Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/Nfl8cUn3srRZlL9d_S7hECsBi14.roa
File: Nfl8cUn3srRZlL9d_S7hECsBi14.roa (raw, json)
Hash identifier: j3FhewqWtnQpKUsqqlcdlHPMZjLAe1gZv52a71B2AjA=
Subject key identifier: 35:F9:7C:71:49:F7:B2:B4:59:94:BF:5D:FD:2E:E1:10:2B:01:8B:5E
Certificate issuer: /CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Certificate serial: 0184F11B2D047E6F1E9B13B81B44A84E1CE9
Authority key identifier: 94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/Nfl8cUn3srRZlL9d_S7hECsBi14.roa
Signing time: Thu 08 Dec 2022 09:40:00 +0000
ROA not before: Thu 08 Dec 2022 09:40:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61098
IP address blocks: 194.182.188.0/22 maxlen: 24
91.92.116.0/23 maxlen: 24
91.92.118.0/23 maxlen: 24
159.100.245.0/24 maxlen: 24
159.100.246.0/23 maxlen: 24
91.92.142.0/23 maxlen: 24
159.100.248.0/21 maxlen: 24
91.92.140.0/23 maxlen: 24
91.92.154.0/23 maxlen: 24
91.92.224.0/23 maxlen: 24
91.92.227.0/24 maxlen: 24
85.217.172.0/23 maxlen: 24
185.150.8.0/22 maxlen: 24
91.92.202.0/23 maxlen: 24
194.182.164.0/22 maxlen: 24
194.182.172.0/22 maxlen: 24
194.182.168.0/22 maxlen: 24
89.145.164.0/23 maxlen: 24
194.182.176.0/22 maxlen: 24
89.145.160.0/22 maxlen: 24
194.182.184.0/22 maxlen: 24
194.182.180.0/22 maxlen: 24
85.217.174.0/23 maxlen: 24
85.217.186.0/23 maxlen: 24
85.217.184.0/23 maxlen: 24
2a04:c47::/32 maxlen: 48
2a07:6cc0:31::/48 maxlen: 48
2a04:c46::/32 maxlen: 48
2a04:c42:f11::/48 maxlen: 48
2a04:c45::/32 maxlen: 48
2a07:6cc0:50::/48 maxlen: 48
2a07:6cc0:30::/48 maxlen: 48
2a04:c47:f12::/48 maxlen: 48
2a04:c42::/32 maxlen: 48
2a07:6cc0:41::/48 maxlen: 48
2a07:6cc0:21::/48 maxlen: 48
2a07:6cc1::/32 maxlen: 48
2a04:c42:f12::/48 maxlen: 48
2a04:c41::/32 maxlen: 48
2a07:6cc0:60::/48 maxlen: 48
2a07:6cc0:40::/48 maxlen: 48
2a07:6cc0:20::/48 maxlen: 48
2a04:c44::/32 maxlen: 48
2a04:c47:f11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:1b:2d:04:7e:6f:1e:9b:13:b8:1b:44:a8:4e:1c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Validity
Not Before: Dec 8 09:40:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35f97c7149f7b2b45994bf5dfd2ee1102b018b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6b:09:41:2e:8d:ea:d0:92:16:93:ef:ac:7d:
39:c5:02:11:ed:d0:9a:b9:59:79:97:12:20:d8:ed:
ad:d7:b6:82:46:f1:aa:c0:a4:29:e8:64:1a:21:ec:
c0:15:05:fc:22:d4:b9:91:07:16:a0:a3:59:1f:af:
3f:e1:6a:8b:b3:b0:04:cb:c7:53:88:59:16:c4:6e:
14:f5:85:1c:91:b9:2e:aa:42:1d:2a:15:f0:93:84:
51:a4:01:c5:95:9b:e1:78:bc:fa:a9:84:f6:07:74:
76:5c:29:9d:95:99:76:f3:68:b5:2f:62:40:22:93:
30:fc:db:32:5c:06:03:02:96:35:c8:26:de:7f:64:
c3:65:33:75:84:6f:1e:e3:ef:57:8b:2f:a2:77:a1:
3c:0a:20:cb:4f:0f:65:70:d2:5f:9e:28:35:5d:71:
ff:57:04:20:07:bc:f3:d1:d3:c4:21:b7:4b:a2:b1:
c6:23:1c:33:13:cc:0b:09:95:60:0a:68:89:bb:bf:
ef:d0:a7:54:39:dd:32:f8:22:a6:60:97:46:f9:72:
d0:db:0b:99:e4:8b:f3:dd:5b:ad:4d:06:b5:3a:92:
fc:90:b1:c2:de:15:48:1b:72:b9:ac:00:d0:6f:07:
ea:2b:02:19:8e:8a:1d:7c:ea:cc:88:34:fa:d1:a0:
57:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F9:7C:71:49:F7:B2:B4:59:94:BF:5D:FD:2E:E1:10:2B:01:8B:5E
X509v3 Authority Key Identifier:
