Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/x2PcszkXUI3uqw1YMUQAMHWwye0.roa
File: x2PcszkXUI3uqw1YMUQAMHWwye0.roa (raw, json)
Hash identifier: GoGQT/W1dYit1tFenFzp5YxrwYGkcXUIsDrR1jqQiOg=
Subject key identifier: C7:63:DC:B3:39:17:50:8D:EE:AB:0D:58:31:44:00:30:75:B0:C9:ED
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018281357ADE09F873597B6B6134C934C321
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/x2PcszkXUI3uqw1YMUQAMHWwye0.roa
Signing time: Tue 09 Aug 2022 06:05:41 +0000
ROA not before: Tue 09 Aug 2022 06:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 109.160.36.0/24 maxlen: 24
109.160.38.0/24 maxlen: 24
109.160.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:35:7a:de:09:f8:73:59:7b:6b:61:34:c9:34:c3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Aug 9 06:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c763dcb33917508deeab0d583144003075b0c9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fc:67:3e:42:04:62:da:7e:3d:3a:51:03:b0:
7c:b5:f3:c9:b5:c4:e6:71:ce:86:fd:2e:b4:ca:cb:
ae:a8:07:de:ce:40:c2:17:79:19:eb:d7:62:e2:22:
d3:88:49:17:12:09:4a:0f:c4:dc:c3:84:fb:79:b6:
50:f6:49:2f:a4:1e:91:f2:e8:a4:68:f9:3b:13:b0:
09:eb:9c:f1:c7:1b:a3:84:60:a8:53:0e:43:41:92:
0e:2c:d8:97:e6:d7:1b:04:2e:1b:bb:13:12:27:07:
cf:50:84:46:99:60:a8:68:30:3a:1b:09:df:21:c8:
a0:f3:cb:91:7c:6b:99:da:f7:2e:65:e1:bf:9c:28:
b2:78:77:02:a0:4d:45:3e:81:80:d5:c6:57:09:47:
cc:50:b6:6d:11:3f:ef:61:8c:aa:af:02:7d:04:2e:
32:71:52:94:e0:36:fe:a4:48:cf:1d:59:5e:5b:5d:
5b:ae:44:61:6c:bd:7e:75:d3:6c:44:81:28:16:15:
7d:de:41:2d:e4:07:85:3f:cb:4e:fa:62:41:18:de:
04:3d:ec:15:f1:4e:c3:42:f0:2f:dc:db:4d:8d:a0:
27:27:ec:04:f4:92:4f:e0:30:ba:0c:9a:54:01:b1:
e9:35:9a:45:c1:ec:44:b2:f4:73:45:a5:c1:a5:a1:
1f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:63:DC:B3:39:17:50:8D:EE:AB:0D:58:31:44:00:30:75:B0:C9:ED
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/x2PcszkXUI3uqw1YMUQAMHWwye0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.36.0/24
109.160.38.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:91:f1:52:31:27:62:3c:19:22:3f:22:44:b5:62:de:90:7e:
03:43:44:f5:33:27:cf:ad:fc:cf:44:cd:df:86:1d:60:35:eb:
c7:e9:10:e0:cf:85:f6:52:2e:28:29:3e:77:c7:af:02:5d:39:
20:f6:e6:78:dc:26:3f:5a:13:77:c6:02:82:90:00:1e:4d:c8:
24:4b:03:ac:98:fa:52:e6:0d:50:d4:a2:54:e3:1d:da:a6:c7:
b4:22:46:67:9d:d9:67:d4:0d:56:a8:24:c9:68:bb:8c:c1:04:
81:79:6f:54:c4:a4:b3:2a:e8:ca:3c:24:4f:45:44:88:ee:8a:
27:b4:da:61:09:ad:1d:55:ad:2e:f9:58:cb:df:c4:ba:cc:74:
47:18:93:03:6e:a8:2b:fa:33:3a:9b:58:b7:49:e3:fc:1a:a6:
14:d0:b1:d0:0b:a8:8b:e9:db:b2:98:11:cf:18:8e:5d:f3:32:
ec:d2:9d:40:f7:42:82:f2:0c:5c:c8:0d:4d:85:c8:0b:d2:71:
81:20:9a:76:04:bc:6d:6f:1f:7f:60:31:74:3f:d3:63:23:2e:
1a:80:02:31:fc:80:61:87:8a:4d:93:43:73:9d:c5:61:13:9f:
5e:25:a0:b8:84:c8:ad:6b:a6:8d:73:f9:8a:83:1c:1b:f0:e4:
81:85:50:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKBNXreCfhzWXtrYTTJNMMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjIwODA5MDYwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzYzZGNiMzM5MTc1MDhkZWVhYjBkNTgzMTQ0MDAzMDc1YjBjOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvxnPkIEYtp+PTpRA7B8tfPJtcTm
cc6G/S60ysuuqAfezkDCF3kZ69di4iLTiEkXEglKD8Tcw4T7ebZQ9kkvpB6R8uik
aPk7E7AJ65zxxxujhGCoUw5DQZIOLNiX5tcbBC4buxMSJwfPUIRGmWCoaDA6Gwnf
Icig88uRfGuZ2vcuZeG/nCiyeHcCoE1FPoGA1cZXCUfMULZtET/vYYyqrwJ9BC4y
cVKU4Db+pEjPHVleW11brkRhbL1+ddNsRIEoFhV93kEt5AeFP8tO+mJBGN4EPewV
8U7DQvAv3NtNjaAnJ+wE9JJP4DC6DJpUAbHpNZpFwexEsvRzRaXBpaEfnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMdj3LM5F1CN7qsNWDFEADB1sMntMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEveDJQY3N6a1hVSTN1cXcxWU1VUUFNSFd3eWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbaAkAwQB
baAmMA0GCSqGSIb3DQEBCwUAA4IBAQBskfFSMSdiPBkiPyJEtWLekH4DQ0T1MyfP
rfzPRM3fhh1gNevH6RDgz4X2Ui4oKT53x68CXTkg9uZ43CY/WhN3xgKCkAAeTcgk
SwOsmPpS5g1Q1KJU4x3apse0IkZnndln1A1WqCTJaLuMwQSBeW9UxKSzKujKPCRP
RUSI7oontNphCa0dVa0u+VjL38S6zHRHGJMDbqgr+jM6m1i3SeP8GqYU0LHQC6iL
6duymBHPGI5d8zLs0p1A90KC8gxcyA1NhcgL0nGBIJp2BLxtbx9/YDF0P9NjIy4a
gAIx/IBhh4pNk0NzncVhE59eJaC4hMita6aNc/mKgxwb8OSBhVAC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org