Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uSE2HMK8jqru0cgglI1AEGPAH7c.roa
File: uSE2HMK8jqru0cgglI1AEGPAH7c.roa (raw, json)
Hash identifier: 3XmwUb0sGSuWYieUQKVrSBGsspM1CDjIpNU1zZrSBRk=
Subject key identifier: B9:21:36:1C:C2:BC:8E:AA:EE:D1:C8:20:94:8D:40:10:63:C0:1F:B7
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0182C4A35901159C927486023E09F7E084DA
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uSE2HMK8jqru0cgglI1AEGPAH7c.roa
Signing time: Mon 22 Aug 2022 08:20:15 +0000
ROA not before: Mon 22 Aug 2022 08:20:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.160.32.0/22 maxlen: 22
109.160.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:a3:59:01:15:9c:92:74:86:02:3e:09:f7:e0:84:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 22 08:20:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b921361cc2bc8eaaeed1c820948d401063c01fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:38:a9:e5:f5:44:05:fd:91:d2:0e:9b:c8:b1:
4c:19:09:71:99:47:81:f9:b4:0f:ce:35:ed:a9:35:
f9:68:ea:7c:48:63:27:e8:0e:f3:18:60:e6:a1:a0:
ca:ea:ea:3f:80:46:fc:c2:12:84:2f:5a:20:ad:18:
56:3c:65:42:53:e7:79:65:46:7e:8e:c8:4a:dd:5e:
f6:48:a7:3e:bd:fe:2a:33:b5:5d:7c:c6:4f:16:ad:
db:37:fd:7a:c1:7f:51:a7:21:69:4c:e8:49:8e:13:
14:2f:91:59:08:d1:b4:a0:f9:82:37:0a:f9:39:6f:
1b:f4:52:f4:1a:db:3f:10:3c:a4:94:42:18:9b:37:
f6:41:79:65:d2:04:e7:1c:5f:a4:93:9f:bf:e8:82:
6a:59:5a:33:33:6a:d0:bf:77:5a:c9:15:55:ad:34:
43:72:5d:c3:8e:88:c6:54:75:42:62:5c:1e:e5:ec:
9e:8b:0b:60:2e:ce:75:c3:11:d4:f9:77:82:7a:ab:
41:5c:76:72:ba:d8:b9:fe:e2:25:17:70:21:b2:a7:
18:79:fd:97:36:7a:15:b3:cf:2d:ae:c2:9d:65:73:
16:14:b2:86:6c:55:a4:e3:ee:bc:d3:88:c9:ab:2c:
33:1a:eb:24:d5:2e:6b:d5:dc:d1:36:bc:8b:3e:59:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:21:36:1C:C2:BC:8E:AA:EE:D1:C8:20:94:8D:40:10:63:C0:1F:B7
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/uSE2HMK8jqru0cgglI1AEGPAH7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0/22
109.160.40.0/24
Signature Algorithm: sha256WithRSAEncryption
54:dc:d4:e6:ab:c8:d0:45:98:f5:71:ca:40:80:ae:d9:83:b4:
64:c6:13:e9:86:c9:67:e0:a0:6d:93:c1:ba:e3:8c:e5:ef:78:
3d:d5:6e:dc:ef:8e:6c:64:5a:bc:b4:29:0e:22:0c:35:e3:0d:
ff:c0:06:e1:ae:24:66:23:78:96:07:75:b9:68:5b:35:16:b4:
ce:9d:df:21:d6:45:56:bd:d2:1b:56:d4:05:b6:dc:84:23:38:
b8:87:92:8f:0a:9c:02:a4:00:de:96:52:1d:c2:ac:8a:b1:ac:
65:14:34:d9:82:38:1b:c1:b4:81:04:87:77:e4:cb:fe:11:6a:
e3:5d:7d:84:c4:8a:1c:3d:2b:a1:50:36:2d:e9:5b:19:7b:8a:
e7:dd:8a:8b:92:2e:f7:b2:7e:87:58:f7:be:57:70:63:1e:ae:
fc:8b:24:1c:dc:2f:8d:89:fe:37:c7:15:98:d3:51:36:7b:bf:
dd:cb:6d:e7:09:99:8c:fc:24:20:b3:d4:4d:be:fa:29:dd:3e:
d7:c0:04:9a:de:31:b0:d2:c8:b1:d4:b4:2f:58:1c:0c:bb:ca:
96:02:6c:ee:eb:07:76:11:7a:06:f6:82:dd:01:e5:55:16:6c:
23:59:63:c2:71:09:e1:21:2b:9f:67:f0:3c:e2:17:7a:46:4e:
e7:fd:a6:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLEo1kBFZySdIYCPgn34ITaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwODIyMDgyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIxMzYxY2MyYmM4ZWFhZWVkMWM4MjA5NDhkNDAxMDYzYzAxZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDip5fVEBf2R0g6byLFMGQlxmUeB
+bQPzjXtqTX5aOp8SGMn6A7zGGDmoaDK6uo/gEb8whKEL1ogrRhWPGVCU+d5ZUZ+
jshK3V72SKc+vf4qM7VdfMZPFq3bN/16wX9RpyFpTOhJjhMUL5FZCNG0oPmCNwr5
OW8b9FL0Gts/EDyklEIYmzf2QXll0gTnHF+kk5+/6IJqWVozM2rQv3dayRVVrTRD
cl3DjojGVHVCYlwe5eyeiwtgLs51wxHU+XeCeqtBXHZyuti5/uIlF3AhsqcYef2X
NnoVs88trsKdZXMWFLKGbFWk4+6804jJqywzGusk1S5r1dzRNryLPlnKnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLkhNhzCvI6q7tHIIJSNQBBjwB+3MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvdVNFMkhNSzhqcXJ1MGNnZ2xJMUFFR1BBSDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbaAgAwQA
baAoMA0GCSqGSIb3DQEBCwUAA4IBAQBU3NTmq8jQRZj1ccpAgK7Zg7RkxhPphsln
4KBtk8G644zl73g91W7c745sZFq8tCkOIgw14w3/wAbhriRmI3iWB3W5aFs1FrTO
nd8h1kVWvdIbVtQFttyEIzi4h5KPCpwCpADellIdwqyKsaxlFDTZgjgbwbSBBId3
5Mv+EWrjXX2ExIocPSuhUDYt6VsZe4rn3YqLki73sn6HWPe+V3BjHq78iyQc3C+N
if43xxWY01E2e7/dy23nCZmM/CQgs9RNvvop3T7XwASa3jGw0six1LQvWBwMu8qW
Amzu6wd2EXoG9oLdAeVVFmwjWWPCcQnhISufZ/A84hd6Rk7n/aab
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:40 2023 by rpki-client on console-fra.rpki-client.org