Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/nPZhTlNs82wTKT6dEvC4wmPtYpk.roa
File: nPZhTlNs82wTKT6dEvC4wmPtYpk.roa (raw, json)
Hash identifier: viNaEu/stY8sSfmXJXQFgna0Vars5VRQ0ipAHVpKsAo=
Subject key identifier: 9C:F6:61:4E:53:6C:F3:6C:13:29:3E:9D:12:F0:B8:C2:63:ED:62:99
Certificate issuer: /CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
Certificate serial: 077DCD69
Authority key identifier: 15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/nPZhTlNs82wTKT6dEvC4wmPtYpk.roa
Signing time: Sat 01 Jan 2022 11:53:59 +0000
ROA not before: Sat 01 Jan 2022 11:53:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13101
IP address blocks: 45.145.236.0/22 maxlen: 22
185.234.200.0/22 maxlen: 22
192.166.40.0/22 maxlen: 22
46.22.152.0/21 maxlen: 21
109.94.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125685097 (0x77dcd69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f889fed0085fc21b08fcbbb252c3106df99aa8
Validity
Not Before: Jan 1 11:53:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cf6614e536cf36c13293e9d12f0b8c263ed6299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:64:4c:e1:a8:af:06:0e:1e:6e:2c:03:69:e0:
a0:34:95:46:fe:87:6f:07:a1:44:ac:e6:c0:38:3f:
49:2a:69:8a:fe:6c:3b:bd:27:0d:1c:df:ab:16:8d:
3f:7b:6a:fb:53:f8:81:eb:93:14:f1:f3:62:5a:af:
20:3a:b8:43:7d:b4:c7:5b:9d:d6:4c:cb:b1:b2:f9:
06:e7:0a:f0:c7:10:4e:ed:37:26:30:d3:93:2c:c8:
34:5e:cc:d5:ae:6c:44:8e:1f:1a:e6:d7:d9:94:03:
7d:c3:c5:20:09:13:57:6e:19:b8:60:0f:e0:cd:a5:
3d:60:3a:59:03:7e:c3:e4:ad:f1:2a:1e:05:f5:9f:
c7:50:36:82:3d:44:19:0f:05:b0:44:84:52:9d:44:
df:6f:00:52:8a:3d:8e:28:b9:b7:25:7f:ba:64:51:
b5:73:83:21:d6:1e:86:eb:4b:20:23:26:03:19:e6:
c3:5a:30:f7:ae:96:ec:e9:6b:cb:cf:e1:8a:0f:00:
33:16:fb:53:51:fe:04:5c:53:a8:77:e9:e8:11:52:
ec:99:48:14:14:02:e8:8a:a7:fd:11:74:ac:e6:7b:
c7:61:33:fa:60:92:cd:d3:99:d8:ac:f6:ad:bf:90:
da:b3:9b:b4:b5:2d:24:bc:eb:51:70:d9:a4:1a:48:
4f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F6:61:4E:53:6C:F3:6C:13:29:3E:9D:12:F0:B8:C2:63:ED:62:99
X509v3 Authority Key Identifier:
keyid:15:F8:89:FE:D0:08:5F:C2:1B:08:FC:BB:B2:52:C3:10:6D:F9:9A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfiJ_tAIX8IbCPy7slLDEG35mqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/nPZhTlNs82wTKT6dEvC4wmPtYpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/f952fb-9318-49b6-b946-1e3a195478e0/1/FfiJ_tAIX8IbCPy7slLDEG35mqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.236.0/22
46.22.152.0/21
109.94.212.0/22
185.234.200.0/22
192.166.40.0/22
Signature Algorithm: sha256WithRSAEncryption
