Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/nPj2TV-eWFsPXDi7-60zt4vW3gs.roa
File: nPj2TV-eWFsPXDi7-60zt4vW3gs.roa (raw, json)
Hash identifier: ajt9tjICTqPuR2NP2R2PRt+GXw71VzWqT0vxLoSZ1mQ=
Subject key identifier: 9C:F8:F6:4D:5F:9E:58:5B:0F:5C:38:BB:FB:AD:33:B7:8B:D6:DE:0B
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 059835A2
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/nPj2TV-eWFsPXDi7-60zt4vW3gs.roa
Signing time: Sat 01 Jan 2022 03:52:52 +0000
ROA not before: Sat 01 Jan 2022 03:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35432
IP address blocks: 164.215.0.0/19 maxlen: 24
91.184.192.0/19 maxlen: 24
64.59.208.0/20 maxlen: 24
185.7.156.0/22 maxlen: 24
213.140.192.0/19 maxlen: 24
69.6.0.0/19 maxlen: 24
85.132.224.0/19 maxlen: 24
212.50.96.0/19 maxlen: 24
80.244.16.0/20 maxlen: 24
66.205.95.0/24 maxlen: 24
109.110.224.0/19 maxlen: 24
77.83.248.0/22 maxlen: 24
66.205.64.0/19 maxlen: 24
213.133.80.0/20 maxlen: 24
65.18.208.0/20 maxlen: 24
185.162.16.0/22 maxlen: 24
185.42.32.0/22 maxlen: 24
185.42.32.0/24 maxlen: 24
69.94.112.0/20 maxlen: 24
139.138.192.0/19 maxlen: 24
216.241.128.0/19 maxlen: 24
46.251.96.0/19 maxlen: 24
2a02:540:8::/48 maxlen: 48
2a02:540:7::/48 maxlen: 48
2a02:540:5::/48 maxlen: 48
2a02:540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93861282 (0x59835a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: Jan 1 03:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cf8f64d5f9e585b0f5c38bbfbad33b78bd6de0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:13:f6:23:4e:92:18:97:e5:fa:75:1d:ab:5f:
af:80:59:35:20:28:b8:d0:14:63:85:c4:42:2a:b3:
16:6d:b8:39:aa:9c:1a:a4:57:5f:97:3f:ed:c8:f4:
ce:25:33:e8:5b:d5:ff:b7:51:50:31:22:88:35:6a:
24:08:30:90:a1:0b:99:4d:cc:4f:50:77:5b:ef:08:
0e:e3:4c:0d:c3:aa:ab:41:2e:3a:a9:e7:11:86:8f:
4b:2d:8a:c8:9d:b8:3a:d4:03:a7:fc:2e:4b:7a:d0:
5f:e3:c8:e0:97:64:05:ec:8f:15:3f:a1:d2:0a:f7:
21:be:25:a0:8b:8e:22:9b:d3:2d:3f:84:f5:ac:84:
52:5d:ee:ac:8f:45:49:5f:a8:b8:41:10:b6:3b:7e:
2c:e1:98:dd:b1:f1:f7:4d:7e:5e:50:d8:2d:98:01:
fe:ec:86:c2:7b:4b:e0:6b:c0:fd:0f:11:ab:d6:cd:
c2:17:26:90:d3:3e:6a:ea:3c:61:5d:81:65:bc:1f:
95:ea:60:f4:3a:51:68:c4:a4:4a:3a:f1:a0:20:62:
5a:60:f2:1a:3e:7d:09:d1:fd:c1:b0:26:d7:f8:68:
a2:a2:95:59:20:eb:ff:b8:5a:51:74:47:5c:1f:5f:
10:d9:87:8c:1e:6c:59:49:ba:91:94:e4:83:0d:26:
23:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F8:F6:4D:5F:9E:58:5B:0F:5C:38:BB:FB:AD:33:B7:8B:D6:DE:0B
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/nPj2TV-eWFsPXDi7-60zt4vW3gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a02:540::/32
Signature Algorithm: sha256WithRSAEncryption
70:4f:3d:07:1e:b0:79:20:e6:84:ab:da:cb:48:0f:c2:79:b7:
7b:ce:3f:8e:c4:9a:7f:94:5e:35:df:96:f1:1f:7e:3a:89:60:
e1:68:c5:d8:1b:b8:5a:26:4b:52:d0:7a:f6:1a:f0:e7:70:77:
41:d1:92:f5:86:a2:76:fe:ca:65:b3:42:6a:1c:5a:14:56:79:
d9:e3:9f:6a:94:ac:05:a8:b7:70:e7:a2:83:56:9d:f6:2a:a5:
ee:d9:a4:87:5d:30:05:9f:07:68:af:41:ee:fb:74:2f:a4:d0:
2c:e9:e0:0a:f5:3b:a6:0f:4f:00:2f:71:b6:0c:85:e5:8e:20:
9f:e2:1f:7c:02:10:4b:64:be:45:05:f2:94:10:16:ca:ac:36:
5c:56:7d:4a:f1:29:66:51:d8:07:35:d3:af:8c:31:65:eb:6f:
3f:9b:57:42:b3:52:47:f4:9a:1a:e0:88:cc:93:eb:24:a8:f0:
46:7a:62:ad:a5:4b:03:8c:c3:17:5e:03:44:6d:93:c4:16:ed:
6b:36:22:97:00:96:98:1d:12:24:fb:7c:fd:4b:02:59:d2:f7:
db:ca:20:91:9b:bb:09:01:4c:4d:89:fc:10:ac:99:60:8a:1e:
f2:a5:1e:21:fb:06:e7:d6:51:d6:29:96:96:9f:c3:90:29:4b:
8d:45:68:28
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIEBZg1ojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzAyOWEzNmZjMGNjYTJlMGE4ZDA0NWYwMjJkZmM4MzFhNTE3MzA4MB4XDTIyMDEw
MTAzNTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNmOGY2NGQ1Zjll
NTg1YjBmNWMzOGJiZmJhZDMzYjc4YmQ2ZGUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAT9iNOkhiX5fp1Hatfr4BZNSAouNAUY4XEQiqzFm24Oaqc
GqRXX5c/7cj0ziUz6FvV/7dRUDEiiDVqJAgwkKELmU3MT1B3W+8IDuNMDcOqq0Eu
OqnnEYaPSy2KyJ24OtQDp/wuS3rQX+PI4JdkBeyPFT+h0gr3Ib4loIuOIpvTLT+E
9ayEUl3urI9FSV+ouEEQtjt+LOGY3bHx901+XlDYLZgB/uyGwntL4GvA/Q8Rq9bN
whcmkNM+auo8YV2BZbwflepg9DpRaMSkSjrxoCBiWmDyGj59CdH9wbAm1/hooqKV
WSDr/7haUXRHXB9fENmHjB5sWUm6kZTkgw0mI6sCAwEAAaOCAo0wggKJMB0GA1Ud
DgQWBBSc+PZNX55YWw9cOLv7rTO3i9beCzAfBgNVHSMEGDAWgBQnApo2/AzKLgqN
BF8CLfyDGlFzCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0p3S2FOdndNeWk0S2pRUmZBaTM4Z3hwUmN3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNTNiYjIzLWRmYTgtNDc5Mi1iMzE3LTUwZDBhNTMyMzY0MS8x
L25QajJUVi1lV0ZzUFhEaTctNjB6dDR2VzNncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NTNiYjIzLWRmYTgtNDc5Mi1iMzE3LTUwZDBhNTMyMzY0MS8xL0p3S2FOdndNeWk0
S2pRUmZBaTM4Z3hwUmN3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ogYIKwYBBQUHAQcBAf8EgZIwgY8wfgQCAAEweAMEBS77YAMEBEA70AMEBEES0AME
BULNQAMEBUUGAAMEBEVecAMEAk1T+AMEBFD0EAMEBVWE4AMEBVu4wAMEBW1u4AME
BYuKwAMEBaTXAAMEArkHnAMEArkqIAMEArmiEAMEBdQyYAMEBNWFUAMEBdWMwAME
BdjxgDANBAIAAjAHAwUAKgIFQDANBgkqhkiG9w0BAQsFAAOCAQEAcE89Bx6weSDm
hKvay0gPwnm3e84/jsSaf5ReNd+W8R9+Oolg4WjF2Bu4WiZLUtB69hrw53B3QdGS
9Yaidv7KZbNCahxaFFZ52eOfapSsBai3cOeig1ad9iql7tmkh10wBZ8HaK9B7vt0
L6TQLOngCvU7pg9PAC9xtgyF5Y4gn+IffAIQS2S+RQXylBAWyqw2XFZ9SvEpZlHY
BzXTr4wxZetvP5tXQrNSR/SaGuCIzJPrJKjwRnpiraVLA4zDF14DRG2TxBbtazYi
lwCWmB0SJPt8/UsCWdL328ogkZu7CQFMTYn8EKyZYIoe8qUeIfsG59ZR1imWlp/D
kClLjUVoKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:34 2024 by rpki-client on console-fra.rpki-client.org