Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/1NcdmAy02OP98chWazr3zwxc564.roa
File: 1NcdmAy02OP98chWazr3zwxc564.roa (raw, json)
Hash identifier: TxCLJOTpPslnvi50hXJDREO2DXiAnQh5+XgAtJT2Otg=
Subject key identifier: D4:D7:1D:98:0C:B4:D8:E3:FD:F1:C8:56:6B:3A:F7:CF:0C:5C:E7:AE
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 0EB2E851
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/1NcdmAy02OP98chWazr3zwxc564.roa
Signing time: Thu 21 Apr 2022 08:15:41 +0000
ROA not before: Thu 21 Apr 2022 08:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29014
IP address blocks: 195.177.233.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
193.41.116.0/23 maxlen: 24
45.139.156.0/22 maxlen: 24
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.128.0/21 maxlen: 24
93.92.134.0/23 maxlen: 23
93.92.133.0/24 maxlen: 24
185.8.8.0/24 maxlen: 24
185.8.8.0/22 maxlen: 24
85.158.0.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.7.0/24 maxlen: 24
85.158.6.0/24 maxlen: 24
194.126.239.0/24 maxlen: 24
2a00:12e8:200::/40 maxlen: 40
2a00:12e8::/32 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:600::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246605905 (0xeb2e851)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Apr 21 08:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4d71d980cb4d8e3fdf1c8566b3af7cf0c5ce7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:98:81:9b:42:9b:de:1d:d2:ef:d1:e8:e4:
3f:5c:b5:fd:0a:7d:f2:df:5f:57:25:e8:d7:5e:9d:
de:c4:23:12:fe:a4:3e:54:d4:7b:ad:cf:00:54:1a:
2a:20:12:94:c2:21:7a:4f:6b:c4:59:2e:8d:60:90:
e6:ac:97:de:32:8a:7c:96:68:d0:4f:5a:71:22:35:
35:14:db:6d:c9:22:41:29:5b:44:3d:bf:aa:5c:71:
8b:7e:c5:28:32:c8:64:fd:7b:d2:07:e0:59:cd:a3:
2e:25:f5:63:e0:69:f1:fa:28:a7:a5:bd:2e:3e:d8:
8e:75:1a:ef:db:8b:b6:91:71:43:72:26:47:b6:6f:
b5:57:74:48:1f:be:d1:15:16:3f:42:73:0f:50:52:
24:79:d8:fd:86:91:96:bc:ff:00:12:39:c0:32:b3:
c7:d9:8f:32:5a:77:ce:92:a3:5d:f3:3e:f8:5f:c4:
27:0f:7f:ee:04:b4:c7:11:bc:f6:83:cb:64:ad:8b:
d2:f6:a6:38:5c:4a:a4:5f:31:50:f2:da:76:0a:b9:
45:06:b2:ed:a4:60:16:8d:7d:57:d4:22:c5:a2:de:
af:1b:1a:f3:e0:03:d5:79:fb:8d:8c:59:d2:51:29:
68:3d:d8:f3:16:37:9c:17:e3:2c:38:42:bf:b8:c2:
e0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D7:1D:98:0C:B4:D8:E3:FD:F1:C8:56:6B:3A:F7:CF:0C:5C:E7:AE
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/1NcdmAy02OP98chWazr3zwxc564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
5b:6a:44:c6:08:0e:23:9f:b0:9e:ba:cb:4c:96:24:d2:4e:6e:
