Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/9N3BN6wRlJSxo-vm2_Kwc4UfGa0.roa
File: 9N3BN6wRlJSxo-vm2_Kwc4UfGa0.roa (raw, json)
Hash identifier: tta+25Z5KstJRgLF6M+aB52i8EUDXxWh0irDxnm1Y0c=
Subject key identifier: F4:DD:C1:37:AC:11:94:94:B1:A3:EB:E6:DB:F2:B0:73:85:1F:19:AD
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 01840A42B90E1838942437AD58F41BABBD46
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/9N3BN6wRlJSxo-vm2_Kwc4UfGa0.roa
Signing time: Mon 24 Oct 2022 13:50:55 +0000
ROA not before: Mon 24 Oct 2022 13:50:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
87.242.120.0/21 maxlen: 21
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:42:b9:0e:18:38:94:24:37:ad:58:f4:1b:ab:bd:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Oct 24 13:50:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4ddc137ac119494b1a3ebe6dbf2b073851f19ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b6:06:b2:f5:1b:0b:3b:cb:e9:59:8d:73:98:
6b:f1:80:ce:d9:13:11:82:f2:77:32:e4:76:cc:16:
9b:aa:ac:77:1f:72:96:ee:fc:6e:94:ec:c7:6a:d3:
b8:f4:d1:3b:bf:d4:40:21:8a:56:b6:ae:a7:c8:ea:
fb:c2:02:67:01:02:95:c2:d9:8a:83:f4:c9:24:e7:
13:9f:d1:e8:58:ef:58:30:05:e2:89:b8:88:76:3a:
e6:8e:48:8a:04:e3:a1:54:61:40:f9:0a:6d:08:a9:
6f:ca:d6:59:a2:7c:a4:d8:7f:25:39:cd:f5:8d:01:
08:62:f0:cc:fe:8e:85:68:5c:32:c1:f5:2c:4f:e1:
fa:99:cb:d3:07:5d:e1:0e:46:24:80:a6:66:24:7d:
35:04:3c:d3:b2:24:d3:75:56:7e:61:dc:1f:7c:43:
9c:20:75:15:90:c4:bd:b8:65:b8:f5:66:5d:4c:e6:
97:c1:03:1e:0e:ed:51:ed:7d:55:2f:f9:4b:34:be:
6d:93:83:aa:21:46:b3:94:db:3f:2e:a7:8b:1b:6c:
77:ba:35:fe:7e:50:9c:4b:d1:e9:d5:5a:87:3a:1a:
0b:2d:ca:fc:5d:83:63:7b:9e:27:a5:40:bb:ae:a3:
3f:3a:51:25:24:6e:8a:46:65:94:75:35:78:a1:0a:
01:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DD:C1:37:AC:11:94:94:B1:A3:EB:E6:DB:F2:B0:73:85:1F:19:AD
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/9N3BN6wRlJSxo-vm2_Kwc4UfGa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
94.139.252.0/22
141.101.151.0-141.101.152.255
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
67:5b:9c:46:91:11:de:e3:1a:49:e8:90:d8:ac:41:23:72:8e:
4c:b2:b8:82:00:be:9d:d1:74:cd:55:cd:3c:4c:aa:20:51:c4:
7d:ba:62:26:fb:ab:6f:78:05:24:44:02:cc:69:2f:eb:54:61:
bd:5c:e0:3a:9a:27:d9:2d:9d:9f:0d:7a:d4:05:51:5a:a7:66:
