Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/A_oRTDEEMEn5cw2YE8nD1s5QX1w.roa
File: A_oRTDEEMEn5cw2YE8nD1s5QX1w.roa (raw, json)
Hash identifier: QcwbxaW4zznaBG9gfgappdOLDka45YVFVe8IcZq0Je8=
Subject key identifier: 03:FA:11:4C:31:04:30:49:F9:73:0D:98:13:C9:C3:D6:CE:50:5F:5C
Certificate issuer: /CN=d0a16bf7e0e3b9330b54483e19f613b02b627bef
Certificate serial: 02419EF1
Authority key identifier: D0:A1:6B:F7:E0:E3:B9:33:0B:54:48:3E:19:F6:13:B0:2B:62:7B:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KFr9-DjuTMLVEg-GfYTsCtie-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/A_oRTDEEMEn5cw2YE8nD1s5QX1w.roa
Signing time: Tue 22 Mar 2022 19:55:38 +0000
ROA not before: Tue 22 Mar 2022 19:55:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196883
IP address blocks: 109.196.112.0/24 maxlen: 24
109.196.113.0/24 maxlen: 24
109.196.114.0/24 maxlen: 24
109.196.115.0/24 maxlen: 24
109.196.116.0/24 maxlen: 24
109.196.117.0/24 maxlen: 24
109.196.118.0/24 maxlen: 24
109.196.112.0/21 maxlen: 24
109.196.112.0/20 maxlen: 24
109.196.120.0/23 maxlen: 23
109.196.120.0/24 maxlen: 24
109.196.120.0/21 maxlen: 24
109.196.121.0/24 maxlen: 24
109.196.122.0/23 maxlen: 23
109.196.122.0/24 maxlen: 24
109.196.119.0/24 maxlen: 24
109.196.123.0/24 maxlen: 24
109.196.124.0/22 maxlen: 23
109.196.124.0/24 maxlen: 24
109.196.125.0/24 maxlen: 24
109.196.127.0/24 maxlen: 24
109.196.126.0/24 maxlen: 24
2001:67c:11c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37854961 (0x2419ef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a16bf7e0e3b9330b54483e19f613b02b627bef
Validity
Not Before: Mar 22 19:55:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03fa114c31043049f9730d9813c9c3d6ce505f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:a2:d1:8d:58:b3:ec:d6:f3:0a:d2:f9:fd:
ae:43:4d:09:1a:19:ea:7b:66:d7:aa:b4:d1:22:35:
ca:64:6a:00:c2:69:f6:ce:75:8b:c5:b0:45:e1:48:
e4:92:01:73:72:f4:36:7a:9a:67:9b:5f:29:81:4f:
78:96:c6:e2:d1:3b:e7:60:ed:6b:73:be:a9:5e:7a:
5b:6c:d1:ce:07:bc:47:d7:0e:19:f8:77:3d:1d:47:
13:4e:03:13:c2:5d:4b:59:c1:a5:1e:41:32:6f:6a:
77:38:bb:fe:1e:31:98:2c:20:56:54:b7:89:68:05:
99:79:6c:bb:a9:23:ed:13:22:c6:1d:28:cf:42:6d:
ea:1f:1a:fa:80:63:88:3a:2b:b5:54:82:b4:f4:52:
f7:1a:d7:af:b2:ff:ff:6e:2b:f9:03:72:af:25:83:
81:17:6c:5e:48:58:c1:0b:35:71:6a:d3:d4:51:9b:
01:1d:c0:08:86:f1:ec:ef:08:4d:fc:5d:af:f6:f4:
12:39:94:46:b0:c1:8c:83:7d:7e:43:fc:36:a1:db:
c0:f4:60:8b:54:ce:84:16:f8:ee:ec:96:df:db:c3:
3d:18:9c:cf:1e:fa:b2:61:d8:47:dd:48:fb:eb:81:
12:91:e1:ef:ff:ee:3a:dd:c7:30:7f:a7:b3:a6:55:
9f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FA:11:4C:31:04:30:49:F9:73:0D:98:13:C9:C3:D6:CE:50:5F:5C
X509v3 Authority Key Identifier:
