Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/Nopldv2mjhBgM4Va1Nv_CVo4Ouo.roa
File: Nopldv2mjhBgM4Va1Nv_CVo4Ouo.roa (raw, json)
Hash identifier: 0rYsNsD411n7q6ZG1tanfJc8bJuVsPut/3RlrV8pokc=
Subject key identifier: 36:8A:65:76:FD:A6:8E:10:60:33:85:5A:D4:DB:FF:09:5A:38:3A:EA
Certificate issuer: /CN=94bc3cdac46408c0c8a3581788b510d0f04e9d1f
Certificate serial: 08E2DC4F
Authority key identifier: 94:BC:3C:DA:C4:64:08:C0:C8:A3:58:17:88:B5:10:D0:F0:4E:9D:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lLw82sRkCMDIo1gXiLUQ0PBOnR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/Nopldv2mjhBgM4Va1Nv_CVo4Ouo.roa
Signing time: Sat 01 Jan 2022 14:07:44 +0000
ROA not before: Sat 01 Jan 2022 14:07:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38987
IP address blocks: 185.13.184.0/22 maxlen: 22
62.133.128.0/19 maxlen: 19
37.72.120.0/21 maxlen: 21
2a02:22e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149085263 (0x8e2dc4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94bc3cdac46408c0c8a3581788b510d0f04e9d1f
Validity
Not Before: Jan 1 14:07:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=368a6576fda68e106033855ad4dbff095a383aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:94:67:3f:84:79:54:52:a6:2b:b3:49:48:
b4:3e:99:51:ac:8c:42:12:53:0f:37:22:70:99:7e:
47:d7:d6:9d:4f:42:b4:18:3e:5c:36:fb:c8:76:ce:
c1:2e:92:06:da:dd:32:65:ac:fe:78:40:29:71:05:
73:e9:f1:1f:2c:b2:2c:be:a2:a0:26:ed:de:71:7a:
b7:da:b6:d2:09:40:f6:7c:42:2e:d9:92:45:62:bb:
84:a4:49:fc:16:91:6e:cf:ac:fa:14:12:cd:95:c0:
3d:e0:09:e2:49:ed:57:d1:f0:83:27:12:cf:31:5a:
dc:53:e1:75:ab:25:8b:dc:1a:ca:a1:5d:7e:66:ae:
a1:ee:7c:32:81:d6:8e:d5:9d:de:b9:b5:d1:e6:dd:
62:8a:de:fa:75:48:63:23:54:9b:03:57:66:02:61:
b9:34:4c:6d:76:dc:91:a0:a1:0b:f5:18:74:2d:ec:
b1:3c:8c:90:99:b7:12:ca:6c:92:1f:98:44:9f:d0:
54:b3:bb:35:36:71:b5:09:38:5c:32:dc:d7:47:93:
cd:11:ec:7f:99:06:6a:9c:10:06:2b:bb:3a:59:98:
01:07:e7:08:9c:5b:1c:eb:39:e1:49:b7:79:62:9f:
cc:4e:f8:7c:5c:05:b6:83:a7:aa:d3:37:53:7d:b3:
ac:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8A:65:76:FD:A6:8E:10:60:33:85:5A:D4:DB:FF:09:5A:38:3A:EA
X509v3 Authority Key Identifier:
keyid:94:BC:3C:DA:C4:64:08:C0:C8:A3:58:17:88:B5:10:D0:F0:4E:9D:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lLw82sRkCMDIo1gXiLUQ0PBOnR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/Nopldv2mjhBgM4Va1Nv_CVo4Ouo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9df809-a8e8-4e12-a25a-c60472e9f717/1/lLw82sRkCMDIo1gXiLUQ0PBOnR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.120.0/21
62.133.128.0/19
185.13.184.0/22
