Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/IQAx9Xrhu47rrk0GiwMvUwxVM24.roa
File: IQAx9Xrhu47rrk0GiwMvUwxVM24.roa (raw, json)
Hash identifier: EQzx176iLOpsXUZRTKSDnx9dcvLQeU+Tb/QbMm2PyKg=
Subject key identifier: 21:00:31:F5:7A:E1:BB:8E:EB:AE:4D:06:8B:03:2F:53:0C:55:33:6E
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 1C621C
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/IQAx9Xrhu47rrk0GiwMvUwxVM24.roa
Signing time: Tue 05 Apr 2022 08:37:31 +0000
ROA not before: Tue 05 Apr 2022 08:37:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.32.0/21 maxlen: 21
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
87.238.88.0/21 maxlen: 22
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
185.78.24.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1860124 (0x1c621c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 5 08:37:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=210031f57ae1bb8eebae4d068b032f530c55336e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f6:99:dc:ee:00:41:41:67:03:ac:54:1d:21:
62:26:c8:88:50:f5:7e:7d:69:57:d1:88:ee:43:88:
a0:ce:62:f9:26:71:34:99:24:c3:0f:2e:ee:35:69:
68:6e:4e:63:8d:10:d6:ae:e6:8b:ba:4b:15:c3:91:
63:d9:a0:23:71:99:10:27:4a:e0:86:6d:06:27:1b:
89:a8:a1:61:fc:f6:97:9a:67:2a:01:44:50:a6:60:
46:f0:ab:36:96:16:a4:a4:2f:cf:2c:b7:9b:a3:ee:
e8:94:ef:f8:e9:9d:6b:44:a8:79:96:fd:84:51:df:
39:87:7f:1a:fa:24:ef:14:28:34:01:2b:83:9c:c3:
93:f1:3d:67:7a:d3:2a:a9:0d:69:29:ea:76:51:42:
6d:4e:ce:cf:b4:0a:52:94:08:82:c0:c5:e8:dd:87:
4d:db:58:1f:f4:a0:ae:e3:02:66:07:1a:5a:b3:a3:
06:39:af:11:75:f1:38:20:a9:60:33:c9:7b:99:f8:
6d:12:07:73:4a:06:91:67:3d:2a:fc:e5:32:48:db:
29:04:cd:21:b6:3f:75:99:0d:98:a9:43:87:95:84:
e0:b6:e1:57:25:a6:ff:4c:46:d3:71:44:8f:f2:5e:
42:ca:a7:e0:c3:af:9d:3a:f4:71:da:18:5e:35:dd:
c8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:00:31:F5:7A:E1:BB:8E:EB:AE:4D:06:8B:03:2F:53:0C:55:33:6E
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/IQAx9Xrhu47rrk0GiwMvUwxVM24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
87.238.88.0/21
109.70.32.0/21
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
Signature Algorithm: sha256WithRSAEncryption
81:a9:8b:00:6c:bd:42:97:d5:4e:af:2b:49:12:b7:30:1c:41:
6e:2e:bf:8b:b9:72:60:4b:bf:f5:1c:92:79:a0:fe:ed:c4:59:
c0:4f:9a:06:51:f7:31:6b:9d:29:bc:3f:0f:b3:ed:09:de:fa:
e7:76:0c:50:d9:86:8c:24:95:a2:16:30:46:be:e0:43:cb:4e:
d6:56:a1:04:23:b9:7f:ce:41:62:b0:0c:b5:85:98:d5:ef:81:
c8:18:c4:2c:2f:10:6f:57:f9:57:4e:44:c5:cd:10:a9:ac:00:
4c:d8:39:a1:8f:78:99:a4:f0:08:88:3d:3f:0a:ee:11:bd:b6:
62:5b:c8:17:8a:41:ac:da:4d:f9:6a:2e:21:19:9d:47:d6:df:
79:28:4f:85:95:69:ea:41:8c:8e:35:55:22:0a:91:b9:9d:f0:
f7:cc:02:09:0d:7c:f2:6e:b0:1f:ea:3f:3e:68:0c:82:78:a4:
fa:e1:a9:c3:26:34:87:9a:89:45:e9:af:7f:d1:45:0c:45:a8:
1f:f8:c6:88:4a:a2:a0:ec:38:6f:fb:2c:a0:31:5a:c2:85:9c:
a3:95:c2:b2:46:99:98:31:50:f1:c1:1d:6f:69:47:6c:50:6f:
2d:24:2c:be:33:e4:a5:be:6f:22:f7:28:ee:f7:d6:4f:ab:d1:
e4:79:23:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDHGIcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDA1
MDgzNzMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMTAwMzFmNTdhZTFi
YjhlZWJhZTRkMDY4YjAzMmY1MzBjNTUzMzZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzPaZ3O4AQUFnA6xUHSFiJsiIUPV+fWlX0YjuQ4igzmL5JnE0
mSTDDy7uNWlobk5jjRDWruaLuksVw5Fj2aAjcZkQJ0rghm0GJxuJqKFh/PaXmmcq
AURQpmBG8Ks2lhakpC/PLLebo+7olO/46Z1rRKh5lv2EUd85h38a+iTvFCg0ASuD
nMOT8T1netMqqQ1pKep2UUJtTs7PtApSlAiCwMXo3YdN21gf9KCu4wJmBxpas6MG
Oa8RdfE4IKlgM8l7mfhtEgdzSgaRZz0q/OUySNspBM0htj91mQ2YqUOHlYTgtuFX
Jab/TEbTcUSP8l5Cyqfgw6+dOvRx2hheNd3I+wIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFCEAMfV64buO665NBosDL1MMVTNuMB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
SVFBeDlYcmh1NDdycmswR2l3TXZVd3hWTTI0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQYwAwQDV+5YAwQDbUYgAwQCuQJE
AwQCuU4YAwQBwnS4MA0GCSqGSIb3DQEBCwUAA4IBAQCBqYsAbL1Cl9VOrytJErcw
HEFuLr+LuXJgS7/1HJJ5oP7txFnAT5oGUfcxa50pvD8Ps+0J3vrndgxQ2YaMJJWi
FjBGvuBDy07WVqEEI7l/zkFisAy1hZjV74HIGMQsLxBvV/lXTkTFzRCprABM2Dmh
j3iZpPAIiD0/Cu4RvbZiW8gXikGs2k35ai4hGZ1H1t95KE+FlWnqQYyONVUiCpG5
nfD3zAIJDXzybrAf6j8+aAyCeKT64anDJjSHmolF6a9/0UUMRagf+MaISqKg7Dhv
+yygMVrChZyjlcKyRpmYMVDxwR1vaUdsUG8tJCy+M+Slvm8i9yju99ZPq9HkeSPh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:54 2024 by rpki-client on console-ams.rpki-client.org