Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/mTEef2sdzftzAE-9b2BlU9Tz448.roa
File: mTEef2sdzftzAE-9b2BlU9Tz448.roa (raw, json)
Hash identifier: WAhClL8gB3jreIZ9PjvzroSbDKRoxCyvYbC4u+SLlWY=
Subject key identifier: 99:31:1E:7F:6B:1D:CD:FB:73:00:4F:BD:6F:60:65:53:D4:F3:E3:8F
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 02A8AA7F
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/mTEef2sdzftzAE-9b2BlU9Tz448.roa
Signing time: Sat 01 Jan 2022 15:57:08 +0000
ROA not before: Sat 01 Jan 2022 15:57:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25255
IP address blocks: 46.220.0.0/16 maxlen: 16
91.141.0.0/20 maxlen: 20
91.141.0.0/17 maxlen: 17
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
94.245.192.0/18 maxlen: 18
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
213.94.64.0/21 maxlen: 21
109.126.64.0/18 maxlen: 18
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
77.119.160.0/20 maxlen: 20
213.94.96.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
77.119.192.0/19 maxlen: 19
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
2a02:2861::/32 maxlen: 32
2a02:2864::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44608127 (0x2a8aa7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 1 15:57:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99311e7f6b1dcdfb73004fbd6f606553d4f3e38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d2:71:70:aa:8e:ae:60:b6:05:15:74:40:e1:
0c:80:9e:17:c5:32:6f:87:04:ad:3e:0c:f0:d1:f9:
29:6d:8a:f8:a0:d3:ab:b7:f0:55:2c:c1:ff:ba:f6:
03:1e:aa:17:f7:72:76:59:92:62:31:a8:94:bd:47:
42:f3:48:5c:69:ba:ed:f7:43:3a:f9:09:f1:d1:13:
fc:05:a3:c3:9b:dd:29:ef:16:cd:46:d2:3b:aa:c7:
fa:ea:7e:fc:3e:fc:12:15:2b:b1:da:86:da:14:fb:
a3:f6:59:6e:4c:71:04:e5:53:e9:81:ee:c7:da:b0:
a2:7f:e2:46:bf:09:08:cf:4e:9e:76:b8:10:5d:cc:
9f:51:95:46:5b:31:d0:67:8a:9a:c3:af:75:bc:79:
4c:c7:b8:35:65:3f:61:26:b8:ed:48:3e:9d:94:db:
70:03:fa:1c:e4:68:03:44:56:06:fa:63:23:a2:29:
c4:f8:d9:bd:cd:88:8d:fd:7a:19:57:f6:e3:7b:73:
cd:3f:98:2e:e1:a0:d1:ec:b0:a0:4b:36:1c:a5:36:
d0:a6:c2:e6:56:88:0f:79:1b:d8:ec:45:0a:53:67:
33:08:bf:d7:a7:12:a9:a7:78:af:f2:06:1c:57:e4:
6f:e3:4a:72:75:73:9e:41:4b:5f:42:ce:ad:43:a9:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:31:1E:7F:6B:1D:CD:FB:73:00:4F:BD:6F:60:65:53:D4:F3:E3:8F
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/mTEef2sdzftzAE-9b2BlU9Tz448.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
39:af:57:e5:89:d2:8c:55:fa:76:74:db:8d:da:73:81:68:e1:
dc:f1:69:9d:78:17:16:02:75:2f:39:b1:6d:48:3b:fd:ee:c8:
