Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/XT8uRN4zrMs5I3ub8JhmOBh5Hqs.roa
File: XT8uRN4zrMs5I3ub8JhmOBh5Hqs.roa (raw, json)
Hash identifier: YzjraZTGnDXQsBjrGBt5FF00wuw6G6o1O9528WiK2UA=
Subject key identifier: 5D:3F:2E:44:DE:33:AC:CB:39:23:7B:9B:F0:98:66:38:18:79:1E:AB
Certificate issuer: /CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Certificate serial: 08BF617C
Authority key identifier: 1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/XT8uRN4zrMs5I3ub8JhmOBh5Hqs.roa
Signing time: Sat 01 Jan 2022 09:06:32 +0000
ROA not before: Sat 01 Jan 2022 09:06:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 109.232.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146760060 (0x8bf617c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a2f083f471dfb9507b4c973cb5c3acd49759d
Validity
Not Before: Jan 1 09:06:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d3f2e44de33accb39237b9bf098663818791eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cc:98:2d:1f:50:5d:21:c1:14:2d:13:2e:dd:
4b:5f:13:47:1b:42:d5:24:09:ea:e7:73:9b:65:0b:
b0:1f:8d:b8:0b:56:f0:4e:90:ea:31:97:7e:d9:89:
75:5c:86:d4:8a:2c:39:80:58:bc:80:fd:27:fe:ff:
62:3a:4d:98:62:b8:42:da:3f:48:80:65:4f:e1:49:
c6:29:1c:ff:fc:a8:6f:99:d0:86:35:4e:32:a7:30:
c4:39:b4:dd:c1:13:cc:7a:53:c7:51:57:0d:ea:ae:
51:90:ba:5f:83:ad:6b:4b:ff:41:d5:2d:35:8e:a5:
e5:29:71:da:e4:dd:98:79:67:fe:a9:15:d6:4a:e5:
be:bd:76:cd:d0:97:2c:cc:43:e7:2c:c3:b0:74:5e:
d0:f0:c6:b9:ee:58:10:23:0d:08:de:68:3b:f0:88:
44:ef:19:1d:26:8b:be:be:7b:a4:6c:b5:dc:1b:d4:
a6:a5:24:a8:9d:f1:84:08:7b:8c:e7:dd:ab:58:fe:
1f:ff:06:98:6d:7c:47:47:0e:c0:f6:12:cf:a5:87:
53:48:32:03:6a:b3:5d:73:de:95:fa:04:d7:56:f4:
3b:5c:84:bf:32:d1:fd:ca:4d:8f:17:8c:4b:20:5c:
87:54:42:e8:62:fa:2c:4d:fa:f7:87:a3:fd:84:9e:
8c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3F:2E:44:DE:33:AC:CB:39:23:7B:9B:F0:98:66:38:18:79:1E:AB
X509v3 Authority Key Identifier:
keyid:1E:9A:2F:08:3F:47:1D:FB:95:07:B4:C9:73:CB:5C:3A:CD:49:75:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpovCD9HHfuVB7TJc8tcOs1JdZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/XT8uRN4zrMs5I3ub8JhmOBh5Hqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6277a7-290f-4994-b286-25d6e8613dc4/1/HpovCD9HHfuVB7TJc8tcOs1JdZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.88.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:da:11:71:d7:b3:44:df:57:6e:21:9e:d8:fc:8b:cf:0b:c6:
