Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/CueKv7JtkHlgkaXzvOzIhUMYeN0.roa
File: CueKv7JtkHlgkaXzvOzIhUMYeN0.roa (raw, json)
Hash identifier: La8PO1ldoL6TLXEz3tVp/7G2APZqQG6kdv275wfIE2M=
Subject key identifier: 0A:E7:8A:BF:B2:6D:90:79:60:91:A5:F3:BC:EC:C8:85:43:18:78:DD
Certificate issuer: /CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Certificate serial: 0182AFF3619452A0453CD68CA5B3F837FF56
Authority key identifier: 4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/CueKv7JtkHlgkaXzvOzIhUMYeN0.roa
Signing time: Thu 18 Aug 2022 07:55:39 +0000
ROA not before: Thu 18 Aug 2022 07:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196903
IP address blocks: 109.207.48.0/24 maxlen: 24
109.207.48.0/20 maxlen: 20
109.207.50.0/24 maxlen: 24
109.207.49.0/24 maxlen: 24
109.207.51.0/24 maxlen: 24
109.207.58.0/24 maxlen: 24
109.207.55.0/24 maxlen: 24
109.207.54.0/24 maxlen: 24
109.207.57.0/24 maxlen: 24
109.207.56.0/24 maxlen: 24
109.207.53.0/24 maxlen: 24
109.207.52.0/24 maxlen: 24
109.207.62.0/24 maxlen: 24
109.207.61.0/24 maxlen: 24
109.207.63.0/24 maxlen: 24
109.207.60.0/24 maxlen: 24
109.207.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:f3:61:94:52:a0:45:3c:d6:8c:a5:b3:f8:37:ff:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee1713e16b4fd8f3301887de6a111980449b29e
Validity
Not Before: Aug 18 07:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ae78abfb26d90796091a5f3bcecc885431878dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6c:65:53:1b:2e:d5:33:e7:96:ed:99:95:a4:
e3:4a:1d:45:60:44:99:5f:5f:1a:ee:4e:93:56:71:
e7:4c:0f:66:0b:92:43:54:20:dc:c1:4d:7b:b8:b9:
1d:8f:97:6d:d0:58:d9:f9:27:c0:03:a6:b2:32:5c:
36:bd:c0:aa:a2:32:9d:c0:24:10:1a:e8:29:ef:54:
80:3c:53:b8:a0:28:76:a7:38:68:0b:8c:ba:f4:10:
7c:2c:d4:e4:f6:14:5f:30:bc:e3:ed:75:7b:85:11:
18:0d:88:87:2d:98:f7:f6:55:4b:73:7f:c1:11:a2:
3c:5f:84:ba:9d:c2:59:a7:55:da:62:bd:cf:20:6f:
50:6f:05:5b:23:15:74:73:cb:82:39:e9:f6:22:85:
2d:01:a4:07:b6:cc:03:0e:62:d8:c5:39:60:00:31:
11:c4:a9:cf:8e:90:5b:4f:dc:ac:5b:b6:7d:6f:2a:
44:c9:fa:6f:cc:68:79:97:cc:e8:f6:ca:76:86:e7:
a2:38:42:cf:73:0a:f1:67:09:3a:62:27:fc:39:cf:
25:31:c1:e9:d7:2c:20:ca:16:ec:a0:d8:cb:48:db:
8c:3c:ff:a5:ab:34:d8:bd:eb:82:78:60:69:a9:1b:
77:e2:e6:c6:b2:32:ef:46:64:d9:8c:09:a3:12:c1:
b2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E7:8A:BF:B2:6D:90:79:60:91:A5:F3:BC:EC:C8:85:43:18:78:DD
X509v3 Authority Key Identifier:
