Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/nNo8sn1fgYuYd6DWK892SK-t-x4.roa
File: nNo8sn1fgYuYd6DWK892SK-t-x4.roa (raw, json)
Hash identifier: 6fjJrSwGTtNoivJmnY3Paszv/bV00JWgSnybsH0YIiQ=
Subject key identifier: 9C:DA:3C:B2:7D:5F:81:8B:98:77:A0:D6:2B:CF:76:48:AF:AD:FB:1E
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 018536EEFF01ADA0E98D080A4ABAC787BDEE
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/nNo8sn1fgYuYd6DWK892SK-t-x4.roa
Signing time: Wed 21 Dec 2022 23:05:10 +0000
ROA not before: Wed 21 Dec 2022 23:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 185.107.44.0/22 maxlen: 22
109.201.128.0/19 maxlen: 19
185.107.45.0/24 maxlen: 24
185.107.56.0/22 maxlen: 22
185.107.68.0/22 maxlen: 22
185.107.80.0/22 maxlen: 22
185.107.37.0/24 maxlen: 24
185.107.36.0/24 maxlen: 24
185.107.38.0/24 maxlen: 24
212.92.112.0/21 maxlen: 21
212.92.120.0/22 maxlen: 22
212.92.124.0/23 maxlen: 23
92.114.100.0/24 maxlen: 24
92.114.100.0/22 maxlen: 22
89.38.160.0/22 maxlen: 22
85.159.232.0/21 maxlen: 24
46.166.176.0/20 maxlen: 21
37.143.32.0/21 maxlen: 24
185.107.92.0/22 maxlen: 22
185.107.100.0/22 maxlen: 24
185.107.116.0/22 maxlen: 24
46.166.128.0/19 maxlen: 24
212.92.104.0/21 maxlen: 21
185.11.144.0/24 maxlen: 24
37.156.228.0/24 maxlen: 24
188.209.57.0/24 maxlen: 24
188.209.56.0/24 maxlen: 24
37.153.168.0/22 maxlen: 22
77.247.176.0/24 maxlen: 24
77.247.176.0/21 maxlen: 21
5.104.136.0/21 maxlen: 24
185.7.76.0/22 maxlen: 22
176.126.232.0/24 maxlen: 24
176.126.233.0/24 maxlen: 24
2a00:1768::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:36:ee:ff:01:ad:a0:e9:8d:08:0a:4a:ba:c7:87:bd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Dec 21 23:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cda3cb27d5f818b9877a0d62bcf7648afadfb1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:64:4d:d5:a0:5d:66:3f:44:81:fd:a6:a0:69:
1c:ac:97:dd:f4:dd:28:4a:a4:a6:9d:0b:4f:52:be:
97:a3:f4:be:46:36:65:f8:85:50:1f:47:85:b0:62:
4a:a6:6d:43:54:04:9b:f4:a5:7c:db:14:7e:25:e0:
fa:be:e9:43:a2:95:e5:86:28:9e:4d:05:0b:69:9c:
3c:c6:63:00:46:69:02:da:91:32:05:85:29:c4:3b:
a0:53:a9:ed:70:ea:52:50:08:b1:9a:d9:6d:76:89:
45:f0:9d:29:b7:c3:98:ce:c1:f2:64:c6:a8:c1:e2:
34:92:54:c4:bd:f1:31:19:a7:d8:d4:6d:f5:ec:ab:
9b:9e:b9:ec:04:8f:0b:78:df:93:de:a2:53:37:dc:
64:f6:90:f2:0f:6a:43:45:6a:97:94:ac:20:7f:aa:
e4:73:b0:b5:d8:92:64:45:7f:df:99:04:39:f0:71:
10:ab:a2:99:49:c4:d2:2b:40:04:47:0c:fe:2e:c1:
bd:6d:b1:e3:6a:0c:20:1c:86:ff:26:a9:5d:45:08:
4d:58:3a:a5:43:a0:93:60:e2:ac:3b:10:50:60:74:
d7:96:43:e9:0c:dc:04:36:fa:b1:fa:aa:4d:92:e8:
38:2f:fa:63:c3:f6:29:c9:e4:d8:4e:0c:a2:fa:e4:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:DA:3C:B2:7D:5F:81:8B:98:77:A0:D6:2B:CF:76:48:AF:AD:FB:1E
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/nNo8sn1fgYuYd6DWK892SK-t-x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.136.0/21
