Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/a-u4RUXljm1oYKprUtWsXg6lkZs.roa
File: a-u4RUXljm1oYKprUtWsXg6lkZs.roa (raw, json)
Hash identifier: Ye4JfmwZeMQN2P9Y6USG7Dv3DEkJPGQwA7EsaSXCfng=
Subject key identifier: 6B:EB:B8:45:45:E5:8E:6D:68:60:AA:6B:52:D5:AC:5E:0E:A5:91:9B
Certificate issuer: /CN=d0a16bf7e0e3b9330b54483e19f613b02b627bef
Certificate serial: 01856FF04904D07A74432A135EA74140995F
Authority key identifier: D0:A1:6B:F7:E0:E3:B9:33:0B:54:48:3E:19:F6:13:B0:2B:62:7B:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KFr9-DjuTMLVEg-GfYTsCtie-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/a-u4RUXljm1oYKprUtWsXg6lkZs.roa
Signing time: Mon 02 Jan 2023 00:44:56 +0000
ROA not before: Mon 02 Jan 2023 00:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196883
IP address blocks: 109.196.112.0/24 maxlen: 24
109.196.113.0/24 maxlen: 24
109.196.114.0/24 maxlen: 24
109.196.115.0/24 maxlen: 24
109.196.116.0/24 maxlen: 24
109.196.117.0/24 maxlen: 24
109.196.118.0/24 maxlen: 24
109.196.112.0/21 maxlen: 24
109.196.112.0/20 maxlen: 24
109.196.120.0/23 maxlen: 23
109.196.120.0/24 maxlen: 24
109.196.120.0/21 maxlen: 24
109.196.121.0/24 maxlen: 24
109.196.122.0/23 maxlen: 23
109.196.122.0/24 maxlen: 24
109.196.119.0/24 maxlen: 24
109.196.123.0/24 maxlen: 24
109.196.124.0/22 maxlen: 23
109.196.124.0/24 maxlen: 24
109.196.125.0/24 maxlen: 24
109.196.127.0/24 maxlen: 24
109.196.126.0/24 maxlen: 24
2001:67c:11c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:49:04:d0:7a:74:43:2a:13:5e:a7:41:40:99:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a16bf7e0e3b9330b54483e19f613b02b627bef
Validity
Not Before: Jan 2 00:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bebb84545e58e6d6860aa6b52d5ac5e0ea5919b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1e:10:41:45:48:1b:9e:14:08:eb:b2:28:75:
93:40:76:77:7d:d6:f2:a8:94:d3:95:46:56:44:fc:
37:65:e5:8a:fb:bf:7d:61:41:65:1c:43:6e:d3:f1:
8f:fc:c4:8f:8c:11:80:17:97:6a:39:cb:1d:ba:fa:
32:be:03:77:94:23:fd:3c:16:94:df:73:41:e7:a5:
27:91:7e:77:cc:ec:28:f9:90:12:fa:29:17:ef:73:
50:23:0e:96:64:14:0d:42:01:94:10:86:49:0a:8d:
10:5a:9e:ea:50:25:18:3a:b5:e7:6d:2a:29:cc:91:
43:c3:88:0f:49:07:cb:73:bb:76:90:fc:a4:58:b3:
5e:b4:04:47:75:d8:f5:7c:00:46:c8:13:b3:96:32:
6f:ce:00:8d:f8:f7:5e:20:1b:7b:16:e3:fa:56:55:
b8:83:ac:43:9b:c7:07:d5:5e:85:e6:e4:be:f7:b9:
de:64:e1:f1:c1:e2:14:ca:a6:ed:c8:39:7e:4a:ec:
99:83:ab:b2:07:2e:6a:56:39:21:79:16:17:6c:d1:
4d:16:94:1e:88:88:8e:eb:50:97:d3:65:1a:cd:0e:
b2:13:32:9b:d9:f9:1d:6b:71:5a:2f:ba:bb:70:f7:
61:5a:33:ac:ff:b5:92:3f:15:d3:b2:a3:ed:f8:44:
30:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:EB:B8:45:45:E5:8E:6D:68:60:AA:6B:52:D5:AC:5E:0E:A5:91:9B
X509v3 Authority Key Identifier:
keyid:D0:A1:6B:F7:E0:E3:B9:33:0B:54:48:3E:19:F6:13:B0:2B:62:7B:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KFr9-DjuTMLVEg-GfYTsCtie-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/a-u4RUXljm1oYKprUtWsXg6lkZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ceaffb-ac25-491d-b3cc-4ef03c1081f8/1/0KFr9-DjuTMLVEg-GfYTsCtie-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.112.0/20
IPv6:
2001:67c:11c::/48
Signature Algorithm: sha256WithRSAEncryption
a3:35:cd:c8:a5:a1:e3:b9:18:8d:c9:9f:60:d0:13:d9:2e:e9:
49:03:89:05:7d:27:59:7a:5c:be:7e:eb:5a:2e:d2:1e:94:8d:
50:e6:03:da:11:96:ee:ec:12:d4:08:51:a3:22:1a:f0:38:f7:
c7:a4:a7:cc:da:e4:9c:cd:11:4d:45:ec:e7:89:09:84:ec:00:
a1:f4:5f:b7:bb:b9:ba:3b:b3:e4:84:b4:1e:80:ef:88:62:1c:
c9:6f:ef:ad:78:cc:24:29:05:aa:31:2a:f0:26:83:0e:ca:64:
cf:14:41:94:59:88:bf:be:08:a7:f9:96:45:c9:e7:94:48:19:
19:c7:4f:4b:48:53:2f:bb:7c:a8:5d:e8:13:ec:cc:ad:7c:9b:
5f:a4:a0:7e:72:99:16:8d:a1:59:9b:88:38:7c:ab:65:44:9c:
d5:7b:ec:90:d1:13:35:a4:b1:e2:c4:bd:44:ec:d7:58:26:aa:
5a:c3:3e:6f:91:a2:fc:4b:e5:53:d9:30:54:97:5f:74:5f:7b:
8a:69:4c:99:94:52:df:f8:64:0f:a2:78:0a:27:c6:a7:01:d4:
da:28:9c:ec:22:d5:80:8c:59:50:ac:fc:df:10:17:fe:9c:4d:
8b:f8:ae:e2:41:b5:86:da:9c:72:a0:b2:1d:ef:28:1c:9f:cb:
4b:72:5d:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv8EkE0Hp0QyoTXqdBQJlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTE2YmY3ZTBlM2I5MzMwYjU0NDgzZTE5ZjYxM2IwMmI2
MjdiZWYwHhcNMjMwMTAyMDA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmViYjg0NTQ1ZTU4ZTZkNjg2MGFhNmI1MmQ1YWM1ZTBlYTU5MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR4QQUVIG54UCOuyKHWTQHZ3fdby
qJTTlUZWRPw3ZeWK+799YUFlHENu0/GP/MSPjBGAF5dqOcsduvoyvgN3lCP9PBaU
33NB56UnkX53zOwo+ZAS+ikX73NQIw6WZBQNQgGUEIZJCo0QWp7qUCUYOrXnbSop
zJFDw4gPSQfLc7t2kPykWLNetARHddj1fABGyBOzljJvzgCN+PdeIBt7FuP6VlW4
g6xDm8cH1V6F5uS+97neZOHxweIUyqbtyDl+SuyZg6uyBy5qVjkheRYXbNFNFpQe
iIiO61CX02UazQ6yEzKb2fkda3FaL7q7cPdhWjOs/7WSPxXTsqPt+EQwIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGvruEVF5Y5taGCqa1LVrF4OpZGbMB8GA1UdIwQY
MBaAFNCha/fg47kzC1RIPhn2E7ArYnvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtGcjktRGp1VE1MVkVnLUdmWVRzQ3RpZS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jZWFmZmItYWMyNS00OTFkLWIzY2Mt
NGVmMDNjMTA4MWY4LzEvYS11NFJVWGxqbTFvWUtwclV0V3NYZzZsa1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jZWFmZmItYWMyNS00OTFkLWIzY2MtNGVmMDNjMTA4MWY4
LzEvMEtGcjktRGp1VE1MVkVnLUdmWVRzQ3RpZS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEbcRwMA8E
AgACMAkDBwAgAQZ8ARwwDQYJKoZIhvcNAQELBQADggEBAKM1zciloeO5GI3Jn2DQ
E9ku6UkDiQV9J1l6XL5+61ou0h6UjVDmA9oRlu7sEtQIUaMiGvA498ekp8za5JzN
EU1F7OeJCYTsAKH0X7e7ubo7s+SEtB6A74hiHMlv7614zCQpBaoxKvAmgw7KZM8U
QZRZiL++CKf5lkXJ55RIGRnHT0tIUy+7fKhd6BPszK18m1+koH5ymRaNoVmbiDh8
q2VEnNV77JDREzWkseLEvUTs11gmqlrDPm+RovxL5VPZMFSXX3Rfe4ppTJmUUt/4
ZA+ieAonxqcB1NoonOwi1YCMWVCs/N8QF/6cTYv4ruJBtYbanHKgsh3vKByfy0ty
XQk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:17 2025 by rpki-client