Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/uU33U1y31m7FxaQHDj8Cs27185Y.roa
File: uU33U1y31m7FxaQHDj8Cs27185Y.roa (raw, json)
Hash identifier: fkc6NRjNgWAk7Uw9B0n3b3H/8GCVzCKzS4GPC7j6J4Y=
Subject key identifier: B9:4D:F7:53:5C:B7:D6:6E:C5:C5:A4:07:0E:3F:02:B3:6E:F5:F3:96
Certificate issuer: /CN=1b893c6209b7a8018776c5ccad30e240d2cf2d07
Certificate serial: 01CAAA19
Authority key identifier: 1B:89:3C:62:09:B7:A8:01:87:76:C5:CC:AD:30:E2:40:D2:CF:2D:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G4k8Ygm3qAGHdsXMrTDiQNLPLQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/uU33U1y31m7FxaQHDj8Cs27185Y.roa
Signing time: Wed 23 Mar 2022 19:54:32 +0000
ROA not before: Wed 23 Mar 2022 19:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 109.234.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30059033 (0x1caaa19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b893c6209b7a8018776c5ccad30e240d2cf2d07
Validity
Not Before: Mar 23 19:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b94df7535cb7d66ec5c5a4070e3f02b36ef5f396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:41:39:15:79:2c:55:dd:bf:56:78:f7:fb:
a2:37:1f:06:9d:3d:55:e1:e2:39:1c:b0:1c:b9:1e:
4a:34:93:c1:ef:55:26:0e:71:96:70:77:28:64:7a:
0e:62:cc:15:cc:29:fb:0e:2c:50:57:8e:a8:1e:87:
ed:f2:3d:4c:42:3d:79:1b:0b:4e:6a:49:48:4d:6d:
ee:ce:08:ff:30:15:5a:10:62:a9:5c:e3:4c:f0:bf:
a4:77:6e:0b:c4:79:ed:01:75:ad:6d:2c:28:ed:9a:
d9:f8:67:90:80:d8:15:ca:db:04:9d:26:9d:98:b5:
9c:93:f3:c1:00:3d:50:21:90:92:63:ca:a3:ea:94:
db:fb:60:35:51:4d:8d:92:c2:0a:05:82:c7:d8:d6:
54:9e:9e:44:b2:f1:d4:ea:28:cc:c1:1f:36:83:c4:
a7:01:76:e4:3e:94:3f:18:fa:6c:05:a6:af:f9:a0:
f5:c7:94:6a:ba:ca:ae:fa:28:69:36:a9:1c:8e:43:
33:99:e5:5b:2f:c1:57:f6:f5:e5:09:f8:e9:8c:d1:
eb:e2:27:5a:88:8e:ac:99:af:60:2d:4b:eb:7e:43:
26:13:38:be:52:d7:7f:f4:04:ef:2c:25:d9:3e:99:
68:2f:dc:f9:c4:14:bf:cd:15:29:e1:33:4f:de:b1:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4D:F7:53:5C:B7:D6:6E:C5:C5:A4:07:0E:3F:02:B3:6E:F5:F3:96
X509v3 Authority Key Identifier:
keyid:1B:89:3C:62:09:B7:A8:01:87:76:C5:CC:AD:30:E2:40:D2:CF:2D:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G4k8Ygm3qAGHdsXMrTDiQNLPLQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/uU33U1y31m7FxaQHDj8Cs27185Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/3a0b14-8d17-449d-aa56-f1071e8b80d6/1/G4k8Ygm3qAGHdsXMrTDiQNLPLQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.74.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ff:ac:39:18:62:92:ee:c4:83:a9:9d:c2:a3:60:ae:74:fe:
