Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/nT3isYrIdBhgEDpMCFjVKFtlP5o.roa
File: nT3isYrIdBhgEDpMCFjVKFtlP5o.roa (raw, json)
Hash identifier: qs/JCL8KXk5rmIHIvzwE9InDcp7W5XzjhCyJgycndkQ=
Subject key identifier: 9D:3D:E2:B1:8A:C8:74:18:60:10:3A:4C:08:58:D5:28:5B:65:3F:9A
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 30672897
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/nT3isYrIdBhgEDpMCFjVKFtlP5o.roa
Signing time: Wed 16 Feb 2022 12:39:56 +0000
ROA not before: Wed 16 Feb 2022 12:39:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 109.160.34.0/24 maxlen: 24
109.160.35.0/24 maxlen: 24
109.160.33.0/24 maxlen: 24
109.160.36.0/24 maxlen: 24
109.160.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 812066967 (0x30672897)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Feb 16 12:39:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d3de2b18ac8741860103a4c0858d5285b653f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0f:93:2d:63:5b:8c:ee:e5:dc:a0:ce:f0:cb:
18:c9:15:12:24:26:af:56:48:9b:61:fd:79:c7:47:
f2:8b:f4:56:c4:f1:e8:be:d8:11:20:e7:c7:d9:a7:
c5:60:58:34:77:a4:70:e8:bf:7f:ff:80:31:15:f4:
75:9c:aa:44:39:ec:60:25:4f:b6:cf:f7:e8:fc:d6:
a9:4e:10:af:26:5a:3d:89:87:56:fa:c3:1f:dc:45:
6e:55:14:c9:c8:56:3c:e2:da:51:7f:c8:1d:1f:e3:
df:a1:01:9f:da:d8:f0:79:2f:96:f8:37:63:d4:3a:
7e:5d:c2:db:f3:35:19:34:08:e3:19:ab:73:36:ce:
ac:47:09:59:8e:9b:4d:cf:d2:e8:c5:dd:ef:84:84:
b6:b1:a9:57:de:35:c5:1a:c8:a2:da:65:cc:32:3f:
fd:bc:36:8a:8e:12:97:90:6e:bc:f9:62:a1:91:5e:
bb:8b:ef:30:b4:6f:36:4e:27:82:7c:07:a9:bb:e9:
fe:99:df:68:04:78:03:ff:05:c3:ac:48:5e:12:9b:
d8:73:a4:22:0d:75:dc:b2:82:4d:30:d5:25:c1:e5:
67:3e:b7:bf:ce:35:d8:aa:71:5c:a0:4d:d9:14:5e:
fb:64:a9:1f:1f:40:65:75:ff:c3:3b:fb:94:09:06:
7c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3D:E2:B1:8A:C8:74:18:60:10:3A:4C:08:58:D5:28:5B:65:3F:9A
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/nT3isYrIdBhgEDpMCFjVKFtlP5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.33.0-109.160.37.255
Signature Algorithm: sha256WithRSAEncryption
47:2b:b7:41:d1:34:91:d4:04:6a:b5:45:de:1d:62:32:fa:c2:
30:c2:9f:4e:22:a3:5b:70:0d:38:e6:0d:c3:00:0d:44:9f:c9:
04:83:04:cc:16:2f:77:0c:9a:e0:95:4b:5e:59:f4:e0:2c:02:
c2:64:d2:01:4e:65:9c:2a:dc:69:a4:82:9b:51:4f:bb:6f:a8:
23:d3:a8:7a:65:28:4f:a1:8f:b2:a3:04:fb:88:f4:59:f1:78:
a1:32:50:f4:26:5b:e1:7a:3c:b9:97:c5:61:44:2c:ad:73:dc:
46:72:89:9f:b3:68:67:13:c8:02:57:5a:bc:ff:75:1f:10:38:
1b:85:24:6b:f6:91:f9:8d:f0:c4:17:d2:be:7a:bf:45:3d:da:
9c:44:81:ed:7c:60:be:01:39:4c:24:a5:12:ee:0b:d6:8a:ee:
92:b9:4f:a3:8c:41:86:0f:73:5e:9a:66:73:78:76:36:09:8e:
7f:00:b2:3d:4b:88:7b:64:84:18:58:1d:a8:01:6d:a8:34:c0:
d4:11:54:0d:4b:e7:3d:18:0b:06:31:aa:a1:d8:4c:bb:2b:a2:
1b:02:9d:8c:32:e1:23:29:7f:71:37:d2:d3:58:e3:dc:2e:4a:
bc:96:73:b5:30:9e:84:f0:31:fd:b3:c5:80:5b:2d:16:ea:54:
a7:e3:12:8d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEMGcolzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjJhOGMxZDMxMTg5NTAxNjEwOGZmYmQxNDU3NWM3N2NjMjg3NzNhMB4XDTIyMDIx
NjEyMzk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQzZGUyYjE4YWM4
NzQxODYwMTAzYTRjMDg1OGQ1Mjg1YjY1M2Y5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsPky1jW4zu5dygzvDLGMkVEiQmr1ZIm2H9ecdH8ov0VsTx
6L7YESDnx9mnxWBYNHekcOi/f/+AMRX0dZyqRDnsYCVPts/36PzWqU4QryZaPYmH
VvrDH9xFblUUychWPOLaUX/IHR/j36EBn9rY8Hkvlvg3Y9Q6fl3C2/M1GTQI4xmr
czbOrEcJWY6bTc/S6MXd74SEtrGpV941xRrIotplzDI//bw2io4Sl5BuvPlioZFe
u4vvMLRvNk4ngnwHqbvp/pnfaAR4A/8Fw6xIXhKb2HOkIg113LKCTTDVJcHlZz63
v8412KpxXKBN2RRe+2SpHx9AZXX/wzv7lAkGfH8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSdPeKxish0GGAQOkwIWNUoW2U/mjAfBgNVHSMEGDAWgBRyKowdMRiVAWEI
/70UV1x3zCh3OjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NpcU1IVEVZbFFGaENQLTlGRmRjZDh3b2R6by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvYjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8x
L25UM2lzWXJJZEJoZ0VEcE1DRmpWS0Z0bFA1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
YjFmNmVlLWM0ZWYtNDM1NS1hZjM2LWE1NThlZTY1NDMxZi8xL2NpcU1IVEVZbFFG
aENQLTlGRmRjZDh3b2R6by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAbaAhAwQBbaAkMA0GCSqGSIb3
DQEBCwUAA4IBAQBHK7dB0TSR1ARqtUXeHWIy+sIwwp9OIqNbcA045g3DAA1En8kE
gwTMFi93DJrglUteWfTgLALCZNIBTmWcKtxppIKbUU+7b6gj06h6ZShPoY+yowT7
iPRZ8XihMlD0Jlvhejy5l8VhRCytc9xGcomfs2hnE8gCV1q8/3UfEDgbhSRr9pH5
jfDEF9K+er9FPdqcRIHtfGC+ATlMJKUS7gvWiu6SuU+jjEGGD3NemmZzeHY2CY5/
ALI9S4h7ZIQYWB2oAW2oNMDUEVQNS+c9GAsGMaqh2Ey7K6IbAp2MMuEjKX9xN9LT
WOPcLkq8lnO1MJ6E8DH9s8WAWy0W6lSn4xKN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org