IPv6:
2a02:22e0::/32
Signature Algorithm: sha256WithRSAEncryption
75:23:93:af:39:12:48:67:2f:e2:7f:f6:6b:8e:b0:b3:85:11:
77:94:91:06:c6:89:a2:e5:e5:5f:f2:0c:8e:0c:4b:ec:65:cd:
81:c6:24:4d:81:29:0b:7e:e5:bc:c6:d0:a8:a9:9e:c2:a1:a3:
74:83:f5:f2:2c:03:b6:6a:27:eb:e6:3b:97:e8:e9:a2:43:83:
4d:b0:ae:73:cd:ee:e5:fb:73:ed:6c:12:09:ed:64:4d:da:96:
fa:a6:7f:2c:55:e6:6a:ab:e1:f0:19:8b:09:ca:d4:ee:9f:e9:
f2:f3:d3:1a:1c:2d:87:8f:00:99:21:fa:d9:b5:48:fa:9f:c6:
c0:66:d7:6d:e5:9a:89:ea:77:85:89:c7:3e:6e:3e:64:17:25:
ff:41:bb:8c:b1:8c:2b:1d:35:d7:e3:45:76:dd:9f:ed:38:77:
86:f4:f0:28:5d:60:f7:29:33:8c:a6:7d:e5:ea:18:2c:cc:62:
27:c9:b7:df:37:c1:95:76:8d:87:32:55:e2:fc:f2:bb:4c:a9:
eb:42:70:cc:31:b4:69:a8:fd:1b:b1:f8:2b:53:70:3a:21:48:
30:91:d6:ce:f6:7d:fd:7d:e5:1b:aa:46:4f:f9:bc:4c:55:73:
ac:f2:d3:98:1e:1a:db:3e:cf:b6:a6:8a:fb:0e:cf:20:8d:23:
17:21:59:b5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECOLcTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGJjM2NkYWM0NjQwOGMwYzhhMzU4MTc4OGI1MTBkMGYwNGU5ZDFmMB4XDTIyMDEw
MTE0MDc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY4YTY1NzZmZGE2
OGUxMDYwMzM4NTVhZDRkYmZmMDk1YTM4M2FlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBClGc/hHlUUqYrs0lItD6ZUayMQhJTDzcicJl+R9fWnU9C
tBg+XDb7yHbOwS6SBtrdMmWs/nhAKXEFc+nxHyyyLL6ioCbt3nF6t9q20glA9nxC
LtmSRWK7hKRJ/BaRbs+s+hQSzZXAPeAJ4kntV9HwgycSzzFa3FPhdasli9wayqFd
fmauoe58MoHWjtWd3rm10ebdYore+nVIYyNUmwNXZgJhuTRMbXbckaChC/UYdC3s
sTyMkJm3Espskh+YRJ/QVLO7NTZxtQk4XDLc10eTzRHsf5kGapwQBiu7OlmYAQfn
CJxbHOs54Um3eWKfzE74fFwFtoOnqtM3U32zrN8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ2imV2/aaOEGAzhVrU2/8JWjg66jAfBgNVHSMEGDAWgBSUvDzaxGQIwMij
WBeItRDQ8E6dHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xMdzgyc1JrQ01ESW8xZ1hpTFVRMFBCT25SOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvOWRmODA5LWE4ZTgtNGUxMi1hMjVhLWM2MDQ3MmU5ZjcxNy8x
L05vcGxkdjJtamhCZ000VmExTnZfQ1ZvNE91by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
OWRmODA5LWE4ZTgtNGUxMi1hMjVhLWM2MDQ3MmU5ZjcxNy8xL2xMdzgyc1JrQ01E
SW8xZ1hpTFVRMFBCT25SOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAyVIeAMEBT6FgAMEArkNuDANBAIA
AjAHAwUAKgIi4DANBgkqhkiG9w0BAQsFAAOCAQEAdSOTrzkSSGcv4n/2a46ws4UR
d5SRBsaJouXlX/IMjgxL7GXNgcYkTYEpC37lvMbQqKmewqGjdIP18iwDtmon6+Y7
l+jpokODTbCuc83u5ftz7WwSCe1kTdqW+qZ/LFXmaqvh8BmLCcrU7p/p8vPTGhwt
h48AmSH62bVI+p/GwGbXbeWaiep3hYnHPm4+ZBcl/0G7jLGMKx011+NFdt2f7Th3
hvTwKF1g9ykzjKZ95eoYLMxiJ8m33zfBlXaNhzJV4vzyu0yp60JwzDG0aaj9G7H4
K1NwOiFIMJHWzvZ9/X3lG6pGT/m8TFVzrPLTmB4a2z7PtqaK+w7PII0jFyFZtQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:41 2025 by rpki-client