
05:bb:b3:f1:39:a1:3d:63:d1:2d:ce:40:b0:9c:19:64:93:bb:
3d:18:b4:d2:8c:6a:70:e2:1f:36:ed:43:1c:ee:87:5f:42:2d:
89:f0:c0:3c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEL9zn9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjJhOGMxZDMxMTg5NTAxNjEwOGZmYmQxNDU3NWM3N2NjMjg3NzNhMB4XDTIyMDEw
MTEyMDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmEwMGNkODMwZDM0
NzkzZjg5NWZiZDY2Y2NlMDExNzQyYzFiYTE4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsupQMUmx/LDXHzktarWCQAepxjr4aUubZNlg6qVpjQ6q04
igvPR5Jhd0vqQ1RUo6EpmhopOdptsJJbxrJtG66EIGtpvMmb5BDJMX/rv6/Uw4fu
eHHw+zMq/F4w9/ZOJNus26vy2jRWVe0Ib6q+5PIOrQp8uxaIYIqruf2KeIzZMzVK
58vktblVXvj0oyInEoF75lKuIewT4du2ExL4DZJE29A3mnXKZ/3SXTT6r06s01Ka
KlUDI2jhXFzwmJ7Jdg9vQ4Bub/SPyFcETFXDZhoQqO909ga2NqtLFS7zkNLI3FUG
ci7Ch6UHqIRPJy2jJV0SV8Gh/avYv7YLrws1rOsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRqAM2DDTR5P4lfvWbM4BF0LBuhjTAfBgNVHSMEGDAWgBRyKowdMRiVAWEI
/70UV1x3zCh3OjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpcU1IVEVZbFFGaENQLTlGRmRjZDh3b2R6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8x
L2FnRE5ndzAwZVQtSlg3MW16T0FSZEN3Ym9ZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
YjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8xL2NpcU1IVEVZbFFG
aENQLTlGRmRjZDh3b2R6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG2gIAMEAG2gIjANBgkqhkiG9w0B
AQsFAAOCAQEALi8LqZ71CNMneU7rGsxN7UsNRWu/Ljvkov0bgLKdAOmXjxi2nk6p
fQOBYH1lip+ddM9HoLANS/6yNKN5Q/dzthycUF5VLo5cGW25tBhwhaWvPT8RIRBe
kIjEt0Iqi5KY8NjayxORdDLlYOYkCa02rnqNMCAAdVt9l/yTh5WoBwC+j892u3Hf
dH7iCq9pbzFcYqvnNmSGRuGNZ8RAJK95YF2H4G/wzcBHWM64LIncYxvfz/Z5ZMSE
Z/i917xUrTEswYWi9vCzvdTtcBfXULad85Ce1BjqxMlRBbuz8TmhPWPRLc5AsJwZ
ZJO7PRi00oxqcOIfNu1DHO6HX0ItifDAPA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org