Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Nufo6lC8U7-cHZEnYjHwFFkTVMQ.roa
File: Nufo6lC8U7-cHZEnYjHwFFkTVMQ.roa (raw, json)
Hash identifier: DZbKCgfSbbqjDzi+UrFf8hcCcJkX4IfR3uWXOYVf2EA=
Subject key identifier: 36:E7:E8:EA:50:BC:53:BF:9C:1D:91:27:62:31:F0:14:59:13:54:C4
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 0184850C90B734ECA3E7A916AD61FF3A2EEF
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Nufo6lC8U7-cHZEnYjHwFFkTVMQ.roa
Signing time: Thu 17 Nov 2022 10:05:03 +0000
ROA not before: Thu 17 Nov 2022 10:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 84.40.89.0/24 maxlen: 24
185.60.66.0/24 maxlen: 24
185.60.67.0/24 maxlen: 24
95.43.250.0/24 maxlen: 24
2a02:1338::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:0c:90:b7:34:ec:a3:e7:a9:16:ad:61:ff:3a:2e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Nov 17 10:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36e7e8ea50bc53bf9c1d91276231f014591354c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2a:a7:83:ae:bb:ef:fc:03:bf:f7:7b:93:48:
e5:d2:c1:bd:84:57:82:28:3f:cc:cf:b6:ac:71:7f:
93:45:7c:fd:c4:c6:40:f0:4e:33:3b:50:14:f9:e8:
58:f1:14:ae:f4:35:a7:0a:c8:6e:77:58:b4:23:6d:
3c:6c:19:fe:05:5b:5c:2f:bb:a1:d4:cf:65:9e:ee:
63:16:35:9b:7a:9a:c0:f3:7c:44:6e:7a:ec:0f:04:
b2:46:da:2f:b5:cd:ee:6e:17:f5:35:b7:8a:1b:2b:
f2:77:d0:47:5c:7f:7c:b0:97:71:25:6c:8f:f3:6d:
6a:82:ef:ab:80:56:bd:10:29:2a:f5:dc:92:ab:9d:
f4:ea:17:a5:24:fb:a9:cc:61:12:a1:b4:19:4e:94:
7c:4c:22:f0:93:55:a4:b8:b1:f5:e7:59:a1:10:64:
b9:a7:2a:90:79:e0:5e:c0:41:b2:1d:e1:01:c2:66:
56:fa:02:36:3f:7d:63:4f:d6:67:5e:88:59:0c:99:
8a:31:35:79:65:d0:71:16:9b:cc:50:39:2a:6d:d7:
fa:c6:f7:e3:fb:de:bc:9a:5e:ce:88:d5:42:d8:fc:
64:5f:9a:02:e3:5d:19:ba:44:a4:33:22:4f:76:5d:
b2:4c:73:98:80:aa:61:cb:bc:d2:a1:50:77:79:fb:
20:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E7:E8:EA:50:BC:53:BF:9C:1D:91:27:62:31:F0:14:59:13:54:C4
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Nufo6lC8U7-cHZEnYjHwFFkTVMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.89.0/24
95.43.250.0/24
185.60.66.0/23
IPv6:
2a02:1338::/32
Signature Algorithm: sha256WithRSAEncryption
0c:fa:d1:da:25:86:8d:28:30:97:e3:f7:f2:9e:67:4e:df:6b:
19:96:78:7c:49:ea:39:6e:05:55:09:f4:d5:e8:83:fe:51:f0:
57:a9:6d:89:7e:4b:4c:5e:a0:20:14:cc:87:92:84:fd:e1:30:
3c:99:ed:29:25:c9:89:a9:61:5c:e2:c3:2f:a2:64:bb:ca:e1:
f5:49:f7:d2:81:b7:d7:e3:da:f2:6d:cc:c3:b8:50:2a:84:eb:
8a:54:50:56:7b:e7:1b:f4:bc:ee:93:e6:c9:e5:07:10:3f:b4:
d6:a3:7f:bb:b6:6b:06:30:80:90:4e:b2:6e:47:a6:9f:6b:ca:
f2:8c:8e:d0:a6:55:39:71:f7:25:8b:72:20:1f:22:a5:f9:31:
0a:69:f7:fb:8a:0a:fb:cf:79:9e:fd:bd:8e:d2:fa:9a:e8:7a:
19:fe:4c:14:2c:48:2f:39:bb:3c:39:ea:99:c3:13:f8:ac:cf:
6f:45:7a:38:6e:ab:18:1c:45:9a:90:65:a2:4d:2c:2d:09:45:
53:a2:81:12:d5:86:79:fb:f1:c7:fc:55:30:f5:6f:4a:ed:b1:
16:e3:3f:e3:17:1a:50:11:1c:5a:44:b4:c1:58:65:de:f7:4a:
49:af:87:ea:38:9d:1b:1e:2c:c8:b1:db:23:4a:fb:9b:af:8e:
d8:5a:55:13
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSFDJC3NOyj56kWrWH/Oi7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjIxMTE3MTAwNTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU3ZThlYTUwYmM1M2JmOWMxZDkxMjc2MjMxZjAxNDU5MTM1NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSqng6677/wDv/d7k0jl0sG9hFeC
KD/Mz7ascX+TRXz9xMZA8E4zO1AU+ehY8RSu9DWnCshud1i0I208bBn+BVtcL7uh
1M9lnu5jFjWbeprA83xEbnrsDwSyRtovtc3ubhf1NbeKGyvyd9BHXH98sJdxJWyP
821qgu+rgFa9ECkq9dySq5306helJPupzGESobQZTpR8TCLwk1WkuLH151mhEGS5
pyqQeeBewEGyHeEBwmZW+gI2P31jT9ZnXohZDJmKMTV5ZdBxFpvMUDkqbdf6xvfj
+968ml7OiNVC2PxkX5oC410ZukSkMyJPdl2yTHOYgKphy7zSoVB3efsgAwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDbn6OpQvFO/nB2RJ2Ix8BRZE1TEMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvTnVmbzZsQzhVNy1jSFpFbllqSHdGRmtUVk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAVChZAwQA
Xyv6AwQBuTxCMA0EAgACMAcDBQAqAhM4MA0GCSqGSIb3DQEBCwUAA4IBAQAM+tHa
JYaNKDCX4/fynmdO32sZlnh8Seo5bgVVCfTV6IP+UfBXqW2JfktMXqAgFMyHkoT9
4TA8me0pJcmJqWFc4sMvomS7yuH1SffSgbfX49rybczDuFAqhOuKVFBWe+cb9Lzu
k+bJ5QcQP7TWo3+7tmsGMICQTrJuR6afa8ryjI7QplU5cfcli3IgHyKl+TEKaff7
igr7z3me/b2O0vqa6HoZ/kwULEgvObs8OeqZwxP4rM9vRXo4bqsYHEWakGWiTSwt
CUVTooES1YZ5+/HH/FUw9W9K7bEW4z/jFxpQERxaRLTBWGXe90pJr4fqOJ0bHizI
sdsjSvubr47YWlUT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org