Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/nqkUj1HAmyR3Vl51AmDAP16kIIU.roa
File: nqkUj1HAmyR3Vl51AmDAP16kIIU.roa (raw, json)
Hash identifier: DDvwZWrX21sJSwdmXVO6yCZ0DBRhnyoA6URaK2DSgNY=
Subject key identifier: 9E:A9:14:8F:51:C0:9B:24:77:56:5E:75:02:60:C0:3F:5E:A4:20:85
Certificate issuer: /CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Certificate serial: 018389FF396168FD8DC05617F68A9E7E45B6
Authority key identifier: 39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/nqkUj1HAmyR3Vl51AmDAP16kIIU.roa
Signing time: Thu 29 Sep 2022 16:05:48 +0000
ROA not before: Thu 29 Sep 2022 16:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15626
IP address blocks: 217.12.219.0/24 maxlen: 24
217.12.216.0/23 maxlen: 23
217.12.220.0/22 maxlen: 22
217.12.223.0/24 maxlen: 24
217.12.221.0/24 maxlen: 24
217.12.192.0/21 maxlen: 21
217.12.199.0/24 maxlen: 24
217.12.204.0/23 maxlen: 23
82.118.16.0/22 maxlen: 22
82.118.17.0/24 maxlen: 24
217.12.212.0/22 maxlen: 22
5.34.182.0/23 maxlen: 24
217.12.210.0/24 maxlen: 24
217.12.210.0/23 maxlen: 23
46.28.64.0/21 maxlen: 24
2a02:27a8::/32 maxlen: 32
2a02:27a8:0:a::/64 maxlen: 64
2a02:27ad::/32 maxlen: 32
2a02:27a8:0:2::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:ff:39:61:68:fd:8d:c0:56:17:f6:8a:9e:7e:45:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Validity
Not Before: Sep 29 16:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ea9148f51c09b2477565e750260c03f5ea42085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e9:6e:28:ee:07:ab:30:2c:d2:99:fd:e0:2b:
5a:cd:2b:bd:7c:45:ca:33:a5:85:9c:0b:6b:d6:68:
c3:7e:bf:52:67:9d:b3:ce:be:09:50:54:fb:e5:ac:
56:9d:51:38:a8:dc:07:56:82:85:f1:7f:3c:a9:92:
f4:83:e7:f3:60:50:83:93:74:6b:8a:b3:74:29:38:
d6:69:1f:56:b5:7f:9c:9c:1e:d7:82:30:88:ec:ae:
03:c5:17:33:49:47:51:ad:4d:87:f0:a1:b5:33:50:
59:12:21:bb:73:93:6e:f9:74:be:6b:9d:6d:2d:8b:
71:03:61:94:e7:65:be:4a:e9:77:46:f7:35:ab:69:
d5:d8:32:eb:e6:e1:b1:66:93:3f:40:33:e8:aa:73:
3a:73:6a:c5:0f:e5:fc:e9:cc:2c:49:26:02:ba:14:
8c:f1:aa:77:56:e8:32:af:d8:92:01:48:0f:37:7a:
38:61:46:c9:80:73:c2:0c:e9:2d:dd:51:af:4c:f5:
2c:eb:10:4f:36:22:fd:37:d5:a0:aa:ae:bf:85:16:
05:41:f4:77:38:75:5f:d9:b0:60:df:f6:7e:09:c6:
35:ed:c9:59:4b:b6:ea:08:be:14:e9:27:01:fb:b0:
13:27:29:2c:a7:82:3f:2a:a4:25:59:71:f9:d7:e9:
7f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A9:14:8F:51:C0:9B:24:77:56:5E:75:02:60:C0:3F:5E:A4:20:85
X509v3 Authority Key Identifier:
keyid:39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/nqkUj1HAmyR3Vl51AmDAP16kIIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/OVAwNhWspuX29bVpHHwsjcpfI00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.182.0/23
