Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/rH3JkQ5sfHe1HuRRH9ICq2mfyA8.roa
File: rH3JkQ5sfHe1HuRRH9ICq2mfyA8.roa (raw, json)
Hash identifier: 2AhlWZS1UfTgPxuzNvQkBB8RbXU9l7oelLDLwkbAIDo=
Subject key identifier: AC:7D:C9:91:0E:6C:7C:77:B5:1E:E4:51:1F:D2:02:AB:69:9F:C8:0F
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 01850FE65F3A6B8D627A1F67846367FA90F6
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/rH3JkQ5sfHe1HuRRH9ICq2mfyA8.roa
Signing time: Wed 14 Dec 2022 09:10:33 +0000
ROA not before: Wed 14 Dec 2022 09:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50013
IP address blocks: 109.160.50.0/24 maxlen: 24
109.160.49.0/24 maxlen: 24
109.160.48.0/24 maxlen: 24
109.160.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:e6:5f:3a:6b:8d:62:7a:1f:67:84:63:67:fa:90:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Dec 14 09:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac7dc9910e6c7c77b51ee4511fd202ab699fc80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d7:0c:89:b1:cb:d3:27:81:7e:a7:28:00:ae:
f2:6c:06:5e:92:fb:c6:da:54:fd:63:ea:c0:ec:46:
a0:64:1d:2d:33:84:8a:37:6d:c8:96:19:90:a1:70:
59:4c:6b:68:6e:0c:62:c1:4b:0d:7e:f7:ab:29:3e:
fb:b1:16:fa:3c:a4:df:3f:4c:b7:80:9f:4a:f8:c1:
65:e8:e1:63:4b:03:ca:60:28:5d:d0:84:ba:c5:89:
8a:e1:58:13:f3:8f:c0:fb:d6:55:27:5e:d0:f2:4e:
ca:ac:d8:68:e1:8f:ae:27:55:9b:26:bc:a4:ce:99:
76:54:e6:a8:88:2b:ac:b7:5c:2b:d1:2a:6d:43:99:
8a:54:18:c5:1f:cf:b8:04:02:97:fa:08:e4:51:1d:
5e:e5:1c:b7:cb:74:f0:99:54:b4:cd:f1:56:26:cf:
06:3a:2c:d1:68:26:76:a4:c5:32:88:3a:ca:a8:fd:
ed:5a:51:de:9f:1f:5e:e8:cc:b1:0a:f3:fb:e6:12:
80:c2:a0:a7:d5:83:c9:90:48:58:1f:c9:ad:91:60:
e5:8f:7a:05:99:ec:6b:e9:1e:1c:97:43:ea:88:5c:
ef:51:9d:9e:cc:1b:76:0b:b9:a8:eb:88:05:29:af:
f0:38:27:b9:86:64:47:57:7b:9e:a9:d4:14:d3:18:
d9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7D:C9:91:0E:6C:7C:77:B5:1E:E4:51:1F:D2:02:AB:69:9F:C8:0F
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/rH3JkQ5sfHe1HuRRH9ICq2mfyA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:df:77:8e:f1:ab:e4:ed:e0:c9:b8:4d:8c:7c:a7:dd:44:c4:
c7:0f:94:14:ed:3a:9d:d4:c1:23:dd:3b:f2:fe:d2:df:73:de:
6a:23:b5:e4:26:1b:93:d9:86:d0:5e:64:d4:f6:32:f2:16:19:
a8:87:6e:08:fa:29:c0:15:d0:fd:09:21:6f:98:27:5d:2d:f2:
0e:c6:ac:fc:39:d8:3d:76:38:b6:33:6a:69:c7:9c:a8:3e:24:
d7:26:11:fa:1c:d4:b9:8d:ce:28:5c:21:30:c3:2e:46:54:96:
ef:12:ab:a1:70:ca:9f:34:eb:ae:38:a7:e8:3a:77:a6:98:bc:
17:2c:94:da:f4:44:48:59:f6:34:33:a3:b1:de:ae:83:9c:c7:
f1:01:e7:94:f4:bd:ae:04:1a:62:84:f5:0d:37:ef:b1:71:b8:
a1:d3:06:28:3c:46:a0:72:c6:82:43:89:73:33:84:39:8e:16:
f3:bd:6d:46:ca:0e:b2:a8:0d:e5:80:75:a0:2e:8f:a4:9a:23:
03:2a:38:88:05:bf:e4:c3:d8:61:ab:68:15:9c:49:1e:dd:30:
83:be:4b:f0:75:76:f3:32:3e:5e:6d:49:42:09:f4:e8:59:5a:
fb:83:85:ab:19:ff:f3:2f:e6:5d:bb:78:05:d4:0f:03:0d:af:
e6:b0:03:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUP5l86a41ieh9nhGNn+pD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIxMjE0MDkxMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdkYzk5MTBlNmM3Yzc3YjUxZWU0NTExZmQyMDJhYjY5OWZjODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndcMibHL0yeBfqcoAK7ybAZekvvG
2lT9Y+rA7EagZB0tM4SKN23IlhmQoXBZTGtobgxiwUsNfverKT77sRb6PKTfP0y3
gJ9K+MFl6OFjSwPKYChd0IS6xYmK4VgT84/A+9ZVJ17Q8k7KrNho4Y+uJ1WbJryk
zpl2VOaoiCust1wr0SptQ5mKVBjFH8+4BAKX+gjkUR1e5Ry3y3TwmVS0zfFWJs8G
OizRaCZ2pMUyiDrKqP3tWlHenx9e6MyxCvP75hKAwqCn1YPJkEhYH8mtkWDlj3oF
mexr6R4cl0PqiFzvUZ2ezBt2C7mo64gFKa/wOCe5hmRHV3ueqdQU0xjZQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKx9yZEObHx3tR7kUR/SAqtpn8gPMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvckgzSmtRNXNmSGUxSHVSUkg5SUNxMm1meUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbaAwMA0G
CSqGSIb3DQEBCwUAA4IBAQBd33eO8avk7eDJuE2MfKfdRMTHD5QU7Tqd1MEj3Tvy
/tLfc95qI7XkJhuT2YbQXmTU9jLyFhmoh24I+inAFdD9CSFvmCddLfIOxqz8Odg9
dji2M2ppx5yoPiTXJhH6HNS5jc4oXCEwwy5GVJbvEquhcMqfNOuuOKfoOnemmLwX
LJTa9ERIWfY0M6Ox3q6DnMfxAeeU9L2uBBpihPUNN++xcbih0wYoPEagcsaCQ4lz
M4Q5jhbzvW1Gyg6yqA3lgHWgLo+kmiMDKjiIBb/kw9hhq2gVnEke3TCDvkvwdXbz
Mj5ebUlCCfToWVr7g4WrGf/zL+Zdu3gF1A8DDa/msANy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org