d0:7f:fc:98:00:ae:23:98:05:16:e9:f1:b6:47:55:e1:89:f2:
55:bd:05:02:41:e7:43:7a:3e:22:e4:8c:96:d0:3a:88:80:65:
68:06:9b:d2:ef:2e:58:95:bb:b9:1f:b4:c8:2d:da:2b:36:f4:
14:a1:33:c6:1e:24:92:1d:30:75:c1:22:82:d0:c7:95:09:69:
43:cb:6f:c7:a5:c8:97:69:f1:b0:4f:c8:e6:07:10:0c:fa:d4:
9d:d9:57:9b:ad:1c:46:ec:e1:03:9a:0e:ba:f2:06:bb:47:ce:
e6:8d:37:e8:3d:3e:7c:e0:57:eb:59:d5:b1:79:10:ee:7d:02:
19:d9:86:4a:d2:61:28:d5:e9:4d:da:93:f2:6b:2b:88:7f:e9:
e0:4f:eb:f7:20:82:9a:09:ac:61:a4:b7:83:57:fb:1c:2f:87:
34:2b:f0:33:22:33:22:9a:1c:24:60:11:df:2b:88:4b:e9:e1:
2d:5c:1c:9c:e5:37:53:33:c8:8e:57:08:da:98:81:33:39:08:
41:7c:0f:47:68:03:eb:4d:6f:11:bf:48:87:32:37:cd:dd:aa:
23:89:cb:7c:7f:37:fa:99:bd:03:7d:d7:37:a2:68:ec:38:cb:
b5:82:cd:ef
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAcqqGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Yjg5M2M2MjA5YjdhODAxODc3NmM1Y2NhZDMwZTI0MGQyY2YyZDA3MB4XDTIyMDMy
MzE5NTQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk0ZGY3NTM1Y2I3
ZDY2ZWM1YzVhNDA3MGUzZjAyYjM2ZWY1ZjM5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5WQTkVeSxV3b9WePf7ojcfBp09VeHiORywHLkeSjSTwe9V
Jg5xlnB3KGR6DmLMFcwp+w4sUFeOqB6H7fI9TEI9eRsLTmpJSE1t7s4I/zAVWhBi
qVzjTPC/pHduC8R57QF1rW0sKO2a2fhnkIDYFcrbBJ0mnZi1nJPzwQA9UCGQkmPK
o+qU2/tgNVFNjZLCCgWCx9jWVJ6eRLLx1OoozMEfNoPEpwF25D6UPxj6bAWmr/mg
9ceUarrKrvooaTapHI5DM5nlWy/BV/b15Qn46YzR6+InWoiOrJmvYC1L635DJhM4
vlLXf/QE7ywl2T6ZaC/c+cQUv80VKeEzT96xmAMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS5TfdTXLfWbsXFpAcOPwKzbvXzljAfBgNVHSMEGDAWgBQbiTxiCbeoAYd2
xcytMOJA0s8tBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c0azhZZ20zcUFHSGRzWE1yVERpUU5MUExRYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvM2EwYjE0LThkMTctNDQ5ZC1hYTU2LWYxMDcxZThiODBkNi8x
L3VVMzNVMXkzMW03RnhhUUhEajhDczI3MTg1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
M2EwYjE0LThkMTctNDQ5ZC1hYTU2LWYxMDcxZThiODBkNi8xL0c0azhZZ20zcUFH
SGRzWE1yVERpUU5MUExRYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3qSjANBgkqhkiG9w0BAQsFAAOC
AQEAiv+sORhiku7Eg6mdwqNgrnT+0H/8mACuI5gFFunxtkdV4YnyVb0FAkHnQ3o+
IuSMltA6iIBlaAab0u8uWJW7uR+0yC3aKzb0FKEzxh4kkh0wdcEigtDHlQlpQ8tv
x6XIl2nxsE/I5gcQDPrUndlXm60cRuzhA5oOuvIGu0fO5o036D0+fOBX61nVsXkQ
7n0CGdmGStJhKNXpTdqT8msriH/p4E/r9yCCmgmsYaS3g1f7HC+HNCvwMyIzIpoc
JGAR3yuIS+nhLVwcnOU3UzPIjlcI2piBMzkIQXwPR2gD601vEb9IhzI3zd2qI4nL
fH83+pm9A33XN6Jo7DjLtYLN7w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:42 2023 by rpki-client on console-fra.rpki-client.org