Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/U-ra9Jh-DLjcx65Ji_U5oPW3vY0.roa
File: U-ra9Jh-DLjcx65Ji_U5oPW3vY0.roa (raw, json)
Hash identifier: IbvJ7sgjXgMCY71Th1jSvuCw6CvI6xKmnzk16ptkCJw=
Subject key identifier: 53:EA:DA:F4:98:7E:0C:B8:DC:C7:AE:49:8B:F5:39:A0:F5:B7:BD:8D
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 01845D0C8A3D81DE1EA80EE334DC1D38F7F2
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/U-ra9Jh-DLjcx65Ji_U5oPW3vY0.roa
Signing time: Wed 09 Nov 2022 15:40:13 +0000
ROA not before: Wed 09 Nov 2022 15:40:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41313
IP address blocks: 109.121.166.0/24 maxlen: 24
109.121.162.0/24 maxlen: 24
109.121.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:0c:8a:3d:81:de:1e:a8:0e:e3:34:dc:1d:38:f7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Nov 9 15:40:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53eadaf4987e0cb8dcc7ae498bf539a0f5b7bd8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:6a:af:8b:fb:47:3a:6b:5f:9e:e6:f4:d0:
4e:04:77:69:45:68:cb:0b:b7:43:cc:ab:82:c9:ae:
b0:e4:4d:0b:64:14:fa:91:6f:d7:10:3b:52:04:8b:
d0:94:b7:ad:3f:aa:3f:e0:39:f9:ce:88:7b:34:05:
0c:2b:15:42:3e:37:49:32:bb:94:9c:eb:21:fe:ae:
f0:16:3e:22:f5:f2:91:27:f4:65:25:3b:75:e3:0c:
1c:75:eb:e0:75:31:86:dd:8b:00:d2:09:a2:68:0b:
cc:86:2a:e1:86:08:a1:73:88:50:c7:b7:4d:e4:e5:
5b:72:c1:0a:98:c2:bd:06:b7:b7:c8:c4:62:bc:91:
52:b8:8c:20:f6:fb:d4:78:d3:00:c0:f4:08:e7:ff:
8f:11:ee:5c:3f:8e:e7:a6:68:fc:29:59:7a:4e:27:
af:e8:e3:6c:d6:5f:a4:b6:57:22:74:dc:93:51:a3:
51:0a:5f:14:6a:19:98:08:f1:20:31:e7:5c:f3:aa:
50:f7:08:46:0c:1d:e3:1e:25:23:b9:b7:3f:03:a1:
5b:90:e1:c6:52:3a:f1:ea:b0:d1:d6:6b:cf:22:14:
cb:44:73:1e:5a:56:0b:b5:62:b8:b3:aa:ee:2e:a2:
66:b4:74:a0:40:0e:ee:54:f7:21:2f:35:31:20:31:
41:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EA:DA:F4:98:7E:0C:B8:DC:C7:AE:49:8B:F5:39:A0:F5:B7:BD:8D
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/U-ra9Jh-DLjcx65Ji_U5oPW3vY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.160.0-109.121.162.255
109.121.166.0/24
Signature Algorithm: sha256WithRSAEncryption
29:ea:aa:6b:3f:84:09:93:89:66:9d:d4:bf:fd:ad:e3:f6:48:
bf:02:e8:fd:0e:67:f4:fa:cf:b7:1c:8a:da:57:22:f6:fe:49:
34:0d:8d:e6:1d:86:34:4c:90:81:c6:47:30:6a:c0:fd:a3:e6:
ed:bf:f0:87:69:d6:71:fb:7d:bf:10:2e:4d:c3:aa:9c:eb:eb:
01:79:a0:82:8c:a1:1a:3e:5e:47:e6:8a:c4:aa:98:97:ac:a4:
47:cf:03:47:74:ec:2b:eb:b3:67:c8:c5:b0:5e:e6:51:fe:f6:
71:a9:e4:e5:b6:c4:49:5d:c2:27:93:b9:71:8b:31:ca:f9:39:
0b:8c:be:4d:32:4d:cd:34:34:89:3f:51:6b:b5:17:c2:5e:ca:
ca:04:49:13:c4:19:30:bc:85:2a:18:02:04:aa:89:63:07:6e:
62:a7:7a:cb:03:fc:c0:cf:5c:39:7e:a6:d9:15:ce:e1:e0:fa:
5f:5e:88:54:3a:93:a0:62:43:ba:35:e3:3b:27:fe:07:9e:0b:
8e:d1:e1:fb:3d:08:bc:43:98:20:23:e4:9d:00:33:ba:90:6f:
88:d2:a0:f5:b6:1c:ff:91:17:45:ab:de:25:78:ea:29:ce:18:
2e:58:ff:1b:11:a3:0e:bd:df:11:30:e8:d5:5a:bf:62:79:1f:
e1:0c:f1:79
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYRdDIo9gd4eqA7jNNwdOPfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjIxMTA5MTU0MDEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VhZGFmNDk4N2UwY2I4ZGNjN2FlNDk4YmY1MzlhMGY1YjdiZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLNqr4v7RzprX57m9NBOBHdpRWjL
C7dDzKuCya6w5E0LZBT6kW/XEDtSBIvQlLetP6o/4Dn5zoh7NAUMKxVCPjdJMruU
nOsh/q7wFj4i9fKRJ/RlJTt14wwcdevgdTGG3YsA0gmiaAvMhirhhgihc4hQx7dN
5OVbcsEKmMK9Bre3yMRivJFSuIwg9vvUeNMAwPQI5/+PEe5cP47npmj8KVl6Tiev
6ONs1l+ktlcidNyTUaNRCl8UahmYCPEgMedc86pQ9whGDB3jHiUjubc/A6FbkOHG
Ujrx6rDR1mvPIhTLRHMeWlYLtWK4s6ruLqJmtHSgQA7uVPchLzUxIDFBawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFPq2vSYfgy43MeuSYv1OaD1t72NMB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvVS1yYTlKaC1ETGpjeDY1SmlfVTVvUFczdlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVteaAD
BABteaIDBABteaYwDQYJKoZIhvcNAQELBQADggEBACnqqms/hAmTiWad1L/9reP2
SL8C6P0OZ/T6z7ccitpXIvb+STQNjeYdhjRMkIHGRzBqwP2j5u2/8Idp1nH7fb8Q
Lk3Dqpzr6wF5oIKMoRo+XkfmisSqmJespEfPA0d07Cvrs2fIxbBe5lH+9nGp5OW2
xEldwieTuXGLMcr5OQuMvk0yTc00NIk/UWu1F8JeysoESRPEGTC8hSoYAgSqiWMH
bmKnessD/MDPXDl+ptkVzuHg+l9eiFQ6k6BiQ7o14zsn/geeC47R4fs9CLxDmCAj
5J0AM7qQb4jSoPW2HP+RF0Wr3iV46inOGC5Y/xsRow693xEw6NVav2J5H+EM8Xk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:35 2023 by rpki-client on console-ams.rpki-client.org