f7:07:4a:1e:9d:f2:38:b1:5b:f0:f1:ed:9d:d0:db:86:ee:dd:
1e:08:2f:78:8c:93:af:b8:ba:eb:17:65:71:92:a5:5e:2f:b0:
4c:50:97:fa:7b:b3:3a:8a:ee:e0:1d:58:f9:b0:b0:0e:42:b2:
3f:17:a5:3f:67:6c:b8:fd:c9:51:2b:40:b6:10:b4:92:a3:e2:
e3:65:1d:f6:06:ba:b1:84:13:23:55:2d:c5:6e:e2:fb:8f:7e:
0d:36:00:8d:9a:08:9a:71:c6:1d:5e:f3:01:0d:9f:ef:d9:c0:
d8:3f:83:52:2e:3e:c1:03:4e:c3:76:1d:5f:7a:8c:c6:84:4f:
b0:c1:59:52:0e:de:41:7f:2f:dd:b8:bb:a5:d3:cd:3a:02:ff:
63:52:f5:7b:4d:40:18:8a:73:f0:91:1f:cc:88:42:5e:73:02:
a2:39:df:1f:f4:8d:37:18:58:56:3e:ac:db:bd:86:c3:51:86:
78:c6:76:a7
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgISAYQKQrkOGDiUJDetWPQbq71GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjIxMDI0MTM1MDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGRkYzEzN2FjMTE5NDk0YjFhM2ViZTZkYmYyYjA3Mzg1MWYxOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrYGsvUbCzvL6VmNc5hr8YDO2RMR
gvJ3MuR2zBabqqx3H3KW7vxulOzHatO49NE7v9RAIYpWtq6nyOr7wgJnAQKVwtmK
g/TJJOcTn9HoWO9YMAXiibiIdjrmjkiKBOOhVGFA+QptCKlvytZZonyk2H8lOc31
jQEIYvDM/o6FaFwywfUsT+H6mcvTB13hDkYkgKZmJH01BDzTsiTTdVZ+YdwffEOc
IHUVkMS9uGW49WZdTOaXwQMeDu1R7X1VL/lLNL5tk4OqIUazlNs/LqeLG2x3ujX+
flCcS9Hp1VqHOhoLLcr8XYNje54npUC7rqM/OlElJG6KRmWUdTV4oQoB7QIDAQAB
o4IDFDCCAxAwHQYDVR0OBBYEFPTdwTesEZSUsaPr5tvysHOFHxmtMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xLzlOM0JONndSbEpTeG8tdm0yX0t3YzRVZkdhMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEmBggrBgEFBQcBBwEB/wSCARUwggERMIH/BAIAATCB
+DAMAwQDJRIIAwQAJRIKAwQAJRIWAwQBJRJIMAwDBAIlEmQDBAAlEmYwDAMEACUS
awMEACUSegMEACXmizAMAwQAJeazAwQBJea0MAwDBAMl5rgDBAAl5roDBAMl5sAD
BAAl5uADBAAl5ukDBAItCRgDBAItWeAwDAMEAC7zjQMEBC7zgAMEAC7zrAMEAC7z
yTAMAwQALvPNAwQALvPOAwQBLvPiAwQBLvP0AwQDV/JYAwQDV/J4AwQDWeigAwQC
Xov8MAwDBACNZZcDBACNZZgDBACNZckwDAMEALKqvwMEAbKqxAMEALKq8jAMAwQB
vEhqAwQBvEhsMA0EAgACMAcDBQMqDCuAMA0GCSqGSIb3DQEBCwUAA4IBAQBnW5xG
kRHe4xpJ6JDYrEEjco5MsriCAL6d0XTNVc08TKogUcR9umIm+6tveAUkRALMaS/r
VGG9XOA6mifZLZ2fDXrUBVFap2b3B0oenfI4sVvw8e2d0NuG7t0eCC94jJOvuLrr
F2VxkqVeL7BMUJf6e7M6iu7gHVj5sLAOQrI/F6U/Z2y4/clRK0C2ELSSo+LjZR32
BrqxhBMjVS3FbuL7j34NNgCNmgiaccYdXvMBDZ/v2cDYP4NSLj7BA07Ddh1feozG
hE+wwVlSDt5Bfy/duLul0806Av9jUvV7TUAYinPwkR/MiEJecwKiOd8f9I03GFhW
PqzbvYbDUYZ4xnan
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org