Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/3fAT4r7Ieg_giSXSVM4gHYfuh7I.roa
File: 3fAT4r7Ieg_giSXSVM4gHYfuh7I.roa (raw, json)
Hash identifier: vTgUPRGkYvlwpjpwmV+ns0BL4U+WzvAQh/TnaSHp4y0=
Subject key identifier: DD:F0:13:E2:BE:C8:7A:0F:E0:89:25:D2:54:CE:20:1D:87:EE:87:B2
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 0182404B2DC001BD7FD3D5A0E21930C86D1E
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/3fAT4r7Ieg_giSXSVM4gHYfuh7I.roa
Signing time: Wed 27 Jul 2022 15:34:04 +0000
ROA not before: Wed 27 Jul 2022 15:34:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.112.0/24 maxlen: 24
176.108.111.0/24 maxlen: 24
176.108.112.0/22 maxlen: 24
176.108.108.0/24 maxlen: 24
176.108.108.0/22 maxlen: 24
176.108.109.0/24 maxlen: 24
176.108.106.0/24 maxlen: 24
176.108.106.0/23 maxlen: 24
176.108.116.0/24 maxlen: 24
176.108.116.0/22 maxlen: 24
176.108.112.0/21 maxlen: 24
176.108.118.0/24 maxlen: 24
176.108.117.0/24 maxlen: 24
176.108.120.0/22 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/22 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
193.93.18.0/24 maxlen: 24
176.108.96.0/21 maxlen: 24
176.108.96.0/20 maxlen: 24
176.108.100.0/22 maxlen: 24
176.108.103.0/24 maxlen: 24
176.108.102.0/24 maxlen: 24
176.108.104.0/24 maxlen: 24
176.108.104.0/22 maxlen: 24
176.108.104.0/21 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:40:4b:2d:c0:01:bd:7f:d3:d5:a0:e2:19:30:c8:6d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 27 15:34:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddf013e2bec87a0fe08925d254ce201d87ee87b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:9a:3c:ec:5c:17:3e:8a:6c:6d:4e:7c:94:
ad:b2:cd:c1:f6:a4:ac:79:8a:9a:4e:4e:78:82:c4:
2d:5c:4a:30:4e:a0:cb:f5:60:06:b8:bd:0b:37:a6:
ca:5b:9e:0e:50:23:bd:9b:de:4f:33:80:a0:52:d3:
6b:9f:cc:c2:fc:c4:83:ad:4f:c7:f5:6b:e6:88:db:
da:db:50:0b:11:e6:52:4a:f4:82:74:51:3e:fb:3e:
3c:14:46:14:93:01:5d:cf:08:38:76:aa:ba:b3:be:
32:f4:e9:70:5d:90:36:02:0e:e8:e9:7d:c5:68:6a:
5d:b7:11:d6:7c:53:4a:a3:53:29:cd:96:50:4d:c7:
07:a8:bb:ca:fe:25:ad:df:09:e5:84:6e:f4:1a:db:
2d:09:af:1b:91:c2:bb:26:59:42:5a:7d:98:1a:2d:
6e:77:05:ca:3f:9c:e7:37:80:1c:28:cc:5f:85:98:
c3:5a:4f:c8:41:ac:f5:83:5f:09:8e:22:7b:bd:d5:
c0:b8:a0:58:f1:a4:81:93:33:13:47:af:15:87:b2:
fd:93:a4:0f:d4:d4:26:bf:9d:90:cc:ac:cc:d3:32:
17:41:5f:4b:57:fd:5c:07:dd:2e:22:73:3f:56:98:
5c:1a:a2:be:9a:67:d9:3a:27:0e:ac:51:17:07:b3:
5e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F0:13:E2:BE:C8:7A:0F:E0:89:25:D2:54:CE:20:1D:87:EE:87:B2
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/3fAT4r7Ieg_giSXSVM4gHYfuh7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.96.0-176.108.123.255
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
a1:a8:f5:33:d8:fc:bc:50:c1:b0:95:db:16:53:cc:85:4e:70:
93:e3:01:93:bb:a5:e1:cd:31:60:73:ab:e4:78:ca:5d:2b:28:
96:9b:15:6b:da:57:78:50:15:2b:d7:8e:35:66:91:c6:df:d0:
0b:e6:98:60:06:31:7a:46:ff:14:db:83:ea:ea:10:97:76:2b:
f5:58:2e:c0:16:d3:86:ee:92:54:30:1b:8a:8f:ee:29:bf:78:
23:4b:dd:6c:48:70:01:c1:60:26:43:3e:68:73:1e:e0:28:50:
8f:2b:44:d9:70:09:87:80:a5:d7:62:41:73:6f:ec:63:82:45:
38:2f:c0:71:3f:42:5c:93:34:c0:b2:65:fa:ab:9f:d5:60:c5:
52:10:e6:65:45:c4:50:87:ec:4c:bc:b9:0c:52:fb:bf:b8:b1:
31:fc:ba:74:0f:eb:f5:4a:5a:6d:e4:ba:32:10:c6:59:6c:9a:
58:03:44:ce:64:b9:03:40:12:55:1f:2b:ea:c3:33:a7:a8:aa:
98:9c:f7:cc:c2:44:21:5c:29:8a:71:77:64:61:17:30:e9:30:
ec:95:47:3f:b5:66:9e:b5:c2:2e:0b:97:22:f0:44:64:f6:f4:
a1:85:5c:5c:15:63:ca:b4:3d:d0:cc:d6:0d:c7:af:c9:b2:2c:
eb:3d:30:ca
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYJASy3AAb1/09Wg4hkwyG0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzI3MTUzNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGYwMTNlMmJlYzg3YTBmZTA4OTI1ZDI1NGNlMjAxZDg3ZWU4N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbiaPOxcFz6KbG1OfJStss3B9qSs
eYqaTk54gsQtXEowTqDL9WAGuL0LN6bKW54OUCO9m95PM4CgUtNrn8zC/MSDrU/H
9WvmiNva21ALEeZSSvSCdFE++z48FEYUkwFdzwg4dqq6s74y9OlwXZA2Ag7o6X3F
aGpdtxHWfFNKo1MpzZZQTccHqLvK/iWt3wnlhG70GtstCa8bkcK7JllCWn2YGi1u
dwXKP5znN4AcKMxfhZjDWk/IQaz1g18JjiJ7vdXAuKBY8aSBkzMTR68Vh7L9k6QP
1NQmv52QzKzM0zIXQV9LV/1cB90uInM/VphcGqK+mmfZOicOrFEXB7NelwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFN3wE+K+yHoP4Ikl0lTOIB2H7oeyMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvM2ZBVDRyN0llZ19naVNYU1ZNNGdIWWZ1aDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAWwbGAD
BAKwbHgDBALBXRAwDwQCAAIwCQMHACABBngEaDANBgkqhkiG9w0BAQsFAAOCAQEA
oaj1M9j8vFDBsJXbFlPMhU5wk+MBk7ul4c0xYHOr5HjKXSsolpsVa9pXeFAVK9eO
NWaRxt/QC+aYYAYxekb/FNuD6uoQl3Yr9VguwBbThu6SVDAbio/uKb94I0vdbEhw
AcFgJkM+aHMe4ChQjytE2XAJh4Cl12JBc2/sY4JFOC/AcT9CXJM0wLJl+quf1WDF
UhDmZUXEUIfsTLy5DFL7v7ixMfy6dA/r9UpabeS6MhDGWWyaWANEzmS5A0ASVR8r
6sMzp6iqmJz3zMJEIVwpinF3ZGEXMOkw7JVHP7VmnrXCLguXIvBEZPb0oYVcXBVj
yrQ90MzWDcevybIs6z0wyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org