29:02:60:ca:06:d2:60:39:cb:de:da:60:29:c8:fb:51:aa:0d:
2f:f2:1c:54:cd:ed:1e:48:cb:3e:b1:4b:ef:c6:7d:97:12:1e:
ae:7e:c9:b6:28:69:70:ec:08:4d:af:bd:fe:bd:e4:47:bf:8a:
e7:a2:cd:f0:3d:2f:b4:e9:af:f0:3d:eb:b6:a3:b8:bf:ca:30:
21:4b:c8:bd:f1:11:49:14:0e:85:0e:8e:ca:97:43:5e:05:a2:
6f:92:c5:ca:5f:8b:7c:e6:bc:4a:59:3c:d2:bc:aa:2a:a6:36:
44:ed:17:ce:e8:c2:1f:d7:e4:d9:8a:fe:0a:c1:80:02:ec:a0:
b0:e7:93:47:12:cd:6f:5d:a6:dd:d6:9d:ad:f0:d7:2f:73:b2:
4e:27:16:1d:08:d5:b1:e4:f8:a3:de:40:9e:5c:32:97:78:0b:
67:5a:5f:4c:e6:9c:13:e4:9c:31:c4:87:90:91:be:80:da:0f:
6c:14:0f:79:72:5f:0c:26:e7:f0:9d:c4:59:4e:78:82:65:6c:
e7:34:51:6a:2f:ef:01:9c:a7:22:6d:38:37:54:32:de:d3:fd:
f2:b5:b2:5e:bf:7e:97:fb:83:65:3c:82:c9:dd:4a:80:b5:db:
83:6a:7b:be:56:62:ce:45:7c:e0:bc:c6:0e:79:de:d9:08:51:
fa:eb:c7:79
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEB33NaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWY4ODlmZWQwMDg1ZmMyMWIwOGZjYmJiMjUyYzMxMDZkZjk5YWE4MB4XDTIyMDEw
MTExNTM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNmNjYxNGU1MzZj
ZjM2YzEzMjkzZTlkMTJmMGI4YzI2M2VkNjI5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9kTOGorwYOHm4sA2ngoDSVRv6HbwehRKzmwDg/SSppiv5s
O70nDRzfqxaNP3tq+1P4geuTFPHzYlqvIDq4Q320x1ud1kzLsbL5BucK8McQTu03
JjDTkyzINF7M1a5sRI4fGubX2ZQDfcPFIAkTV24ZuGAP4M2lPWA6WQN+w+St8Soe
BfWfx1A2gj1EGQ8FsESEUp1E328AUoo9jii5tyV/umRRtXODIdYehutLICMmAxnm
w1ow966W7Olry8/hig8AMxb7U1H+BFxTqHfp6BFS7JlIFBQC6Iqn/RF0rOZ7x2Ez
+mCSzdOZ2Kz2rb+Q2rObtLUtJLzrUXDZpBpITz0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSc9mFOU2zzbBMpPp0S8LjCY+1imTAfBgNVHSMEGDAWgBQV+In+0AhfwhsI
/LuyUsMQbfmaqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZmaUpfdEFJWDhJYkNQeTdzbExERUczNW1xZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvZjk1MmZiLTkzMTgtNDliNi1iOTQ2LTFlM2ExOTU0NzhlMC8x
L25QWmhUbE5zODJ3VEtUNmRFdkM0d21QdFlway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
Zjk1MmZiLTkzMTgtNDliNi1iOTQ2LTFlM2ExOTU0NzhlMC8xL0ZmaUpfdEFJWDhJ
YkNQeTdzbExERUczNW1xZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi2R7AMEAy4WmAMEAm1e1AMEArnq
yAMEAsCmKDANBgkqhkiG9w0BAQsFAAOCAQEAKQJgygbSYDnL3tpgKcj7UaoNL/Ic
VM3tHkjLPrFL78Z9lxIern7JtihpcOwITa+9/r3kR7+K56LN8D0vtOmv8D3rtqO4
v8owIUvIvfERSRQOhQ6OypdDXgWib5LFyl+LfOa8Slk80ryqKqY2RO0XzujCH9fk
2Yr+CsGAAuygsOeTRxLNb12m3dadrfDXL3OyTicWHQjVseT4o95Anlwyl3gLZ1pf
TOacE+ScMcSHkJG+gNoPbBQPeXJfDCbn8J3EWU54gmVs5zRRai/vAZynIm04N1Qy
3tP98rWyXr9+l/uDZTyCyd1KgLXbg2p7vlZizkV84LzGDnne2QhR+uvHeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:22 2024 by rpki-client on console-fra.rpki-client.org