Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/nfM6FIGdmdg4n0Of_O1dkobk9Qg.roa
File: nfM6FIGdmdg4n0Of_O1dkobk9Qg.roa (raw, json)
Hash identifier: j41u4mWFdLQlUFD2l8bfDxB6da5MzmhBajbbXSybIUk=
Subject key identifier: 9D:F3:3A:14:81:9D:99:D8:38:9F:43:9F:FC:ED:5D:92:86:E4:F5:08
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 09A11F95
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/nfM6FIGdmdg4n0Of_O1dkobk9Qg.roa
Signing time: Wed 02 Feb 2022 09:55:02 +0000
ROA not before: Wed 02 Feb 2022 09:55:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 217.23.0.0/20 maxlen: 20
185.132.132.0/22 maxlen: 22
185.184.192.0/22 maxlen: 22
185.183.32.0/22 maxlen: 22
185.182.192.0/22 maxlen: 22
62.112.8.0/22 maxlen: 22
185.165.240.0/22 maxlen: 22
185.21.60.0/22 maxlen: 22
45.14.132.0/22 maxlen: 22
178.218.196.0/22 maxlen: 22
80.79.4.0/22 maxlen: 22
185.185.48.0/22 maxlen: 22
91.232.105.0/24 maxlen: 24
185.132.176.0/22 maxlen: 22
89.38.96.0/22 maxlen: 22
45.82.64.0/22 maxlen: 22
193.200.164.0/24 maxlen: 24
93.190.136.0/22 maxlen: 22
93.190.140.0/22 maxlen: 22
91.229.23.0/24 maxlen: 24
185.173.160.0/22 maxlen: 22
185.2.80.0/22 maxlen: 22
185.177.124.0/22 maxlen: 22
178.132.0.0/21 maxlen: 21
185.180.220.0/22 maxlen: 22
89.39.104.0/22 maxlen: 22
185.191.0.0/22 maxlen: 22
2.59.168.0/22 maxlen: 22
194.88.104.0/22 maxlen: 22
212.8.240.0/24 maxlen: 24
212.8.242.0/23 maxlen: 23
109.236.80.0/20 maxlen: 20
212.8.252.0/23 maxlen: 23
212.8.248.0/23 maxlen: 23
212.8.250.0/24 maxlen: 24
185.172.88.0/22 maxlen: 22
2a00:7c82::/32 maxlen: 32
2a00:7c81::/32 maxlen: 32
2a00:7c83::/32 maxlen: 32
2a00:7c80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161554325 (0x9a11f95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Feb 2 09:55:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9df33a14819d99d8389f439ffced5d9286e4f508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:30:cb:12:b8:82:a5:b8:5b:c2:13:7a:37:67:
52:c3:50:9d:76:e5:bb:d9:8b:5d:47:2d:0e:a4:d0:
8a:9e:ee:14:38:b9:73:c9:3c:5b:68:5d:7d:e0:48:
b7:af:2f:b6:3a:8e:11:ec:2c:60:39:9c:27:dc:67:
c0:32:ab:bb:3d:c4:2a:f7:c2:f8:7c:de:56:f3:cd:
eb:b4:87:fa:ca:75:d4:b0:38:83:fa:ab:64:49:56:
81:d8:73:d8:6e:cb:bc:4c:a0:82:57:f5:f2:7d:b7:
25:c8:51:2a:2d:c0:50:85:01:cd:4a:2a:25:7e:70:
12:8c:8c:02:a3:34:81:e4:06:0e:43:b6:ce:d9:cd:
09:2a:b4:c8:c8:f5:33:bf:a9:a0:d0:8a:41:98:59:
64:eb:f6:5e:e2:d1:b3:2d:f7:82:6d:2a:52:f7:43:
49:70:e3:7c:7d:0a:9a:62:75:53:ec:d8:fc:1b:0e:
a9:86:4e:fe:fa:4a:3b:ce:76:87:e3:5c:71:de:13:
e5:83:9e:ab:aa:c2:2f:3c:ba:d2:03:d2:d1:49:6b:
d6:18:1c:a4:d8:ac:a4:71:3d:ca:d9:f4:09:05:b3:
40:bd:f1:04:cc:f9:b5:41:51:0b:74:f7:0e:39:1d:
dc:35:7c:81:e7:55:f7:98:16:23:99:cc:d9:74:8e:
c5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F3:3A:14:81:9D:99:D8:38:9F:43:9F:FC:ED:5D:92:86:E4:F5:08
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/nfM6FIGdmdg4n0Of_O1dkobk9Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.168.0/22
45.14.132.0/22
45.82.64.0/22
62.112.8.0/22
80.79.4.0/22
89.38.96.0/22
89.39.104.0/22
91.229.23.0/24
91.232.105.0/24
93.190.136.0/21
109.236.80.0/20
178.132.0.0/21
178.218.196.0/22
185.2.80.0/22
185.21.60.0/22
185.132.132.0/22
185.132.176.0/22