keyid:D0:A1:6B:F7:E0:E3:B9:33:0B:54:48:3E:19:F6:13:B0:2B:62:7B:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KFr9-DjuTMLVEg-GfYTsCtie-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/A_oRTDEEMEn5cw2YE8nD1s5QX1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/0KFr9-DjuTMLVEg-GfYTsCtie-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.112.0/20
IPv6:
2001:67c:11c::/48
Signature Algorithm: sha256WithRSAEncryption
38:28:b5:44:57:41:61:2f:40:bc:45:8e:2c:df:56:09:53:e6:
76:14:80:bc:f8:f5:a3:f5:00:af:8b:b5:36:cf:9c:00:9e:d3:
5d:21:82:bb:8a:19:a6:67:0e:1f:b0:76:df:3e:17:d2:6b:b7:
40:dc:20:85:55:1a:fa:50:6b:3c:d4:b6:d9:2e:f0:89:ab:d0:
8f:bb:5a:50:49:a4:3c:1d:3a:aa:77:ba:e9:31:0c:c9:8e:6d:
05:30:55:38:f7:d7:61:e0:d8:6d:b3:dd:0c:00:f3:34:0b:a1:
ef:80:fe:ef:4d:e7:51:89:17:02:a9:f3:6f:2d:5a:ea:22:cf:
08:36:4a:97:8e:07:30:b2:b7:18:a3:8a:4e:27:9a:03:bb:8c:
b8:a4:75:1c:e8:ba:5f:97:48:a6:a3:1c:3b:79:d9:c6:7b:5a:
b2:62:a8:d9:c8:4a:b5:c3:77:99:d8:54:23:7e:90:b2:b7:9b:
da:6d:6a:70:e6:b3:70:d1:4d:bc:c6:d2:37:f4:58:bc:b5:6b:
d0:11:f3:d7:7d:2f:45:8b:69:d2:cd:da:0c:29:3d:b4:51:5a:
11:40:d7:9e:47:c4:e2:19:b6:a4:74:55:e0:47:1d:22:ad:08:
fc:85:0b:55:2c:55:3e:76:ed:bc:33:0b:b8:66:20:3c:78:c5:
c8:f3:b9:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAkGe8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGExNmJmN2UwZTNiOTMzMGI1NDQ4M2UxOWY2MTNiMDJiNjI3YmVmMB4XDTIyMDMy
MjE5NTUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNmYTExNGMzMTA0
MzA0OWY5NzMwZDk4MTNjOWMzZDZjZTUwNWY1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwjotGNWLPs1vMK0vn9rkNNCRoZ6ntm16q00SI1ymRqAMJp
9s51i8WwReFI5JIBc3L0NnqaZ5tfKYFPeJbG4tE752Dta3O+qV56W2zRzge8R9cO
Gfh3PR1HE04DE8JdS1nBpR5BMm9qdzi7/h4xmCwgVlS3iWgFmXlsu6kj7RMixh0o
z0Jt6h8a+oBjiDortVSCtPRS9xrXr7L//24r+QNyryWDgRdsXkhYwQs1cWrT1FGb
AR3ACIbx7O8ITfxdr/b0EjmURrDBjIN9fkP8NqHbwPRgi1TOhBb47uyW39vDPRic
zx76smHYR91I++uBEpHh7//uOt3HMH+ns6ZVnykCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQD+hFMMQQwSflzDZgTycPWzlBfXDAfBgNVHSMEGDAWgBTQoWv34OO5MwtU
SD4Z9hOwK2J77zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBLRnI5LURqdVRNTFZFZy1HZllUc0N0aWUtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvY2VhZmZiLWFjMjUtNDkxZC1iM2NjLTRlZjAzYzEwODFmOC8x
L0Ffb1JUREVFTUVuNWN3MllFOG5EMXM1UVgxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
Y2VhZmZiLWFjMjUtNDkxZC1iM2NjLTRlZjAzYzEwODFmOC8xLzBLRnI5LURqdVRN
TFZFZy1HZllUc0N0aWUtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEBG3EcDAPBAIAAjAJAwcAIAEGfAEc
MA0GCSqGSIb3DQEBCwUAA4IBAQA4KLVEV0FhL0C8RY4s31YJU+Z2FIC8+PWj9QCv
i7U2z5wAntNdIYK7ihmmZw4fsHbfPhfSa7dA3CCFVRr6UGs81LbZLvCJq9CPu1pQ
SaQ8HTqqd7rpMQzJjm0FMFU499dh4Nhts90MAPM0C6HvgP7vTedRiRcCqfNvLVrq
Is8INkqXjgcwsrcYo4pOJ5oDu4y4pHUc6Lpfl0imoxw7ednGe1qyYqjZyEq1w3eZ
2FQjfpCyt5vabWpw5rNw0U28xtI39Fi8tWvQEfPXfS9Fi2nSzdoMKT20UVoRQNee
R8TiGbakdFXgRx0irQj8hQtVLFU+du28Mwu4ZiA8eMXI87kq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:01 2023 by rpki-client on console-ams.rpki-client.org