Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/aNp7Bho4qnbDYg6Ia40QIPEUqd4.roa
File: aNp7Bho4qnbDYg6Ia40QIPEUqd4.roa (raw, json)
Hash identifier: qXmfL4glaTN2deeymV+z7R8IsMh7QPvso0yMQsmaKW0=
Subject key identifier: 68:DA:7B:06:1A:38:AA:76:C3:62:0E:88:6B:8D:10:20:F1:14:A9:DE
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 0183CC1914A5A882D1DD1D7AF7CD78260EE3
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/aNp7Bho4qnbDYg6Ia40QIPEUqd4.roa
Signing time: Wed 12 Oct 2022 12:08:59 +0000
ROA not before: Wed 12 Oct 2022 12:08:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205199
IP address blocks: 194.35.182.0/24 maxlen: 24
194.35.95.0/24 maxlen: 24
194.35.92.0/24 maxlen: 24
193.43.14.0/24 maxlen: 24
193.43.28.0/24 maxlen: 24
193.43.37.0/24 maxlen: 24
45.136.156.0/22 maxlen: 22
185.157.168.0/22 maxlen: 22
45.150.160.0/22 maxlen: 22
193.42.219.0/24 maxlen: 24
194.35.78.0/24 maxlen: 24
45.138.140.0/22 maxlen: 22
45.144.116.0/22 maxlen: 22
194.147.242.0/23 maxlen: 23
45.134.120.0/22 maxlen: 22
194.147.250.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:19:14:a5:a8:82:d1:dd:1d:7a:f7:cd:78:26:0e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Oct 12 12:08:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68da7b061a38aa76c3620e886b8d1020f114a9de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:47:ad:38:38:ac:b0:51:8b:55:80:53:b0:cd:
55:f8:d1:d1:a1:e9:bd:db:bf:9a:c4:de:61:ea:94:
24:08:8c:dd:5b:6e:70:7e:55:d1:ca:f8:32:36:aa:
b8:84:47:3f:4a:1c:1c:38:95:2c:6b:5e:d7:fa:46:
30:5a:4c:72:18:1d:31:88:27:61:2c:b7:e6:27:cf:
57:e0:0d:75:ee:ab:20:c4:17:95:3d:b4:8a:e5:27:
f5:41:1f:ae:fb:23:d6:3c:47:bb:fa:f7:fe:f0:ab:
88:97:b9:87:de:18:b7:27:9e:3a:ac:4f:60:83:09:
0c:61:06:36:37:b6:fb:ad:7d:24:64:e5:fd:bf:10:
f7:e5:2e:c9:98:40:e2:2d:19:a3:08:2e:1d:f9:38:
24:d0:17:eb:fc:12:3c:da:96:6f:74:37:9c:d6:89:
d5:30:dc:36:f4:be:63:89:2a:4c:44:0f:a3:ad:40:
43:08:7e:48:95:3a:db:4b:c1:72:df:0b:d5:da:ce:
d2:4e:82:92:80:b7:be:2e:c5:10:aa:ba:26:35:54:
50:da:21:31:9b:4b:83:de:e0:17:f8:d9:f0:92:da:
3d:4a:5b:38:25:7a:2f:68:2b:25:62:5a:b5:ac:12:
2b:35:dd:8d:45:e4:4a:aa:e8:ec:9b:66:81:91:8c:
a8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DA:7B:06:1A:38:AA:76:C3:62:0E:88:6B:8D:10:20:F1:14:A9:DE
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/aNp7Bho4qnbDYg6Ia40QIPEUqd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.120.0/22
45.136.156.0/22
45.138.140.0/22
45.144.116.0/22
