Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nq3Hubc0yx62rIBlQ3Pnf2b2uLU.roa
File: Nq3Hubc0yx62rIBlQ3Pnf2b2uLU.roa (raw, json)
Hash identifier: ESBBObZiy4NwQrA0f4HNPagP/TZIX5zLsXNILvJN5h8=
Subject key identifier: 36:AD:C7:B9:B7:34:CB:1E:B6:AC:80:65:43:73:E7:7F:66:F6:B8:B5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018321831C9774162723DC051303A887B078
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nq3Hubc0yx62rIBlQ3Pnf2b2uLU.roa
Signing time: Fri 09 Sep 2022 09:09:44 +0000
ROA not before: Fri 09 Sep 2022 09:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:83:1c:97:74:16:27:23:dc:05:13:03:a8:87:b0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 9 09:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36adc7b9b734cb1eb6ac80654373e77f66f6b8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cd:f9:d9:2e:35:22:e7:87:df:f7:e9:a7:a8:
ca:5e:99:58:5d:d1:2f:cb:54:41:e7:54:48:6c:6d:
c4:e2:28:20:7e:2c:74:0a:d6:0b:ee:07:2b:46:9b:
cd:f8:67:29:01:dd:4c:47:75:02:44:8d:03:76:d9:
a5:58:17:c6:af:00:1f:b7:91:64:09:e0:f6:7e:83:
a9:4d:98:99:09:04:81:ac:89:2d:90:6a:7a:cc:44:
9f:5e:47:7c:3a:00:20:7f:dc:8c:e9:32:90:5b:d2:
76:95:22:fe:6f:5c:c7:b8:10:ec:a1:b7:61:e3:26:
63:28:6d:0d:ae:51:21:55:22:85:d3:48:d7:29:77:
b3:45:18:1d:de:54:e5:84:80:c6:33:bb:75:62:86:
b0:c7:df:46:96:6a:18:4e:ff:85:50:50:71:d7:6a:
91:1e:1e:55:e8:87:54:53:d0:97:41:5e:f1:3b:72:
7f:bc:cf:b7:31:45:e6:82:f5:7c:0a:1a:f5:93:7e:
ef:e8:85:56:56:bb:f0:3a:c6:52:88:3a:cb:b2:bc:
a4:ad:f0:e9:a0:7f:ee:c2:ee:c9:44:78:aa:91:d1:
a9:15:71:de:a5:c2:1b:1f:15:21:78:0d:fd:bb:85:
47:83:2e:35:30:d0:95:d4:74:c8:e7:39:65:75:4c:
18:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AD:C7:B9:B7:34:CB:1E:B6:AC:80:65:43:73:E7:7F:66:F6:B8:B5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nq3Hubc0yx62rIBlQ3Pnf2b2uLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
82.115.208.0/22
84.21.172.0/23
84.54.48.0/23
85.31.45.0/24
85.31.47.0/24
87.120.84.0/24
87.120.87.0/24
87.121.221.0/24
92.249.50.0/24
94.103.125.0-94.103.126.255
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.236.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
193.25.217.0-193.25.218.255
193.35.19.0/24
193.37.42.0/24
193.42.32.0/24
193.47.62.0/23
193.222.97.0/24
193.222.99.0/24
194.55.224.0/22
194.180.36.0/24
Signature Algorithm: sha256WithRSAEncryption