keyid:4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/CueKv7JtkHlgkaXzvOzIhUMYeN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.207.48.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:33:15:24:52:3b:39:90:2a:e6:af:46:0b:23:71:9e:9f:bf:
50:5f:0f:f1:7c:da:77:74:eb:1f:35:a1:4f:05:1d:b1:57:37:
1e:ac:fc:ff:d8:11:c1:66:49:f7:9b:d3:e5:cf:eb:5f:95:b4:
80:4d:51:5a:04:a7:57:6b:eb:d5:e7:bd:76:7d:a2:e3:2f:cf:
45:c3:b8:26:67:99:4e:37:45:80:42:ac:77:27:e7:ff:f8:a2:
60:eb:b9:2e:09:5b:00:71:45:98:09:38:92:f9:b9:01:2b:33:
38:3d:15:c2:16:dd:2c:d6:5d:dd:96:64:11:91:c6:8a:fb:7b:
08:d5:ad:9c:a7:6a:af:72:24:bb:58:a4:a5:5f:cf:00:c2:d3:
8c:e3:d8:a1:24:74:69:f1:18:b7:44:06:4e:79:cf:09:f1:66:
aa:bd:a5:61:e3:42:0d:82:c3:44:79:88:1f:0f:54:62:db:78:
40:e4:ce:77:a6:e9:75:55:cd:12:09:44:fb:4e:17:6d:ed:df:
1c:57:a9:b6:28:ff:81:5d:70:2f:2b:90:c8:a3:0f:36:be:c0:
d4:57:91:68:40:51:e7:ad:87:23:18:86:45:3b:f2:31:92:78:
f3:7f:09:ea:78:30:db:c5:2e:b3:ca:5f:37:c9:9f:33:c7:b7:
d6:80:0c:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKv82GUUqBFPNaMpbP4N/9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTE3MTNlMTZiNGZkOGYzMzAxODg3ZGU2YTExMTk4MDQ0
OWIyOWUwHhcNMjIwODE4MDc1NTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU3OGFiZmIyNmQ5MDc5NjA5MWE1ZjNiY2VjYzg4NTQzMTg3OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimxlUxsu1TPnlu2ZlaTjSh1FYESZ
X18a7k6TVnHnTA9mC5JDVCDcwU17uLkdj5dt0FjZ+SfAA6ayMlw2vcCqojKdwCQQ
Gugp71SAPFO4oCh2pzhoC4y69BB8LNTk9hRfMLzj7XV7hREYDYiHLZj39lVLc3/B
EaI8X4S6ncJZp1XaYr3PIG9QbwVbIxV0c8uCOen2IoUtAaQHtswDDmLYxTlgADER
xKnPjpBbT9ysW7Z9bypEyfpvzGh5l8zo9sp2hueiOELPcwrxZwk6Yif8Oc8lMcHp
1ywgyhbsoNjLSNuMPP+lqzTYveuCeGBpqRt34ubGsjLvRmTZjAmjEsGyBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArnir+ybZB5YJGl87zsyIVDGHjdMB8GA1UdIwQY
MBaAFE7hcT4WtP2PMwGIfeahEZgESbKeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYt
MDhlNGI3OTM4N2MwLzEvQ3VlS3Y3SnRrSGxna2FYenZPekloVU1ZZU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYtMDhlNGI3OTM4N2Mw
LzEvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbc8wMA0G
CSqGSIb3DQEBCwUAA4IBAQCqMxUkUjs5kCrmr0YLI3Gen79QXw/xfNp3dOsfNaFP
BR2xVzcerPz/2BHBZkn3m9Plz+tflbSATVFaBKdXa+vV5712faLjL89Fw7gmZ5lO
N0WAQqx3J+f/+KJg67kuCVsAcUWYCTiS+bkBKzM4PRXCFt0s1l3dlmQRkcaK+3sI
1a2cp2qvciS7WKSlX88AwtOM49ihJHRp8Ri3RAZOec8J8WaqvaVh40INgsNEeYgf
D1Ri23hA5M53pul1Vc0SCUT7Thdt7d8cV6m2KP+BXXAvK5DIow82vsDUV5FoQFHn
rYcjGIZFO/IxknjzfwnqeDDbxS6zyl83yZ8zx7fWgAxK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:54 2023 by rpki-client on console-fra.rpki-client.org