37.143.32.0/21
37.153.168.0/22
37.156.228.0/24
46.166.128.0/19
46.166.176.0/20
77.247.176.0/21
85.159.232.0/21
89.38.160.0/22
92.114.100.0/22
109.201.128.0/19
176.126.232.0/23
185.7.76.0/22
185.11.144.0/24
185.107.36.0-185.107.38.255
185.107.44.0/22
185.107.56.0/22
185.107.68.0/22
185.107.80.0/22
185.107.92.0/22
185.107.100.0/22
185.107.116.0/22
188.209.56.0/23
212.92.104.0-212.92.125.255
IPv6:
2a00:1768::/32
Signature Algorithm: sha256WithRSAEncryption
39:78:42:01:e3:93:11:cb:74:ad:f5:c0:35:aa:11:ca:11:e5:
2f:5d:24:a9:97:a7:2c:1b:6a:d1:38:18:6c:13:91:28:02:b3:
0c:ef:0e:e1:65:a2:71:24:7a:d6:0b:7c:eb:ca:a1:b4:7a:be:
be:27:9a:48:a9:d5:89:89:52:1d:db:fd:52:98:e6:8b:6e:30:
00:e0:1d:25:60:08:90:91:cb:b6:45:65:02:73:74:08:e2:3e:
86:0b:1e:70:fd:c1:db:1b:cb:b5:70:5f:9f:fb:0f:70:72:51:
8d:09:c5:77:79:01:68:73:52:74:1a:af:c1:c9:93:9d:54:86:
08:13:70:cd:07:7a:c8:34:ae:34:cd:37:fb:23:5f:30:78:93:
a7:91:4f:be:fb:06:d0:9a:15:d7:ff:84:b8:56:e7:fc:7a:13:
02:ea:a5:5e:09:1c:ba:38:6c:0e:a6:5e:75:c5:69:44:af:9a:
e9:29:17:82:6c:f4:0c:2b:ca:6d:f5:dd:8c:ce:4b:d9:ce:8d:
8c:b8:5d:48:db:95:6d:8a:88:2c:22:86:70:1f:48:23:ee:0d:
e4:07:3b:0c:5e:aa:3f:03:83:8c:12:b4:c9:44:06:1b:f4:a8:
3c:e8:9d:0b:03:9a:4e:26:35:94:4d:0d:2a:8f:fb:d2:f3:27:
00:e1:bb:e4
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYU27v8BraDpjQgKSrrHh73uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjIxMjIxMjMwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2RhM2NiMjdkNWY4MThiOTg3N2EwZDYyYmNmNzY0OGFmYWRmYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGRN1aBdZj9Egf2moGkcrJfd9N0o
SqSmnQtPUr6Xo/S+RjZl+IVQH0eFsGJKpm1DVASb9KV82xR+JeD6vulDopXlhiie
TQULaZw8xmMARmkC2pEyBYUpxDugU6ntcOpSUAixmtltdolF8J0pt8OYzsHyZMao
weI0klTEvfExGafY1G317KubnrnsBI8LeN+T3qJTN9xk9pDyD2pDRWqXlKwgf6rk
c7C12JJkRX/fmQQ58HEQq6KZScTSK0AERwz+LsG9bbHjagwgHIb/JqldRQhNWDql
Q6CTYOKsOxBQYHTXlkPpDNwENvqx+qpNkug4L/pjw/YpyeTYTgyi+uSqXwIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFJzaPLJ9X4GLmHeg1ivPdkivrfseMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvbk5vOHNuMWZnWXVZZDZEV0s4OTJTSy10LXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAMF
aIgDBAMljyADBAIlmagDBAAlnOQDBAUupoADBAQuprADBANN97ADBANVn+gDBAJZ
JqADBAJccmQDBAVtyYADBAGwfugDBAK5B0wDBAC5C5AwDAMEArlrJAMEALlrJgME
ArlrLAMEArlrOAMEArlrRAMEArlrUAMEArlrXAMEArlrZAMEArlrdAMEAbzRODAM
AwQD1FxoAwQB1Fx8MA0EAgACMAcDBQAqABdoMA0GCSqGSIb3DQEBCwUAA4IBAQA5
eEIB45MRy3St9cA1qhHKEeUvXSSpl6csG2rROBhsE5EoArMM7w7hZaJxJHrWC3zr
yqG0er6+J5pIqdWJiVId2/1SmOaLbjAA4B0lYAiQkcu2RWUCc3QI4j6GCx5w/cHb
G8u1cF+f+w9wclGNCcV3eQFoc1J0Gq/ByZOdVIYIE3DNB3rINK40zTf7I18weJOn
kU+++wbQmhXX/4S4Vuf8ehMC6qVeCRy6OGwOpl51xWlEr5rpKReCbPQMK8pt9d2M
zkvZzo2MuF1I25VtiogsIoZwH0gj7g3kBzsMXqo/A4OMErTJRAYb9Kg86J0LA5pO
JjWUTQ0qj/vS8ycA4bvk
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:11 2024 by rpki-client on console-ams.rpki-client.org