78:c9:fd:f6:67:41:58:e4:f1:18:76:be:67:54:34:e0:47:63:
dd:7b:a6:29:51:5c:61:50:99:a7:ed:b1:2d:3a:b2:98:87:9f:
00:49:f9:fa:77:b7:e2:42:41:ef:3a:5a:34:e1:26:24:06:0c:
e5:23:23:26:23:de:ce:ab:a9:6c:94:3f:19:34:cf:4c:fe:f1:
e7:99:8a:af:d3:93:37:45:b7:f5:f5:0b:51:80:16:40:16:26:
ce:db:b9:ff:be:23:6a:cf:a6:fe:e4:f3:ff:2d:57:61:9a:bc:
c9:f5:d9:45:b5:2f:d7:2e:7d:b5:a6:55:00:47:60:31:f5:7a:
a3:05:66:82:2f:f2:6a:d6:3a:ce:a5:40:d0:8a:b7:0a:53:f5:
bb:9e:26:ac:93:11:2a:02:4d:59:88:d1:f2:35:11:f7:6a:71:
2a:fa:de:61:c9:ea:8e:a3:40:9f:c2:c3:bb:f3:09:a4:1c:c1:
21:a3:94:e1:c5:51:e2:5a:dd:40:81:05:43:69:54:be:72:ff:
d7:d0:a3:75:d6:6c:c4:41:c1:c8:ad:c8:36:5f:90:04:d2:c6:
40:19:51:47:9c:74:d6:b4:11:7c:4b:e3:91:30:d5:ad:d6:1a:
4c:e6:72:62
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEDrLoUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWI4YzJmMzdiZDhkN2UwNGU3Njk4NWE0Y2VkNDU1OWQ3NjUxYzQzMB4XDTIyMDQy
MTA4MTU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRkNzFkOTgwY2I0
ZDhlM2ZkZjFjODU2NmIzYWY3Y2YwYzVjZTdhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKrmIGbQpveHdLv0ejkP1y1/Qp98t9fVyXo116d3sQjEv6k
PlTUe63PAFQaKiASlMIhek9rxFkujWCQ5qyX3jKKfJZo0E9acSI1NRTbbckiQSlb
RD2/qlxxi37FKDLIZP170gfgWc2jLiX1Y+Bp8foop6W9Lj7YjnUa79uLtpFxQ3Im
R7ZvtVd0SB++0RUWP0JzD1BSJHnY/YaRlrz/ABI5wDKzx9mPMlp3zpKjXfM++F/E
Jw9/7gS0xxG89oPLZK2L0vamOFxKpF8xUPLadgq5RQay7aRgFo19V9QixaLerxsa
8+AD1Xn7jYxZ0lEpaD3Y8xY3nBfjLDhCv7jC4McCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTU1x2YDLTY4/3xyFZrOvfPDFznrjAfBgNVHSMEGDAWgBRBuMLze9jX4E52
mFpM7UVZ12UcQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FiakM4M3ZZMS1CT2RwaGFUTzFGV2RkbEhFTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvM2UzYjRiLWY4MjctNDM0Ny05MDIyLTI4MThmNjU3OGQxYi8x
LzFOY2RtQXkwMk9QOThjaFdhenIzend4YzU2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
M2UzYjRiLWY4MjctNDM0Ny05MDIyLTI4MThmNjU3OGQxYi8xL1FiakM4M3ZZMS1C
T2RwaGFUTzFGV2RkbEhFTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAi2LnAMEA1WeAAMEA11cgAMEArkI
CAMEAcEpdAMEAMJ+7wMEAcOx6DANBAIAAjAHAwUAKgAS6DANBgkqhkiG9w0BAQsF
AAOCAQEAW2pExggOI5+wnrrLTJYk0k5ueMn99mdBWOTxGHa+Z1Q04Edj3XumKVFc
YVCZp+2xLTqymIefAEn5+ne34kJB7zpaNOEmJAYM5SMjJiPezqupbJQ/GTTPTP7x
55mKr9OTN0W39fULUYAWQBYmztu5/74jas+m/uTz/y1XYZq8yfXZRbUv1y59taZV
AEdgMfV6owVmgi/yatY6zqVA0Iq3ClP1u54mrJMRKgJNWYjR8jUR92pxKvreYcnq
jqNAn8LDu/MJpBzBIaOU4cVR4lrdQIEFQ2lUvnL/19CjddZsxEHByK3INl+QBNLG
QBlRR5x01rQRfEvjkTDVrdYaTOZyYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:58 2024 by rpki-client on console-fra.rpki-client.org