Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/nwvHUnUt9e9znhS6W4CjpfZjFs4.roa
File: nwvHUnUt9e9znhS6W4CjpfZjFs4.roa (raw, json)
Hash identifier: 0GP5fmze4az73381TUg8Lr5N7HyULgulnEXrtkC9yaI=
Subject key identifier: 9F:0B:C7:52:75:2D:F5:EF:73:9E:14:BA:5B:80:A3:A5:F6:63:16:CE
Certificate issuer: /CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Certificate serial: 026788D2
Authority key identifier: 21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/nwvHUnUt9e9znhS6W4CjpfZjFs4.roa
Signing time: Sat 01 Jan 2022 03:57:53 +0000
ROA not before: Sat 01 Jan 2022 03:57:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59625
IP address blocks: 185.84.69.0/24 maxlen: 24
185.240.16.0/24 maxlen: 24
185.84.68.0/24 maxlen: 24
185.84.70.0/24 maxlen: 24
185.240.17.0/24 maxlen: 24
185.84.71.0/24 maxlen: 24
185.240.18.0/24 maxlen: 24
185.240.19.0/24 maxlen: 24
185.244.177.0/24 maxlen: 24
185.244.176.0/24 maxlen: 24
2a03:7020:1::/48 maxlen: 48
2a03:7020:10::/48 maxlen: 48
2a03:7020::/48 maxlen: 48
2a03:7020:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40339666 (0x26788d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Validity
Not Before: Jan 1 03:57:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f0bc752752df5ef739e14ba5b80a3a5f66316ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:0f:ca:4d:67:8a:95:02:2b:27:47:ee:e2:
29:e1:29:97:c4:7f:bb:5b:a5:d8:8e:c0:3f:03:0b:
c6:e0:3d:39:61:cb:56:46:fe:6f:2f:6f:55:fa:33:
63:e8:a6:df:79:7f:cd:d9:b8:0f:e2:d0:f5:63:e9:
50:0c:51:5d:03:fe:15:e1:05:9f:4c:d8:25:e9:3d:
f5:d4:05:f7:b6:56:78:65:a6:ef:b0:dc:7b:ff:47:
20:e3:46:85:29:e8:cf:cf:ce:60:2e:55:42:62:96:
f6:d5:7a:5e:b6:17:e4:4e:df:87:a8:f1:e5:c6:ca:
89:46:af:13:61:eb:2a:60:39:a8:81:34:50:d1:bc:
21:07:ce:ba:79:78:59:39:56:d8:21:db:ab:e8:a9:
42:8c:21:c8:f0:88:e3:61:c7:41:23:da:32:c0:c8:
d1:b9:00:d9:61:7e:74:aa:5b:56:2f:7b:c2:2a:3d:
2d:ac:d7:45:0a:a2:7b:17:a7:eb:13:bb:fc:b7:32:
12:d7:73:e6:49:28:49:05:53:61:b8:3d:23:32:8d:
92:c5:74:b9:1f:1d:4d:55:2f:ea:5f:63:f2:a1:34:
51:d2:95:bc:62:22:2d:c7:6a:37:cb:a0:ad:8e:d8:
c7:3c:23:a1:d1:a2:d9:10:5e:ad:4a:0b:32:c4:a3:
dd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0B:C7:52:75:2D:F5:EF:73:9E:14:BA:5B:80:A3:A5:F6:63:16:CE
X509v3 Authority Key Identifier:
keyid:21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/nwvHUnUt9e9znhS6W4CjpfZjFs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.68.0/22
185.240.16.0/22
185.244.176.0/23
IPv6:
2a03:7020::/47
2a03:7020:8::/48
2a03:7020:10::/48
Signature Algorithm: sha256WithRSAEncryption
