Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/x-NsoZxXV8Jx8rLur8mKBsXmBVE.roa
File: x-NsoZxXV8Jx8rLur8mKBsXmBVE.roa (raw, json)
Hash identifier: 8OoB4T3EGjrpHDoU/Z0MaKInJ8kTmuFBLMv9O6kE3No=
Subject key identifier: C7:E3:6C:A1:9C:57:57:C2:71:F2:B2:EE:AF:C9:8A:06:C5:E6:05:51
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183FAFDA8D765BE140D355D7129C7550E21
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/x-NsoZxXV8Jx8rLur8mKBsXmBVE.roa
Signing time: Fri 21 Oct 2022 14:41:11 +0000
ROA not before: Fri 21 Oct 2022 14:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:fd:a8:d7:65:be:14:0d:35:5d:71:29:c7:55:0e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 21 14:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7e36ca19c5757c271f2b2eeafc98a06c5e60551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:38:b0:0b:39:87:71:aa:13:a8:9f:e8:21:
16:ec:24:0a:1f:a7:d4:de:03:37:fc:80:ce:cb:66:
96:46:46:65:a5:97:6b:12:90:4d:20:ef:49:a4:29:
83:76:bc:bf:61:30:0c:9d:5d:a7:e7:61:4a:02:41:
41:af:77:16:f3:73:89:f7:3e:7b:ef:ef:8b:bb:23:
7f:f5:5c:40:80:e9:de:da:79:be:20:b2:4a:4a:d8:
58:52:12:5b:80:80:4a:5e:1f:3b:c7:ec:83:a7:e4:
60:8b:92:ee:9a:a7:72:fa:c3:a8:99:96:89:45:05:
78:ca:74:75:6b:30:db:07:36:43:b5:d9:52:49:da:
8e:74:1a:4a:ba:df:db:ba:02:e0:f0:6c:8c:ef:42:
f8:97:07:cf:8c:62:39:1c:2b:4c:15:3e:2c:e9:93:
9e:f6:dd:ab:98:86:b2:2b:93:95:6c:77:78:48:74:
9d:76:bd:90:32:50:e9:88:bf:de:e7:e1:3e:8b:64:
2f:aa:02:99:6d:ff:85:c1:58:d9:ce:92:dd:82:a5:
d1:1c:21:e9:ce:5f:3b:e3:b5:d2:98:9e:42:5f:f8:
e3:c9:14:90:81:39:65:22:b2:2c:ac:af:89:26:65:
d1:e3:72:c1:b9:af:be:88:f1:dd:45:66:a4:1d:36:
51:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E3:6C:A1:9C:57:57:C2:71:F2:B2:EE:AF:C9:8A:06:C5:E6:05:51
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/x-NsoZxXV8Jx8rLur8mKBsXmBVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.241.0/24
195.62.24.0/24
195.177.93.0-195.177.95.255
Signature Algorithm: sha256WithRSAEncryption
a4:2b:3a:b7:e1:86:ba:e9:dd:1a:ca:33:cb:b5:06:32:59:d7:
b6:7c:70:08:aa:b6:2e:b1:86:23:09:8a:2d:bc:45:8f:9e:fe:
53:6a:67:66:bb:be:c7:b3:2a:e6:a8:53:2b:fb:2c:61:72:26:
61:64:44:3f:c3:87:88:15:88:64:23:4c:a1:a0:0f:5b:19:fa:
d3:33:1b:83:5c:98:d0:07:bd:4c:51:0f:ce:49:98:83:f2:4f:
6e:ab:14:87:ae:59:f0:2d:79:73:f1:fe:9f:49:73:5a:39:61:
1d:56:13:cd:75:06:c1:94:1d:07:f7:f1:2e:80:72:a8:da:b9:
ea:74:5b:87:3b:2b:0f:cd:16:5f:f1:68:3d:f1:6f:f8:bf:bc:
04:ad:e9:f5:9c:a3:0a:4d:98:70:60:fe:b3:77:09:b9:a6:f1:
72:84:33:58:87:cd:9d:fb:e6:cc:6e:c3:b9:92:80:d7:cc:04:
01:9c:11:d5:59:4f:ae:4c:ba:73:71:9f:2d:dc:40:53:3d:a7:
6e:41:08:ab:04:1a:ce:fe:c9:bb:80:37:96:f7:ac:e9:45:a3:
08:a0:d3:db:49:81:0c:1f:a7:4b:bd:ab:89:00:17:f8:fa:cc:
ea:bc:b1:ef:1b:b8:87:45:06:fe:7c:c6:ab:79:36:aa:79:dc:
53:c0:05:7a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYP6/ajXZb4UDTVdcSnHVQ4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIxMTQ0MTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2UzNmNhMTljNTc1N2MyNzFmMmIyZWVhZmM5OGEwNmM1ZTYwNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZQ4sAs5h3GqE6if6CEW7CQKH6fU
3gM3/IDOy2aWRkZlpZdrEpBNIO9JpCmDdry/YTAMnV2n52FKAkFBr3cW83OJ9z57
7++LuyN/9VxAgOne2nm+ILJKSthYUhJbgIBKXh87x+yDp+Rgi5Lumqdy+sOomZaJ
RQV4ynR1azDbBzZDtdlSSdqOdBpKut/bugLg8GyM70L4lwfPjGI5HCtMFT4s6ZOe
9t2rmIayK5OVbHd4SHSddr2QMlDpiL/e5+E+i2QvqgKZbf+FwVjZzpLdgqXRHCHp
zl8747XSmJ5CX/jjyRSQgTllIrIsrK+JJmXR43LBua++iPHdRWakHTZRqwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMfjbKGcV1fCcfKy7q/JigbF5gVRMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveC1Oc29aeFhWOEp4OHJMdXI4bUtCc1htQlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwR7xAwQA
wz4YMAwDBADDsV0DBAXDsUAwDQYJKoZIhvcNAQELBQADggEBAKQrOrfhhrrp3RrK
M8u1BjJZ17Z8cAiqti6xhiMJii28RY+e/lNqZ2a7vsezKuaoUyv7LGFyJmFkRD/D
h4gViGQjTKGgD1sZ+tMzG4NcmNAHvUxRD85JmIPyT26rFIeuWfAteXPx/p9Jc1o5
YR1WE811BsGUHQf38S6Acqjauep0W4c7Kw/NFl/xaD3xb/i/vASt6fWcowpNmHBg
/rN3Cbmm8XKEM1iHzZ375sxuw7mSgNfMBAGcEdVZT65MunNxny3cQFM9p25BCKsE
Gs7+ybuAN5b3rOlFowig09tJgQwfp0u9q4kAF/j6zOq8se8buIdFBv58xqt5Nqp5
3FPABXo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-ams.rpki-client.org