Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/M7sh8QD_X4LHD_HTkmB0BIqugZY.roa
File: M7sh8QD_X4LHD_HTkmB0BIqugZY.roa (raw, json)
Hash identifier: 2sLRMtmxPHzcnJQYgQK4cQjF2FpYnSLEa23TraYgqlY=
Subject key identifier: 33:BB:21:F1:00:FF:5F:82:C7:0F:F1:D3:92:60:74:04:8A:AE:81:96
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018BC8D890566D5F932885EADC8962468723
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/M7sh8QD_X4LHD_HTkmB0BIqugZY.roa
Signing time: Mon 13 Nov 2023 13:21:57 +0000
ROA not before: Mon 13 Nov 2023 13:21:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 109.160.32.0/22 maxlen: 22
109.160.38.0/24 maxlen: 24
109.160.36.0/24 maxlen: 24
109.160.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:d8:90:56:6d:5f:93:28:85:ea:dc:89:62:46:87:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Nov 13 13:21:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33bb21f100ff5f82c70ff1d3926074048aae8196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:61:d4:4f:fd:e6:9d:ae:f1:e5:6b:cd:e1:fc:
63:11:c7:ec:a5:52:72:ae:18:3e:5d:8f:4c:ef:d0:
7c:32:ea:c0:de:46:80:d8:f9:4a:12:d0:f0:03:9d:
0b:17:49:c0:d0:a7:70:43:d2:46:8b:2a:99:dc:69:
1f:47:fb:e3:e2:9a:fa:3d:c2:53:83:52:04:11:88:
0f:b6:ae:9d:ff:4e:84:eb:3d:d8:01:5d:70:21:6f:
40:ba:f5:91:5b:89:16:79:a6:06:fe:7e:b6:16:4a:
e3:0f:6f:49:0c:85:38:a5:c4:7e:2e:73:96:01:a5:
d2:15:e7:a3:8f:46:9b:07:46:42:b8:3c:de:6d:9b:
e5:3a:d6:a5:53:62:b2:7b:08:35:6f:cd:18:ce:75:
bf:10:be:fb:a2:36:13:20:1d:8c:59:3e:f9:bd:e6:
46:6f:cc:69:62:d1:7e:20:33:76:58:3d:87:d1:7a:
8e:93:da:dc:60:20:11:c8:ee:23:6f:2a:0e:1c:85:
b7:9b:95:dc:ad:51:23:aa:b2:af:c6:8d:bd:c6:d4:
1e:7d:73:74:ea:58:a9:50:35:50:a0:01:8a:a7:20:
44:80:b3:8e:e0:bc:12:c5:c4:2f:9c:7e:27:45:c4:
d9:44:ca:46:96:8d:35:7d:7d:fa:c4:4a:ef:64:ca:
7d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BB:21:F1:00:FF:5F:82:C7:0F:F1:D3:92:60:74:04:8A:AE:81:96
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/M7sh8QD_X4LHD_HTkmB0BIqugZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.32.0-109.160.38.255
Signature Algorithm: sha256WithRSAEncryption
9d:73:0d:1c:83:f0:9c:ce:be:d8:46:2e:92:43:7e:38:f1:2b:
d1:38:de:ec:3d:34:17:c0:fe:5b:16:ee:f6:97:a0:43:8e:e9:
c7:4d:63:25:2b:b1:de:d3:9b:2d:95:04:fa:28:66:73:20:f5:
03:49:3d:04:e7:82:79:53:82:51:d2:ec:17:37:a5:cd:79:49:
8b:fd:d0:84:b0:cc:5b:a0:5c:ef:a9:06:5f:a9:96:2c:7c:25:
a3:77:2b:f2:32:cb:03:94:15:de:8b:f9:3e:09:1c:23:dc:7b:
b1:4b:08:76:c0:d1:ba:b9:04:de:68:ac:b2:48:85:eb:01:50:
58:68:11:27:82:7b:a7:b6:5c:a9:ec:e9:9a:30:7a:dd:44:cd:
8e:87:01:f4:1c:3a:4f:5b:24:94:2d:d6:e0:de:83:f7:08:99:
fb:2f:d0:01:88:3b:6d:15:15:ec:3e:f8:94:49:91:7c:83:0f:
5b:59:22:64:8f:68:cd:7c:a1:2b:eb:e3:1c:4e:b6:98:d6:a5:
b6:41:41:ac:d8:83:df:5e:57:44:ac:8f:5e:96:30:7b:5c:27:
b1:64:fe:ef:6e:1f:0b:ea:ab:f2:92:b9:0c:a3:9c:7b:1a:63:
db:ca:34:41:31:a8:8a:5a:c9:c8:70:fd:16:f3:c1:54:94:50:
5d:c7:c8:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvI2JBWbV+TKIXq3IliRocjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMxMTEzMTMyMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2JiMjFmMTAwZmY1ZjgyYzcwZmYxZDM5MjYwNzQwNDhhYWU4MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWHUT/3mna7x5WvN4fxjEcfspVJy
rhg+XY9M79B8MurA3kaA2PlKEtDwA50LF0nA0KdwQ9JGiyqZ3GkfR/vj4pr6PcJT
g1IEEYgPtq6d/06E6z3YAV1wIW9AuvWRW4kWeaYG/n62FkrjD29JDIU4pcR+LnOW
AaXSFeejj0abB0ZCuDzebZvlOtalU2Kyewg1b80YznW/EL77ojYTIB2MWT75veZG
b8xpYtF+IDN2WD2H0XqOk9rcYCARyO4jbyoOHIW3m5XcrVEjqrKvxo29xtQefXN0
6lipUDVQoAGKpyBEgLOO4LwSxcQvnH4nRcTZRMpGlo01fX36xErvZMp9QwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDO7IfEA/1+Cxw/x05JgdASKroGWMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvTTdzaDhRRF9YNExIRF9IVGttQjBCSXF1Z1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVtoCAD
BABtoCYwDQYJKoZIhvcNAQELBQADggEBAJ1zDRyD8JzOvthGLpJDfjjxK9E43uw9
NBfA/lsW7vaXoEOO6cdNYyUrsd7Tmy2VBPooZnMg9QNJPQTngnlTglHS7Bc3pc15
SYv90ISwzFugXO+pBl+plix8JaN3K/IyywOUFd6L+T4JHCPce7FLCHbA0bq5BN5o
rLJIhesBUFhoESeCe6e2XKns6Zowet1EzY6HAfQcOk9bJJQt1uDeg/cImfsv0AGI
O20VFew++JRJkXyDD1tZImSPaM18oSvr4xxOtpjWpbZBQazYg99eV0Ssj16WMHtc
J7Fk/u9uHwvqq/KSuQyjnHsaY9vKNEExqIpaychw/RbzwVSUUF3HyGI=
-----END CERTIFICATE-----
Generated at Wed May 14 02:47:27 2025 by rpki-client