Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nYOegSxJsJoowkSTfY2ScM695dM.roa
File: nYOegSxJsJoowkSTfY2ScM695dM.roa (raw, json)
Hash identifier: w6bEHNQiPBj0woEZxKYQDQa4oQaDf9DFMgieCZukVd4=
Subject key identifier: 9D:83:9E:81:2C:49:B0:9A:28:C2:44:93:7D:8D:92:70:CE:BD:E5:D3
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 08F28DFD
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nYOegSxJsJoowkSTfY2ScM695dM.roa
Signing time: Sat 01 Jan 2022 16:00:02 +0000
ROA not before: Sat 01 Jan 2022 16:00:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150113789 (0x8f28dfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 16:00:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d839e812c49b09a28c244937d8d9270cebde5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b8:51:e9:35:6d:ea:ab:b1:44:1f:ac:ea:ce:
29:d4:a7:f0:a1:fb:ff:5f:fb:33:85:1b:ec:d4:10:
e4:04:82:c2:cd:39:2a:ff:b9:4c:be:74:9d:88:71:
f2:10:16:4e:0f:f1:05:a7:fa:eb:30:a8:cf:ab:f7:
21:28:46:7f:b5:5d:5e:f8:b3:c4:8b:c5:fc:77:d0:
dd:1f:11:1c:28:71:e2:9e:0d:6f:b0:8c:eb:63:cd:
05:aa:f3:fe:c5:c7:9e:98:8c:1f:e0:2a:d7:1d:9c:
a6:39:a3:82:d4:79:12:17:04:48:07:b9:d1:0f:8b:
eb:ba:04:7d:eb:4b:a4:3b:a4:8b:90:ce:9d:e0:be:
35:bb:c2:be:2e:22:fd:ac:77:d1:3d:20:17:1a:f5:
78:cb:5d:f4:8a:5e:3b:30:88:a9:75:9b:34:d1:60:
b1:32:01:4d:af:5f:ea:56:d5:f1:54:6f:00:34:b2:
7e:09:ed:fb:3e:31:24:df:38:66:1d:57:a2:89:7f:
fc:13:d4:f8:3b:ac:3e:c9:43:37:83:83:8e:d8:e6:
33:2c:7f:8b:eb:a4:f4:20:a5:41:61:7f:64:8f:23:
fc:9a:4c:d5:9d:42:26:2d:ff:e3:69:f8:d7:ce:68:
aa:33:a4:6f:9d:fb:be:3a:4d:7b:da:67:20:f7:32:
c1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:83:9E:81:2C:49:B0:9A:28:C2:44:93:7D:8D:92:70:CE:BD:E5:D3
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nYOegSxJsJoowkSTfY2ScM695dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::/44
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
38:38:f1:37:44:1b:ca:7a:1c:15:a9:f2:f6:f4:74:bf:35:04:
a8:07:3f:3a:aa:f4:a7:1f:2f:10:8c:7a:58:62:57:51:d5:e9:
42:2d:4f:7e:7b:b9:fe:4a:7b:61:db:11:93:b4:07:3f:35:32:
c4:ac:e4:ab:73:a2:ef:b0:8d:d3:28:54:5c:67:de:cc:9d:09:
e3:07:0e:76:f9:8d:e7:a8:d8:46:13:99:d7:52:1f:b2:1a:9e:
70:20:d1:56:03:b0:5e:d5:2a:13:6c:6e:4c:37:67:90:17:59:
a5:2d:9d:40:57:d7:82:79:e2:b8:9c:b0:07:60:71:c9:51:5a:
09:7c:d3:b8:d8:70:37:f8:77:e3:c6:d6:b8:67:d1:85:8a:10:
b4:32:fc:54:67:93:18:ad:d8:04:71:ce:b3:0b:6e:54:2f:fa:
59:cd:4d:d2:2f:0d:40:19:aa:01:17:75:bc:80:c4:bb:a2:97:
7d:9e:9a:79:e0:ab:90:fe:b4:8a:5b:28:12:06:09:a8:43:3e:
60:ea:3e:ae:91:4c:ed:c1:f4:6e:e0:11:52:07:f9:7a:67:4a:
b6:4a:fc:95:7b:78:7c:69:dc:ee:9c:62:6f:4b:1e:e5:1c:1e:
50:bf:aa:a4:32:a1:d3:06:b2:48:3d:0e:b9:57:db:5a:da:78:
af:53:48:b9
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIECPKN/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDEw
MTE2MDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ4MzllODEyYzQ5
YjA5YTI4YzI0NDkzN2Q4ZDkyNzBjZWJkZTVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKG4Uek1beqrsUQfrOrOKdSn8KH7/1/7M4Ub7NQQ5ASCws05
Kv+5TL50nYhx8hAWTg/xBaf66zCoz6v3IShGf7VdXvizxIvF/HfQ3R8RHChx4p4N
b7CM62PNBarz/sXHnpiMH+Aq1x2cpjmjgtR5EhcESAe50Q+L67oEfetLpDuki5DO
neC+NbvCvi4i/ax30T0gFxr1eMtd9IpeOzCIqXWbNNFgsTIBTa9f6lbV8VRvADSy
fgnt+z4xJN84Zh1Xool//BPU+DusPslDN4ODjtjmMyx/i+uk9CClQWF/ZI8j/JpM
1Z1CJi3/42n4185oqjOkb537vjpNe9pnIPcywdsCAwEAAaOCAt4wggLaMB0GA1Ud
DgQWBBSdg56BLEmwmijCRJN9jZJwzr3l0zAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L25ZT2VnU3hKc0pvb3drU1RmWTJTY002OTVkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
8wYIKwYBBQUHAQcBAf8EgeMwgeAwgZEEAgABMIGKAwQCAjikAwQCLVEUAwQCLVqQ
AwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQCVcqgAwQCWb6cAwQCstqQ
AwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQCwR8cAwQCwSJMAwQCwd3A
AwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMEoEAgACMEQDBwQqCwuCAAADBQEqCwuE
AwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wAwcEKgtwgAAQAwUA
Kg13xzANBgkqhkiG9w0BAQsFAAOCAQEAODjxN0QbynocFany9vR0vzUEqAc/Oqr0
px8vEIx6WGJXUdXpQi1Pfnu5/kp7YdsRk7QHPzUyxKzkq3Oi77CN0yhUXGfezJ0J
4wcOdvmN56jYRhOZ11IfshqecCDRVgOwXtUqE2xuTDdnkBdZpS2dQFfXgnniuJyw
B2BxyVFaCXzTuNhwN/h348bWuGfRhYoQtDL8VGeTGK3YBHHOswtuVC/6Wc1N0i8N
QBmqARd1vIDEu6KXfZ6aeeCrkP60ilsoEgYJqEM+YOo+rpFM7cH0buARUgf5emdK
tkr8lXt4fGnc7pxib0se5RweUL+qpDKh0waySD0OuVfbWtp4r1NIuQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-ams.rpki-client.org