45.150.160.0/22
185.157.168.0/22
193.42.219.0/24
193.43.14.0/24
193.43.28.0/24
193.43.37.0/24
194.35.78.0/24
194.35.92.0/24
194.35.95.0/24
194.35.182.0/24
194.147.242.0/23
194.147.250.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:95:87:aa:04:4a:6a:99:97:14:69:b7:2e:e4:93:c8:bc:8e:
3a:d7:c5:e9:07:a4:86:b4:5f:7a:07:2d:46:23:89:d8:7c:98:
27:50:bb:31:ce:93:4c:f0:ad:ea:93:c0:77:92:36:2d:e9:9e:
b1:c4:bd:65:74:9b:c0:df:b6:f9:39:57:5b:7e:3a:ff:9a:97:
dd:94:7c:9e:38:6d:42:b3:ce:79:d6:8e:87:90:fb:14:18:2e:
b5:e1:b6:d9:52:46:8f:27:11:9d:77:55:4e:6c:99:16:10:7e:
75:9b:97:b5:d1:d2:86:e5:69:50:af:0f:be:8b:5f:1b:1c:3d:
a9:b4:6f:81:81:6c:c0:ee:6d:04:7e:d7:b7:ae:ec:13:c5:12:
20:3b:1d:b3:4c:34:7c:65:33:c5:bc:d3:7c:3a:78:f0:ab:c4:
a2:73:1a:78:29:55:4f:71:cb:12:cb:15:f8:61:08:ee:c1:e8:
8b:7a:fc:ae:26:d5:f1:ed:fd:3b:1a:b7:2f:61:c2:47:4d:e8:
cf:21:9b:ba:48:f1:4c:1f:bf:08:45:a5:43:66:22:a4:d8:61:
2e:b1:9c:af:a3:61:67:e8:8d:d7:25:ca:8d:7d:42:ba:9c:a4:
eb:dd:bd:33:63:07:d1:c3:04:79:0d:d5:f3:46:97:44:7d:63:
ac:5c:2e:5b
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYPMGRSlqILR3R169814Jg7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjIxMDEyMTIwODU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRhN2IwNjFhMzhhYTc2YzM2MjBlODg2YjhkMTAyMGYxMTRhOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEetODissFGLVYBTsM1V+NHRoem9
27+axN5h6pQkCIzdW25wflXRyvgyNqq4hEc/ShwcOJUsa17X+kYwWkxyGB0xiCdh
LLfmJ89X4A117qsgxBeVPbSK5Sf1QR+u+yPWPEe7+vf+8KuIl7mH3hi3J546rE9g
gwkMYQY2N7b7rX0kZOX9vxD35S7JmEDiLRmjCC4d+Tgk0Bfr/BI82pZvdDec1onV
MNw29L5jiSpMRA+jrUBDCH5IlTrbS8Fy3wvV2s7SToKSgLe+LsUQqromNVRQ2iEx
m0uD3uAX+Nnwkto9Sls4JXovaCslYlq1rBIrNd2NReRKqujsm2aBkYyoQwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGjaewYaOKp2w2IOiGuNECDxFKneMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvYU5wN0JobzRxbmJEWWc2SWE0MFFJUEVVcWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCLYZ4AwQC
LYicAwQCLYqMAwQCLZB0AwQCLZagAwQCuZ2oAwQAwSrbAwQAwSsOAwQAwSscAwQA
wSslAwQAwiNOAwQAwiNcAwQAwiNfAwQAwiO2AwQBwpPyAwQBwpP6MA0GCSqGSIb3
DQEBCwUAA4IBAQAulYeqBEpqmZcUabcu5JPIvI4618XpB6SGtF96By1GI4nYfJgn
ULsxzpNM8K3qk8B3kjYt6Z6xxL1ldJvA37b5OVdbfjr/mpfdlHyeOG1Cs8551o6H
kPsUGC614bbZUkaPJxGdd1VObJkWEH51m5e10dKG5WlQrw++i18bHD2ptG+BgWzA
7m0Efte3ruwTxRIgOx2zTDR8ZTPFvNN8Onjwq8Sicxp4KVVPccsSyxX4YQjuweiL
evyuJtXx7f07GrcvYcJHTejPIZu6SPFMH78IRaVDZiKk2GEusZyvo2Fn6I3XJcqN
fUK6nKTr3b0zYwfRwwR5DdXzRpdEfWOsXC5b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org