48:05:78:0c:09:c4:27:d2:85:18:9b:96:33:b5:95:86:2e:cd:
4c:2d:1e:01:04:98:d9:2d:74:d7:a0:a0:a7:ba:95:79:7b:d6:
ac:f2:3f:1f:bd:d6:fe:17:10:38:0f:4a:4f:08:a3:36:bb:8e:
e7:79:86:23:1f:75:b5:0d:25:4c:c8:e3:20:1f:30:8f:8f:2e:
98:23:9e:58:d5:25:e2:5d:0c:57:78:bc:b9:51:2b:69:bd:14:
75:0a:59:20:92:27:d1:67:ff:11:72:df:aa:14:19:03:04:ef:
a6:9e:ee:fe:07:50:84:fe:eb:00:98:61:e1:42:36:f0:75:eb:
47:7d:cf:85:c0:8c:aa:1d:4f:49:9c:4a:f4:3e:60:14:31:b3:
84:02:d4:5b:8b:ae:0b:bb:94:71:38:2a:3f:e4:1b:32:1e:cc:
a3:f1:f3:b0:cb:1f:10:4e:0a:3b:35:62:07:42:67:18:72:f2:
2e:6b:74:ac:74:b9:64:1e:04:f9:2a:bb:75:b1:e5:e1:d5:e2:
6d:86:c8:c7:d7:4f:06:98:f0:0a:15:e9:28:75:6e:07:79:23:
7e:7c:84:0a:1a:c3:0f:7a:fb:63:3c:d0:cb:5c:f5:27:01:07:
7a:83:26:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECL9hfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTlhMmYwODNmNDcxZGZiOTUwN2I0Yzk3M2NiNWMzYWNkNDk3NTlkMB4XDTIyMDEw
MTA5MDYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQzZjJlNDRkZTMz
YWNjYjM5MjM3YjliZjA5ODY2MzgxODc5MWVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLMmC0fUF0hwRQtEy7dS18TRxtC1SQJ6udzm2ULsB+NuAtW
8E6Q6jGXftmJdVyG1IosOYBYvID9J/7/YjpNmGK4Qto/SIBlT+FJxikc//yob5nQ
hjVOMqcwxDm03cETzHpTx1FXDequUZC6X4Ota0v/QdUtNY6l5Slx2uTdmHln/qkV
1krlvr12zdCXLMxD5yzDsHRe0PDGue5YECMNCN5oO/CIRO8ZHSaLvr57pGy13BvU
pqUkqJ3xhAh7jOfdq1j+H/8GmG18R0cOwPYSz6WHU0gyA2qzXXPelfoE11b0O1yE
vzLR/cpNjxeMSyBch1RC6GL6LE3694ej/YSejDUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdPy5E3jOsyzkje5vwmGY4GHkeqzAfBgNVHSMEGDAWgBQemi8IP0cd+5UH
tMlzy1w6zUl1nTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwb3ZDRDlISGZ1VkI3VEpjOHRjT3MxSmRaMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNjI3N2E3LTI5MGYtNDk5NC1iMjg2LTI1ZDZlODYxM2RjNC8x
L1hUOHVSTjR6ck1zNUkzdWI4SmhtT0JoNUhxcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NjI3N2E3LTI5MGYtNDk5NC1iMjg2LTI1ZDZlODYxM2RjNC8xL0hwb3ZDRDlISGZ1
VkI3VEpjOHRjT3MxSmRaMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA23oWDANBgkqhkiG9w0BAQsFAAOC
AQEAPNoRcdezRN9XbiGe2PyLzwvGSAV4DAnEJ9KFGJuWM7WVhi7NTC0eAQSY2S10
16Cgp7qVeXvWrPI/H73W/hcQOA9KTwijNruO53mGIx91tQ0lTMjjIB8wj48umCOe
WNUl4l0MV3i8uVErab0UdQpZIJIn0Wf/EXLfqhQZAwTvpp7u/gdQhP7rAJhh4UI2
8HXrR33PhcCMqh1PSZxK9D5gFDGzhALUW4uuC7uUcTgqP+QbMh7Mo/HzsMsfEE4K
OzViB0JnGHLyLmt0rHS5ZB4E+Sq7dbHl4dXibYbIx9dPBpjwChXpKHVuB3kjfnyE
ChrDD3r7YzzQy1z1JwEHeoMmKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:53 2024 by rpki-client on console-fra.rpki-client.org