06:a1:68:22:59:f3:0e:10:a3:b0:46:a5:9e:ac:de:98:b5:07:
4b:55:64:28:a9:f7:82:60:c3:9b:f6:4b:35:3e:fe:1e:4d:b2:
51:f9:b2:29:ea:64:62:d1:01:b3:91:86:60:3b:1c:7e:98:c2:
0b:90:34:64:f6:51:8a:86:43:e0:59:94:42:d7:cf:ab:af:0d:
d5:09:88:87:cc:df:8c:dd:23:9c:86:e0:a0:12:d4:c4:3e:46:
9e:36:d6:d0:f3:3b:9e:d5:e4:09:c0:e5:d2:20:5a:de:77:dc:
a5:3a:f4:66:69:df:a3:72:2a:d6:40:ca:09:a6:f8:cc:24:4c:
fa:43:58:f4:97:f5:70:a8:77:0d:c3:c7:76:d7:13:03:c8:9a:
72:86:5a:34:9c:48:34:c1:1b:4c:39:71:ec:13:44:c5:80:b5:
c6:a9:ea:1d:83:a5:27:37:ef:61:60:82:55:5a:a3:ba:fd:c1:
b4:98:35:a2:e6:a9:2d:f6:7f:24:49:a2:7b:a8:93:bf:0a:a2:
dc:63:0e:6c:b3:07:3a:ac:19:bc:92:81:ac:eb:80:bd:78:8f:
ff:17:03:58:9d:8b:43:a4:d3:7e:ab:5b:d9:e6:fb:8a:16:b7:
78:25:d7:b2:b3:35:25:42:4b:99:04:0f:7c:fb:64:86:76:97:
2c:71:fe:f1
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYMhgxyXdBYnI9wFEwOoh7B4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTA5MDkwOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFkYzdiOWI3MzRjYjFlYjZhYzgwNjU0MzczZTc3ZjY2ZjZiOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8352S41IueH3/fpp6jKXplYXdEv
y1RB51RIbG3E4iggfix0CtYL7gcrRpvN+GcpAd1MR3UCRI0DdtmlWBfGrwAft5Fk
CeD2foOpTZiZCQSBrIktkGp6zESfXkd8OgAgf9yM6TKQW9J2lSL+b1zHuBDsobdh
4yZjKG0NrlEhVSKF00jXKXezRRgd3lTlhIDGM7t1Yoawx99GlmoYTv+FUFBx12qR
Hh5V6IdUU9CXQV7xO3J/vM+3MUXmgvV8Chr1k37v6IVWVrvwOsZSiDrLsrykrfDp
oH/uwu7JRHiqkdGpFXHepcIbHxUheA39u4VHgy41MNCV1HTI5zlldUwYewIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFDatx7m3NMsetqyAZUNz539m9ri1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTnEzSHViYzB5eDYycklCbFEzUG5mMmIydUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBABQ
TDADBAJSc9ADBAFUFawDBAFUNjADBABVHy0DBABVHy8DBABXeFQDBABXeFcDBABX
ed0DBABc+TIwDAMEAF5nfQMEAF5nfgMEAF6arDAMAwQAstfhAwQCstfgAwQAstfs
AwQAstfvMAwDBAC52EUDBAC52EYDBAC52ogDBAC59t0wDAMEAMEZ2QMEAMEZ2gME
AMEjEwMEAMElKgMEAMEqIAMEAcEvPgMEAMHeYQMEAMHeYwMEAsI34AMEAMK0JDAN
BgkqhkiG9w0BAQsFAAOCAQEABqFoIlnzDhCjsEalnqzemLUHS1VkKKn3gmDDm/ZL
NT7+Hk2yUfmyKepkYtEBs5GGYDscfpjCC5A0ZPZRioZD4FmUQtfPq68N1QmIh8zf
jN0jnIbgoBLUxD5GnjbW0PM7ntXkCcDl0iBa3nfcpTr0Zmnfo3Iq1kDKCab4zCRM
+kNY9Jf1cKh3DcPHdtcTA8iacoZaNJxINMEbTDlx7BNExYC1xqnqHYOlJzfvYWCC
VVqjuv3BtJg1ouapLfZ/JEmie6iTvwqi3GMObLMHOqwZvJKBrOuAvXiP/xcDWJ2L
Q6TTfqtb2eb7iha3eCXXsrM1JUJLmQQPfPtkhnaXLHH+8Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org