185.165.240.0/22
185.172.88.0/22
185.173.160.0/22
185.177.124.0/22
185.180.220.0/22
185.182.192.0/22
185.183.32.0/22
185.184.192.0/22
185.185.48.0/22
185.191.0.0/22
193.200.164.0/24
194.88.104.0/22
212.8.240.0/24
212.8.242.0/23
212.8.248.0-212.8.250.255
212.8.252.0/23
217.23.0.0/20
IPv6:
2a00:7c80::/29
Signature Algorithm: sha256WithRSAEncryption
73:7c:95:92:21:2d:5a:94:60:1d:1c:b4:16:4e:e3:bd:e2:da:
c3:ca:70:2a:fd:98:cb:84:1f:e9:7f:50:64:05:42:d1:b0:e2:
fc:6a:e7:b6:02:82:0a:92:13:02:f5:35:bf:36:aa:22:23:86:
69:42:ec:04:4a:44:83:55:2a:71:e8:8d:00:b9:19:54:76:3e:
df:08:5e:96:fd:72:d8:35:03:8f:52:cf:bc:df:80:77:80:df:
a0:70:cb:84:d4:f0:4d:d1:07:f0:d5:60:7c:99:cf:65:c5:5b:
0d:7e:4b:c9:6b:93:db:1f:89:bc:5c:35:c6:eb:75:fa:60:b3:
2a:c6:a0:03:0f:3c:61:e0:e4:48:5b:2a:9a:57:a8:40:97:fe:
94:9c:73:b4:5b:56:68:74:11:39:30:aa:51:1c:7c:f7:f7:0e:
1f:4b:e5:9d:b4:50:81:82:46:2d:38:ea:2b:1c:2c:73:22:76:
c8:2a:d1:50:d8:ac:9d:3d:fa:e4:94:69:bc:02:5f:0c:9c:70:
cb:1b:99:fd:05:2d:2c:75:fe:ef:47:5c:49:b0:cf:f0:2f:3c:
ed:f4:ca:f5:f0:9a:18:6c:34:5b:b7:ed:9d:3c:e8:2d:df:c6:
65:36:b6:24:fd:43:00:32:3d:0b:ac:15:1d:22:18:7a:61:03:
7e:8d:6a:f1
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIECaEflTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzAxNTY1NDA4MjU3OGM0OTQ2Y2QyN2JlMWU4OWEzZGQ3NTYyZmE0MB4XDTIyMDIw
MjA5NTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRmMzNhMTQ4MTlk
OTlkODM4OWY0MzlmZmNlZDVkOTI4NmU0ZjUwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0wyxK4gqW4W8ITejdnUsNQnXblu9mLXUctDqTQip7uFDi5
c8k8W2hdfeBIt68vtjqOEewsYDmcJ9xnwDKruz3EKvfC+HzeVvPN67SH+sp11LA4
g/qrZElWgdhz2G7LvEygglf18n23JchRKi3AUIUBzUoqJX5wEoyMAqM0geQGDkO2
ztnNCSq0yMj1M7+poNCKQZhZZOv2XuLRsy33gm0qUvdDSXDjfH0KmmJ1U+zY/BsO
qYZO/vpKO852h+Nccd4T5YOeq6rCLzy60gPS0Ulr1hgcpNispHE9ytn0CQWzQL3x
BMz5tUFRC3T3Djkd3DV8gedV95gWI5nM2XSOxVMCAwEAAaOCAuwwggLoMB0GA1Ud
DgQWBBSd8zoUgZ2Z2DifQ5/87V2ShuT1CDAfBgNVHSMEGDAWgBRDAVZUCCV4xJRs
0nvh6Jo911YvpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F3RldWQWdsZU1TVWJOSjc0ZWlhUGRkV0w2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvYzI3ZmE2LWIyYjAtNGRjYi1hODk5LTEwMzBjZGJlNmJkNC8x
L25mTTZGSUdkbWRnNG4wT2ZfTzFka29iazlRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
YzI3ZmE2LWIyYjAtNGRjYi1hODk5LTEwMzBjZGJlNmJkNC8xL1F3RldWQWdsZU1T
VWJOSjc0ZWlhUGRkV0w2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQAGCCsGAQUFBwEHAQH/BIHwMIHtMIHbBAIAATCB1AMEAgI7qAMEAi0OhAMEAi1S
QAMEAj5wCAMEAlBPBAMEAlkmYAMEAlknaAMEAFvlFwMEAFvoaQMEA12+iAMEBG3s
UAMEA7KEAAMEArLaxAMEArkCUAMEArkVPAMEArmEhAMEArmEsAMEArml8AMEArms
WAMEArmtoAMEArmxfAMEArm03AMEArm2wAMEArm3IAMEArm4wAMEArm5MAMEArm/
AAMEAMHIpAMEAsJYaAMEANQI8AMEAdQI8jAMAwQD1Aj4AwQA1Aj6AwQB1Aj8AwQE
2RcAMA0EAgACMAcDBQMqAHyAMA0GCSqGSIb3DQEBCwUAA4IBAQBzfJWSIS1alGAd
HLQWTuO94trDynAq/ZjLhB/pf1BkBULRsOL8aue2AoIKkhMC9TW/NqoiI4ZpQuwE
SkSDVSpx6I0AuRlUdj7fCF6W/XLYNQOPUs+834B3gN+gcMuE1PBN0Qfw1WB8mc9l
xVsNfkvJa5PbH4m8XDXG63X6YLMqxqADDzxh4ORIWyqaV6hAl/6UnHO0W1ZodBE5
MKpRHHz39w4fS+WdtFCBgkYtOOorHCxzInbIKtFQ2KydPfrklGm8Al8MnHDLG5n9
BS0sdf7vR1xJsM/wLzzt9Mr18JoYbDRbt+2dPOgt38ZlNrYk/UMAMj0LrBUdIhh6
YQN+jWrx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:26 2024 by rpki-client on console-ams.rpki-client.org