46.28.64.0/21
82.118.16.0/22
217.12.192.0/21
217.12.204.0/23
217.12.210.0-217.12.217.255
217.12.219.0-217.12.223.255
IPv6:
2a02:27a8::/32
2a02:27ad::/32
Signature Algorithm: sha256WithRSAEncryption
54:b1:ee:4b:6c:bf:7a:4b:fb:03:b7:79:72:f1:9c:b7:8f:62:
41:1f:22:ef:3d:77:1f:b4:49:b9:f3:5a:cc:27:4a:e6:45:bd:
7e:d1:a4:03:49:5d:4f:6f:52:5b:b3:e4:89:c9:2a:e8:ee:3d:
94:e3:e7:af:2f:29:64:88:fc:ec:29:4f:de:f5:ae:cf:26:26:
7a:91:2b:bc:f8:30:23:96:cb:e2:4b:75:28:5f:04:0d:09:0c:
f7:3a:58:67:00:26:b2:c3:1f:65:db:fd:76:88:2f:ad:15:74:
b5:4a:af:a6:08:19:87:c4:0a:0a:90:20:52:16:02:03:69:e8:
a9:fc:de:6e:8f:90:b0:41:ba:76:3b:9e:3b:b3:21:f1:40:2b:
67:73:c5:00:28:c3:bf:6d:3d:8d:38:b9:23:94:de:c8:12:d0:
c3:ac:68:9e:45:0a:06:37:ae:29:df:cc:3b:52:98:fb:84:27:
d2:09:29:6b:92:d0:fb:2e:77:a2:12:6b:a6:7a:90:dd:9c:81:
56:44:2f:6b:9e:cb:da:b9:5a:81:f6:91:be:bf:9a:e9:5b:b6:
cf:9e:70:66:d3:71:c9:56:5e:4f:1e:70:6e:dc:22:6c:59:d4:
e8:54:18:4c:5e:4d:16:21:d1:ae:e8:79:5e:87:16:d7:1e:92:
00:85:14:1c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYOJ/zlhaP2NwFYX9oqefkW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NTAzMDM2MTVhY2E2ZTVmNmY1YjU2OTFjN2MyYzhkY2E1
ZjIzNGQwHhcNMjIwOTI5MTYwNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE5MTQ4ZjUxYzA5YjI0Nzc1NjVlNzUwMjYwYzAzZjVlYTQyMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeluKO4HqzAs0pn94CtazSu9fEXK
M6WFnAtr1mjDfr9SZ52zzr4JUFT75axWnVE4qNwHVoKF8X88qZL0g+fzYFCDk3Rr
irN0KTjWaR9WtX+cnB7XgjCI7K4DxRczSUdRrU2H8KG1M1BZEiG7c5Nu+XS+a51t
LYtxA2GU52W+Sul3Rvc1q2nV2DLr5uGxZpM/QDPoqnM6c2rFD+X86cwsSSYCuhSM
8ap3Vugyr9iSAUgPN3o4YUbJgHPCDOkt3VGvTPUs6xBPNiL9N9Wgqq6/hRYFQfR3
OHVf2bBg3/Z+CcY17clZS7bqCL4U6ScB+7ATJyksp4I/KqQlWXH51+l/AwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJ6pFI9RwJskd1ZedQJgwD9epCCFMB8GA1UdIwQY
MBaAFDlQMDYVrKbl9vW1aRx8LI3KXyNNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMt
NmM4ZmQwYmM1YjAwLzEvbnFrVWoxSEFteVIzVmw1MUFtREFQMTZrSUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMtNmM4ZmQwYmM1YjAw
LzEvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBABAIAATA6AwQBBSK2AwQD
LhxAAwQCUnYQAwQD2QzAAwQB2QzMMAwDBAHZDNIDBAHZDNgwDAMEANkM2wMEBdkM
wDAUBAIAAjAOAwUAKgInqAMFACoCJ60wDQYJKoZIhvcNAQELBQADggEBAFSx7kts
v3pL+wO3eXLxnLePYkEfIu89dx+0SbnzWswnSuZFvX7RpANJXU9vUluz5InJKuju
PZTj568vKWSI/OwpT971rs8mJnqRK7z4MCOWy+JLdShfBA0JDPc6WGcAJrLDH2Xb
/XaIL60VdLVKr6YIGYfECgqQIFIWAgNp6Kn83m6PkLBBunY7njuzIfFAK2dzxQAo
w79tPY04uSOU3sgS0MOsaJ5FCgY3rinfzDtSmPuEJ9IJKWuS0Psud6ISa6Z6kN2c
gVZEL2uey9q5WoH2kb6/mulbts+ecGbTcclWXk8ecG7cImxZ1OhUGExeTRYh0a7o
eV6HFtcekgCFFBw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:46 2024 by rpki-client on console-ams.rpki-client.org