keyid:94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/Nfl8cUn3srRZlL9d_S7hECsBi14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.172.0/22
85.217.184.0/22
89.145.160.0-89.145.165.255
91.92.116.0/22
91.92.140.0/22
91.92.154.0/23
91.92.202.0/23
91.92.224.0/23
91.92.227.0/24
159.100.245.0-159.100.255.255
185.150.8.0/22
194.182.164.0-194.182.191.255
IPv6:
2a04:c41::-2a04:c42:ffff:ffff:ffff:ffff:ffff:ffff
2a04:c44::/30
2a07:6cc0:20::/47
2a07:6cc0:30::/47
2a07:6cc0:40::/47
2a07:6cc0:50::/48
2a07:6cc0:60::/48
2a07:6cc1::/32
Signature Algorithm: sha256WithRSAEncryption
55:51:c6:0e:1f:e4:54:d1:c0:39:70:b4:f6:80:10:50:5c:69:
36:4b:46:c4:db:f9:98:67:61:d2:9e:bd:94:c6:12:cd:bf:d5:
21:2f:33:58:ee:31:99:43:85:41:f9:45:10:f4:bf:f0:a9:51:
cd:43:92:9d:b2:bc:c2:d0:20:bb:25:23:77:6f:70:f1:78:12:
f2:97:8b:e8:a5:9a:37:80:16:bf:bd:11:6c:32:f5:05:86:4c:
8e:57:d7:99:a1:78:0d:f4:86:28:7a:81:fe:1c:af:02:9d:d0:
a0:e6:a3:6d:a7:7e:3f:3a:28:29:42:47:bc:51:a7:8e:a6:e9:
e6:ab:58:f9:3d:d5:e9:67:06:bf:c2:23:3f:42:b6:db:ab:19:
91:dc:c1:d0:ee:9d:f3:98:7a:58:97:f4:2d:62:31:ef:11:45:
65:27:ed:e3:21:05:85:84:6b:d6:f7:4b:4d:c7:dc:db:75:0a:
6e:75:0d:78:dd:9b:07:8a:c6:c6:b5:30:b5:13:8c:91:db:77:
f9:95:7d:67:09:7b:22:c4:45:f4:26:d3:87:fd:17:3f:7a:62:
8e:81:e7:df:3e:81:22:5b:da:45:e6:a4:73:69:37:eb:c4:c6:
88:cd:0c:4c:42:94:fd:2b:db:0f:5d:8c:1b:bd:3e:5e:c1:03:
83:3f:32:44
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYTxGy0Efm8emxO4G0SoThzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWI3M2RmN2U2ZmUxMTAwZjFkMTNhMDdjMThkNTlhZjIy
ODQyOGMwHhcNMjIxMjA4MDk0MDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY5N2M3MTQ5ZjdiMmI0NTk5NGJmNWRmZDJlZTExMDJiMDE4YjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GsJQS6N6tCSFpPvrH05xQIR7dCa
uVl5lxIg2O2t17aCRvGqwKQp6GQaIezAFQX8ItS5kQcWoKNZH68/4WqLs7AEy8dT
iFkWxG4U9YUckbkuqkIdKhXwk4RRpAHFlZvheLz6qYT2B3R2XCmdlZl282i1L2JA
IpMw/NsyXAYDApY1yCbef2TDZTN1hG8e4+9Xiy+id6E8CiDLTw9lcNJfnig1XXH/
VwQgB7zz0dPEIbdLorHGIxwzE8wLCZVgCmiJu7/v0KdUOd0y+CKmYJdG+XLQ2wuZ
5Ivz3VutTQa1OpL8kLHC3hVIG3K5rADQbwfqKwIZjoodfOrMiDT60aBXkwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFDX5fHFJ97K0WZS/Xf0u4RArAYteMB8GA1UdIwQY
MBaAFJRbc99+b+EQDx0ToHwY1ZryKEKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQt
NmU0NTI0MjVhMTkzLzEvTmZsOGNVbjNzclJabEw5ZF9TN2hFQ3NCaTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQtNmU0NTI0MjVhMTkz
LzEvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujBlBAIAATBfAwQCVdms
AwQCVdm4MAwDBAVZkaADBAFZkaQDBAJbXHQDBAJbXIwDBAFbXJoDBAFbXMoDBAFb
XOADBABbXOMwCwMEAJ9k9QMDAJ9kAwQCuZYIMAwDBALCtqQDBAbCtoAwUQQCAAIw
SzAOAwUAKgQMQQMFACoEDEIDBQIqBAxEAwcBKgdswAAgAwcBKgdswAAwAwcBKgds
wABAAwcAKgdswABQAwcAKgdswABgAwUAKgdswTANBgkqhkiG9w0BAQsFAAOCAQEA
VVHGDh/kVNHAOXC09oAQUFxpNktGxNv5mGdh0p69lMYSzb/VIS8zWO4xmUOFQflF
EPS/8KlRzUOSnbK8wtAguyUjd29w8XgS8peL6KWaN4AWv70RbDL1BYZMjlfXmaF4
DfSGKHqB/hyvAp3QoOajbad+PzooKUJHvFGnjqbp5qtY+T3V6WcGv8IjP0K226sZ
kdzB0O6d85h6WJf0LWIx7xFFZSft4yEFhYRr1vdLTcfc23UKbnUNeN2bB4rGxrUw
tROMkdt3+ZV9Zwl7IsRF9CbTh/0XP3pijoHn3z6BIlvaReakc2k368TGiM0MTEKU
/SvbD12MG70+XsEDgz8yRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:46 2024 by rpki-client on console-ams.rpki-client.org