Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/na8pb3giVFVcq9f4ibmCkua0lFQ.roa
File: na8pb3giVFVcq9f4ibmCkua0lFQ.roa (raw, json)
Hash identifier: sX8aAIbuRwVqB2/mD3C357iKxmWDkYtEWH4FKoy83eM=
Subject key identifier: 9D:AF:29:6F:78:22:54:55:5C:AB:D7:F8:89:B9:82:92:E6:B4:94:54
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0CFE476A
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/na8pb3giVFVcq9f4ibmCkua0lFQ.roa
Signing time: Thu 21 Apr 2022 12:51:56 +0000
ROA not before: Thu 21 Apr 2022 12:51:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61157
IP address blocks: 46.23.208.0/21 maxlen: 24
212.1.32.0/19 maxlen: 19
188.64.192.0/21 maxlen: 21
62.75.174.0/24 maxlen: 24
185.209.64.0/22 maxlen: 22
195.244.96.0/19 maxlen: 19
2a02:ad0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217991018 (0xcfe476a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Apr 21 12:51:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9daf296f782254555cabd7f889b98292e6b49454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f2:95:14:62:b4:99:df:1a:8b:0f:c4:61:e5:
91:5c:c8:e4:65:00:e7:37:85:89:19:5e:fa:f1:96:
7f:d7:ec:ef:54:dd:72:69:ce:af:15:7a:59:9a:9f:
41:ae:9b:ad:e1:c4:20:e2:ec:28:c3:bb:d5:ef:ae:
97:db:65:1f:a1:a0:c8:4b:82:27:f8:ad:7c:67:4d:
4c:f0:1c:51:c4:80:88:48:c9:9e:0e:bc:5a:6c:90:
af:c1:b2:6e:9e:e1:ca:e9:73:41:63:44:10:b1:d3:
5f:5d:d9:a9:54:65:3a:cc:22:b7:ea:aa:71:47:35:
66:2f:bb:f7:9f:8b:8e:17:b4:9d:b0:ce:e4:8b:7c:
32:32:28:2a:59:51:a2:90:22:09:ab:c2:e3:8e:bb:
13:dc:df:dd:45:a5:c4:db:0f:cb:fe:98:e8:30:c5:
33:3e:ac:c9:1a:ce:db:51:88:07:6c:f8:aa:d8:a8:
67:91:f0:1b:5d:41:bb:1b:29:33:45:84:b4:f0:bb:
2e:34:d6:d4:c6:11:8a:53:50:16:40:e6:3d:7c:cc:
cc:07:fc:2b:16:2d:2d:99:71:a8:33:06:e5:7e:de:
01:06:77:a8:28:ba:fc:f9:33:5f:ae:85:5d:c7:d8:
05:b1:d5:f7:0e:87:dc:47:2e:36:c5:c5:be:2a:3b:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AF:29:6F:78:22:54:55:5C:AB:D7:F8:89:B9:82:92:E6:B4:94:54
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/na8pb3giVFVcq9f4ibmCkua0lFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.208.0/21
62.75.174.0/24
185.209.64.0/22
188.64.192.0/21
195.244.96.0/19
212.1.32.0/19
IPv6:
2a02:ad0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:66:f8:00:01:71:77:0b:eb:d3:5e:ae:56:78:a4:d3:77:22:
c3:49:ba:8b:4a:bb:ca:c2:af:8e:b9:f5:85:bd:07:c8:c9:f0:
1c:53:1a:0f:9a:cf:ec:a9:ea:b0:6c:91:00:a6:28:c5:5e:de:
85:75:3a:8f:79:7a:4d:e0:43:78:58:d6:12:f3:ae:8e:0a:33:
cd:9d:7c:cb:a0:09:59:d6:d1:3f:a6:75:5b:a3:4f:11:6a:cd:
b5:6e:d8:4e:38:b7:48:d8:e7:55:dd:f8:d0:ef:67:5b:1f:3a:
c1:20:ac:ec:1a:c8:b0:fd:9f:d9:c1:06:fb:f1:0e:71:ba:1f:
9b:d8:aa:0f:9a:0e:2f:ed:69:70:b7:c4:11:d0:62:52:fd:e9:
39:06:63:35:c0:86:02:75:d5:f7:9a:8b:b8:d4:0a:ad:56:b1:
95:0b:2b:c6:a2:d4:01:c0:f9:86:fd:3e:21:c0:00:c0:5e:f1:
20:91:19:74:9b:7f:3f:fd:bf:f9:3e:c6:7f:e8:37:be:a9:86:
66:f8:f7:f2:f6:af:7a:29:23:df:9d:29:c0:52:64:a2:d9:5f:
35:b8:5a:dc:0c:6c:63:88:e7:6e:39:fb:83:05:e2:fc:49:8a:
d6:c9:86:e1:b5:92:18:11:69:c0:93:b5:59:6f:e3:eb:86:9b:
a6:92:07:a0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEDP5HajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDQy
MTEyNTE1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRhZjI5NmY3ODIy
NTQ1NTVjYWJkN2Y4ODliOTgyOTJlNmI0OTQ1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfylRRitJnfGosPxGHlkVzI5GUA5zeFiRle+vGWf9fs71Td
cmnOrxV6WZqfQa6breHEIOLsKMO71e+ul9tlH6GgyEuCJ/itfGdNTPAcUcSAiEjJ
ng68WmyQr8Gybp7hyulzQWNEELHTX13ZqVRlOswit+qqcUc1Zi+795+Ljhe0nbDO
5It8MjIoKllRopAiCavC4467E9zf3UWlxNsPy/6Y6DDFMz6syRrO21GIB2z4qtio
Z5HwG11BuxspM0WEtPC7LjTW1MYRilNQFkDmPXzMzAf8KxYtLZlxqDMG5X7eAQZ3
qCi6/PkzX66FXcfYBbHV9w6H3EcuNsXFvio7p60CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSdrylveCJUVVyr1/iJuYKS5rSUVDAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L25hOHBiM2dpVkZWY3E5ZjRpYm1Da3VhMGxGUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAy4X0AMEAD5LrgMEArnRQAMEA7xA
wAMEBcP0YAMEBdQBIDANBAIAAjAHAwUDKgIK0DANBgkqhkiG9w0BAQsFAAOCAQEA
TWb4AAFxdwvr016uVnik03ciw0m6i0q7ysKvjrn1hb0HyMnwHFMaD5rP7KnqsGyR
AKYoxV7ehXU6j3l6TeBDeFjWEvOujgozzZ18y6AJWdbRP6Z1W6NPEWrNtW7YTji3
SNjnVd340O9nWx86wSCs7BrIsP2f2cEG+/EOcbofm9iqD5oOL+1pcLfEEdBiUv3p
OQZjNcCGAnXV95qLuNQKrVaxlQsrxqLUAcD5hv0+IcAAwF7xIJEZdJt/P/2/+T7G
f+g3vqmGZvj38vaveikj350pwFJkotlfNbha3AxsY4jnbjn7gwXi/EmK1smG4bWS
GBFpwJO1WW/j64abppIHoA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org