4f:95:07:3d:95:7d:ed:ae:47:f1:00:ee:25:06:00:aa:21:72:
6d:e0:b0:ac:20:11:a8:54:0b:e2:15:7b:f8:16:4b:0d:74:bc:
c3:01:eb:a3:76:b3:00:cd:52:a5:d9:ea:85:26:e0:32:b7:b5:
34:67:fc:23:68:b2:9f:09:dc:11:d1:b8:c4:a2:dc:87:f0:9e:
78:26:b9:3a:7b:ec:75:5a:33:85:1e:a9:ea:14:ee:03:d2:95:
49:64:ea:0b:70:03:22:ea:f5:ce:7f:c3:c0:a3:8a:61:ab:c8:
e5:1b:aa:64:b1:96:7e:f4:0d:6e:ed:36:56:8e:a2:19:11:3f:
fc:fd:0d:51:4f:13:3f:57:e5:0b:3d:79:7f:95:55:b9:87:ce:
75:de:4b:be:68:2f:b4:0b:c7:8e:ae:93:f0:2a:55:c8:ff:1c:
6a:33:be:35:67:4c:a4:ac:17:af:66:36:29:7a:0f:54:9b:f0:
fc:a2:bc:24:a4:94:23:ae:14:4e:da:00:5c:1d:a0:af:3d:62:
9a:9d:04:75:8d:31:2a:0c:ba:7b:6d:63:c4:3c:a3:2b:8b:a0:
78:95:43:27:1b:97:ab:6d:30:da:e1:80:ad:fe:e9:94:12:e6:
5f:d7:43:a2:26:32:7d:13:2e:1d:4b:94:78:9d:47:c5:3d:11:
63:74:b9:2a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEAmeI0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTdiNDkxZGNjYjU2MzIyMTZkODBiNDhmOGQ2Mjg2YjFlZmZkOGQ3MB4XDTIyMDEw
MTAzNTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYwYmM3NTI3NTJk
ZjVlZjczOWUxNGJhNWI4MGEzYTVmNjYzMTZjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSzD8pNZ4qVAisnR+7iKeEpl8R/u1ul2I7APwMLxuA9OWHL
Vkb+by9vVfozY+im33l/zdm4D+LQ9WPpUAxRXQP+FeEFn0zYJek99dQF97ZWeGWm
77Dce/9HIONGhSnoz8/OYC5VQmKW9tV6XrYX5E7fh6jx5cbKiUavE2HrKmA5qIE0
UNG8IQfOunl4WTlW2CHbq+ipQowhyPCI42HHQSPaMsDI0bkA2WF+dKpbVi97wio9
LazXRQqiexen6xO7/LcyEtdz5kkoSQVTYbg9IzKNksV0uR8dTVUv6l9j8qE0UdKV
vGIiLcdqN8ugrY7YxzwjodGi2RBerUoLMsSj3RMCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSfC8dSdS3173OeFLpbgKOl9mMWzjAfBgNVHSMEGDAWgBQhe0kdzLVjIhbY
C0j41ihrHv/Y1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lYdEpIY3kxWXlJVzJBdEktTllvYXg3XzJOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZTlmMjljLTkyMzEtNDUwZC1hZGIwLTZkZTA1YTMxNjIzOS8x
L253dkhVblV0OWU5em5oUzZXNENqcGZaakZzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZTlmMjljLTkyMzEtNDUwZC1hZGIwLTZkZTA1YTMxNjIzOS8xL0lYdEpIY3kxWXlJ
VzJBdEktTllvYXg3XzJOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wGAQCAAEwEgMEArlURAMEArnwEAMEAbn0sDAhBAIA
AjAbAwcBKgNwIAAAAwcAKgNwIAAIAwcAKgNwIAAQMA0GCSqGSIb3DQEBCwUAA4IB
AQBPlQc9lX3trkfxAO4lBgCqIXJt4LCsIBGoVAviFXv4FksNdLzDAeujdrMAzVKl
2eqFJuAyt7U0Z/wjaLKfCdwR0bjEotyH8J54Jrk6e+x1WjOFHqnqFO4D0pVJZOoL
cAMi6vXOf8PAo4phq8jlG6pksZZ+9A1u7TZWjqIZET/8/Q1RTxM/V+ULPXl/lVW5
h8513ku+aC+0C8eOrpPwKlXI/xxqM741Z0ykrBevZjYpeg9Um/D8orwkpJQjrhRO
2gBcHaCvPWKanQR1jTEqDLp7bWPEPKMri6B4lUMnG5erbTDa4YCt/umUEuZf10Oi
JjJ9Ey4dS5R4nUfFPRFjdLkq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:38 2024 by rpki-client on console-ams.rpki-client.org