dc:8f:a6:2e:48:d9:ff:12:cc:3a:12:4e:4a:bb:d0:fe:12:3e:
6a:e4:4d:e6:03:bc:9a:e3:56:6c:ab:a7:fb:ab:03:6d:be:95:
f7:da:24:00:d1:64:c7:19:e8:81:35:be:d1:93:ba:6e:d4:62:
cc:e0:7a:e8:ba:9f:70:fb:45:af:e9:36:1a:6e:47:b2:d3:3c:
5a:3f:60:78:57:92:e7:39:e0:8a:c4:5f:80:d7:52:55:21:7e:
68:8b:ad:58:2c:8d:8b:1d:0a:17:c1:5c:1a:b3:0c:e9:7b:09:
91:3f:ff:07:ca:87:f1:0f:36:cd:05:22:db:fa:76:28:d0:10:
24:ed:52:3a:31:23:20:4e:0e:5a:9a:c8:75:4c:c4:df:71:91:
74:b4:78:6c:ff:36:08:61:d5:1d:9e:c9:46:25:20:31:f3:79:
6a:17:0a:72:9c:a3:bb:e7:bf:70:91:43:12:74:c8:f9:58:ef:
21:88:59:6a:04:cc:64:af:6a:e9:4c:29:ba:44:ca:06:50:26:
9d:b0:a4:50:53:3f:3a:eb:12:fe:d5:cd:d2:0d:0c:8e:62:54:
c3:42:69:e5
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIEAqiqfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjlkMTk3ZmJiZWUyYTFkY2NiNGY1NTcyMmE4MjEwZDMxMDViMDQyMB4XDTIyMDEw
MTE1NTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTkzMTFlN2Y2YjFk
Y2RmYjczMDA0ZmJkNmY2MDY1NTNkNGYzZTM4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnScXCqjq5gtgUVdEDhDICeF8Uyb4cErT4M8NH5KW2K+KDT
q7fwVSzB/7r2Ax6qF/dydlmSYjGolL1HQvNIXGm67fdDOvkJ8dET/AWjw5vdKe8W
zUbSO6rH+up+/D78EhUrsdqG2hT7o/ZZbkxxBOVT6YHux9qwon/iRr8JCM9Onna4
EF3Mn1GVRlsx0GeKmsOvdbx5TMe4NWU/YSa47Ug+nZTbcAP6HORoA0RWBvpjI6Ip
xPjZvc2Ijf16GVf243tzzT+YLuGg0eywoEs2HKU20KbC5laID3kb2OxFClNnMwi/
16cSqad4r/IGHFfkb+NKcnVznkFLX0LOrUOpq7sCAwEAAaOCAlIwggJOMB0GA1Ud
DgQWBBSZMR5/ax3N+3MAT71vYGVT1PPjjzAfBgNVHSMEGDAWgBTbnRl/u+4qHcy0
9VciqCENMQWwQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzI1MFpmN3Z1S2gzTXRQVlhJcWdoRFRFRnNFSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvMDlkMTM3LTQ3N2ItNGVmZS1hM2QzLTRiMjM5NTZmYmQ4Ni8x
L21URWVmMnNkemZ0ekFFLTliMkJsVTlUejQ0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
MDlkMTM3LTQ3N2ItNGVmZS1hM2QzLTRiMjM5NTZmYmQ4Ni8xLzI1MFpmN3Z1S2gz
TXRQVlhJcWdoRFRFRnNFSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBo
BggrBgEFBQcBBwEB/wRZMFcwPwQCAAEwOQMDAC7cAwMCTXQDBAZRA8ADBAdbjQAD
BAZe9cADBAZtfkADAwKycAMEB7KlgAMEBcIYgAMEBtVeQDAUBAIAAjAOAwUAKgIo
YQMFAioCKGQwDQYJKoZIhvcNAQELBQADggEBADmvV+WJ0oxV+nZ0243ac4Fo4dzx
aZ14FxYCdS85sW1IO/3uyNyPpi5I2f8SzDoSTkq70P4SPmrkTeYDvJrjVmyrp/ur
A22+lffaJADRZMcZ6IE1vtGTum7UYszgeui6n3D7Ra/pNhpuR7LTPFo/YHhXkuc5
4IrEX4DXUlUhfmiLrVgsjYsdChfBXBqzDOl7CZE//wfKh/EPNs0FItv6dijQECTt
UjoxIyBODlqayHVMxN9xkXS0eGz/Nghh1R2eyUYlIDHzeWoXCnKco7vnv3CRQxJ0
yPlY7yGIWWoEzGSvaulMKbpEygZQJp2wpFBTPzrrEv7VzdINDI5iVMNCaeU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:42 2023 by rpki-client on console-ams.rpki-client.org