Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/ln4ZkXx4T2AHQS2m4LxoSi7yGDQ.roa
File: ln4ZkXx4T2AHQS2m4LxoSi7yGDQ.roa (raw, json)
Hash identifier: JocpqZ4FF4i8UzVevdvSH4kYDP1qtgGMn6brLdwoMoc=
Subject key identifier: 96:7E:19:91:7C:78:4F:60:07:41:2D:A6:E0:BC:68:4A:2E:F2:18:34
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 2FB5F1
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/ln4ZkXx4T2AHQS2m4LxoSi7yGDQ.roa
Signing time: Tue 12 Apr 2022 11:31:42 +0000
ROA not before: Tue 12 Apr 2022 11:31:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
85.187.58.0/23 maxlen: 23
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
93.90.16.0/21 maxlen: 21
93.90.16.0/20 maxlen: 20
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
185.78.24.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3126769 (0x2fb5f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 12 11:31:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=967e19917c784f6007412da6e0bc684a2ef21834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d1:2e:89:3b:59:b4:12:cd:0e:ae:4d:c4:32:
9d:35:6d:1c:e8:6c:72:dc:f3:64:a0:ba:f0:f7:2f:
61:75:36:01:b3:c7:c1:4e:40:d3:6d:e2:a7:92:95:
f8:ec:31:4d:f6:4a:0e:f5:0f:88:94:6f:b1:0d:48:
3b:d3:b4:da:16:e4:16:08:85:14:4b:38:72:6a:7a:
5c:3f:a2:4c:43:bf:a6:8c:f4:76:d9:4f:25:22:e4:
eb:9f:3d:c5:39:0e:17:99:95:55:1d:ed:53:a3:8f:
aa:72:e0:bc:85:cb:27:4c:a6:a3:04:67:ea:55:fe:
95:64:f0:ac:8c:bd:6a:9d:03:5c:4d:a7:ee:6a:eb:
1f:29:5c:d1:b1:50:1f:4f:3a:31:92:69:31:ac:e5:
2c:30:dd:56:7f:b5:02:cc:9c:95:e7:32:15:63:4c:
74:af:4a:91:1a:91:d5:f5:24:7d:11:1d:5a:a0:7c:
a4:bc:c6:df:48:90:cd:86:c7:a8:ba:e7:00:41:83:
4e:24:f6:c8:43:35:b0:05:fa:8f:58:dc:87:35:4d:
10:67:4d:4e:f8:b9:f8:01:a5:ca:5b:b1:99:dc:ec:
90:3d:81:11:51:47:09:1d:1d:2c:2b:eb:53:cf:33:
24:7b:85:b1:49:52:d9:43:9d:cb:f2:22:2a:6f:d9:
17:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7E:19:91:7C:78:4F:60:07:41:2D:A6:E0:BC:68:4A:2E:F2:18:34
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/ln4ZkXx4T2AHQS2m4LxoSi7yGDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
79.139.120.0/21
85.187.56.0/22
87.238.88.0/21
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:ff:f5:25:eb:10:09:d6:c9:87:17:fc:5c:39:2b:3b:1a:39:
69:7e:7d:b5:14:4b:fa:a3:46:f8:34:d0:de:e3:00:13:e7:09:
c3:bc:b8:34:32:4c:4e:ca:a0:e6:7b:eb:22:bf:38:dd:16:39:
1b:6d:72:8e:04:60:6b:59:b3:05:ed:27:90:ff:ce:37:ef:d7:
64:d8:3e:af:ab:32:6d:67:8c:7a:85:7a:35:4f:5f:be:e5:a6:
42:54:a1:99:1b:78:64:37:d1:38:69:e0:26:5c:b5:56:96:be:
10:f2:be:fe:4b:38:40:43:48:86:17:1d:e3:51:c2:31:97:24:
52:83:15:c3:56:df:07:35:0e:f8:c9:cb:84:82:1b:1b:38:83:
0c:ca:4b:55:43:ff:bf:f0:38:4f:53:88:3c:63:67:57:49:81:
ee:2a:41:91:b6:8a:f0:5e:6e:36:f0:78:ea:c5:7f:46:0b:0d:
49:ad:3a:b3:76:7c:ea:8b:2c:56:3b:7b:00:55:2f:b3:dc:bb:
da:4a:a1:12:a9:24:ff:a4:53:3a:4b:ed:22:12:22:57:34:1d:
a9:a0:c0:1f:20:ba:89:3b:99:7e:61:5d:7a:a3:a4:bc:98:99:
4a:8d:47:91:0a:02:72:ce:3d:69:31:7c:96:0f:64:24:fa:c1:
d1:4e:6d:3b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIDL7XxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDEy
MTEzMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NjdlMTk5MTdjNzg0
ZjYwMDc0MTJkYTZlMGJjNjg0YTJlZjIxODM0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA49EuiTtZtBLNDq5NxDKdNW0c6Gxy3PNkoLrw9y9hdTYBs8fB
TkDTbeKnkpX47DFN9koO9Q+IlG+xDUg707TaFuQWCIUUSzhyanpcP6JMQ7+mjPR2
2U8lIuTrnz3FOQ4XmZVVHe1To4+qcuC8hcsnTKajBGfqVf6VZPCsjL1qnQNcTafu
ausfKVzRsVAfTzoxkmkxrOUsMN1Wf7UCzJyV5zIVY0x0r0qRGpHV9SR9ER1aoHyk
vMbfSJDNhseouucAQYNOJPbIQzWwBfqPWNyHNU0QZ01O+Ln4AaXKW7GZ3OyQPYER
UUcJHR0sK+tTzzMke4WxSVLZQ53L8iIqb9kX4wIDAQABo4ICPzCCAjswHQYDVR0O
BBYEFJZ+GZF8eE9gB0EtpuC8aEou8hg0MB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
bG40WmtYeDRUMkFIUVMybTRMeG9TaTd5R0RRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFUG
CCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLQYwAwQDT4t4AwQCVbs4AwQDV+5Y
AwQBWSXgAwQEXVoQAwQDbUYgAwQCuQJEAwQCuU4YAwQBwnS4MA0GCSqGSIb3DQEB
CwUAA4IBAQCu//Ul6xAJ1smHF/xcOSs7Gjlpfn21FEv6o0b4NNDe4wAT5wnDvLg0
MkxOyqDme+sivzjdFjkbbXKOBGBrWbMF7SeQ/84379dk2D6vqzJtZ4x6hXo1T1++
5aZCVKGZG3hkN9E4aeAmXLVWlr4Q8r7+SzhAQ0iGFx3jUcIxlyRSgxXDVt8HNQ74
ycuEghsbOIMMyktVQ/+/8DhPU4g8Y2dXSYHuKkGRtorwXm428HjqxX9GCw1JrTqz
dnzqiyxWO3sAVS+z3LvaSqESqST/pFM6S+0iEiJXNB2poMAfILqJO5l+YV16o6S8
mJlKjUeRCgJyzj1pMXyWD2Qk+sHRTm07
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:54 2024 by rpki-client on console-ams.rpki-client.org