Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/nqqXODf1YB-bJI_agnUkTVYxLHg.roa
File: nqqXODf1YB-bJI_agnUkTVYxLHg.roa (raw, json)
Hash identifier: y8tU0Jl01NrCg3sDiwuiN8T08hWOcMv2ugRtFicLNE0=
Subject key identifier: 9E:AA:97:38:37:F5:60:1F:9B:24:8F:DA:82:75:24:4D:56:31:2C:78
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0CB7F064
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/nqqXODf1YB-bJI_agnUkTVYxLHg.roa
Signing time: Fri 01 Apr 2022 08:53:09 +0000
ROA not before: Fri 01 Apr 2022 08:53:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 195.180.132.0/22 maxlen: 22
195.180.140.0/22 maxlen: 22
194.195.96.0/22 maxlen: 22
212.224.0.0/22 maxlen: 24
195.179.44.0/22 maxlen: 22
194.233.20.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.163.72.0/22 maxlen: 22
194.163.76.0/22 maxlen: 22
194.233.52.0/22 maxlen: 22
195.179.80.0/22 maxlen: 22
194.64.148.0/22 maxlen: 22
195.179.32.0/21 maxlen: 24
194.64.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213381220 (0xcb7f064)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Apr 1 08:53:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eaa973837f5601f9b248fda8275244d56312c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f4:48:3f:3f:e2:c7:86:3e:a1:e8:bc:37:94:
63:b2:59:2b:78:a5:90:bf:b7:8a:aa:79:f0:1c:7d:
62:dc:d2:d8:1b:24:7d:c7:22:4b:e3:3e:2c:eb:da:
31:dc:7d:16:04:1e:d7:cf:40:93:39:79:e7:83:76:
26:66:b7:80:19:1e:61:33:1a:1d:6a:86:c3:88:c6:
5e:8d:a6:7d:8f:57:b0:8b:dd:9a:af:5c:55:7b:66:
28:32:e0:25:9b:79:3a:1f:f4:e9:91:58:50:41:e3:
8c:4e:c8:9a:b5:65:94:fe:5a:db:a5:85:06:60:1a:
03:80:fd:f0:59:24:93:ce:20:b0:5c:58:be:88:4e:
cd:bf:ef:ee:58:bd:46:ce:25:9c:c1:1e:71:ac:04:
0f:da:f8:32:74:c6:97:41:58:d0:2e:7f:6a:04:9e:
0d:63:81:3e:ba:e8:01:70:8d:05:af:93:be:a5:b7:
56:f0:76:42:a9:83:ef:08:18:c5:47:95:46:64:81:
b4:49:49:cc:f9:19:4b:56:9b:c1:6f:30:57:13:ec:
17:a5:d3:da:2f:69:5a:6b:13:d4:0c:c3:61:6f:bb:
64:7f:83:7e:00:68:d2:6e:73:09:74:f6:af:b5:1e:
4d:b2:a0:96:c7:d1:13:7b:ff:99:4f:4d:95:27:aa:
3a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AA:97:38:37:F5:60:1F:9B:24:8F:DA:82:75:24:4D:56:31:2C:78
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/nqqXODf1YB-bJI_agnUkTVYxLHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.148.0/22
194.64.156.0/22
194.64.172.0/22
194.163.72.0/21
194.195.96.0/22
194.233.20.0/22
194.233.52.0/22
195.179.32.0/21
195.179.44.0/22
195.179.80.0/22
195.180.132.0/22
195.180.140.0/22
212.224.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:aa:e9:6f:3c:13:d7:ac:ec:50:16:37:6f:4a:bd:b7:e3:04:
d6:8f:43:80:4e:00:52:5b:fc:fc:24:8a:18:a4:71:d8:25:1e:
cf:d5:00:74:99:3a:84:e8:2e:24:98:42:47:3a:8d:58:ca:e1:
30:7d:c7:95:d4:6f:86:a0:18:e7:e5:11:53:d6:6b:61:31:6c:
6e:69:5c:30:45:0f:d9:8d:67:6f:43:a4:05:66:02:4a:1a:4a:
d5:ee:90:b0:8c:03:08:e1:14:5a:3a:31:96:68:0b:02:69:10:
75:33:4c:0f:e4:5e:3d:13:76:95:f4:eb:3f:a4:20:71:3d:d5:
57:f7:ac:43:55:36:1b:16:d1:9a:f3:d5:25:d4:f1:81:b1:aa:
65:f3:82:fe:a5:1d:68:a6:2e:3e:a5:95:73:80:b7:b2:9c:33:
09:fb:4b:cb:7a:b9:6e:00:39:c3:41:c8:b6:62:d8:e2:c0:c1:
1e:47:9f:6d:ed:41:49:a4:6a:e1:5d:61:8d:46:f2:cb:3d:e2:
17:e0:b6:eb:4f:49:11:89:80:6c:a1:e3:6a:34:ef:9b:5c:66:
90:80:44:c1:80:88:5c:cd:7d:28:59:8c:f5:09:d4:51:5b:bc:
4b:59:6f:65:b2:c7:1e:8b:61:52:b2:1b:77:c6:a2:4b:87:39:
60:22:c7:17
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEDLfwZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDQw
MTA4NTMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVhYTk3MzgzN2Y1
NjAxZjliMjQ4ZmRhODI3NTI0NGQ1NjMxMmM3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ30SD8/4seGPqHovDeUY7JZK3ilkL+3iqp58Bx9YtzS2Bsk
fcciS+M+LOvaMdx9FgQe189Akzl554N2Jma3gBkeYTMaHWqGw4jGXo2mfY9XsIvd
mq9cVXtmKDLgJZt5Oh/06ZFYUEHjjE7ImrVllP5a26WFBmAaA4D98Fkkk84gsFxY
vohOzb/v7li9Rs4lnMEecawED9r4MnTGl0FY0C5/agSeDWOBPrroAXCNBa+TvqW3
VvB2QqmD7wgYxUeVRmSBtElJzPkZS1abwW8wVxPsF6XT2i9pWmsT1AzDYW+7ZH+D
fgBo0m5zCXT2r7UeTbKglsfRE3v/mU9NlSeqOjcCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBSeqpc4N/VgH5skj9qCdSRNVjEseDAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L25xcVhPRGYxWUItYkpJX2FnblVrVFZZeExIZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAsJAlAMEAsJAnAMEAsJArAMEA8Kj
SAMEAsLDYAMEAsLpFAMEAsLpNAMEA8OzIAMEAsOzLAMEAsOzUAMEAsO0hAMEAsO0
jAMEAtTgADANBgkqhkiG9w0BAQsFAAOCAQEAi6rpbzwT16zsUBY3b0q9t+ME1o9D
gE4AUlv8/CSKGKRx2CUez9UAdJk6hOguJJhCRzqNWMrhMH3HldRvhqAY5+URU9Zr
YTFsbmlcMEUP2Y1nb0OkBWYCShpK1e6QsIwDCOEUWjoxlmgLAmkQdTNMD+RePRN2
lfTrP6QgcT3VV/esQ1U2GxbRmvPVJdTxgbGqZfOC/qUdaKYuPqWVc4C3spwzCftL
y3q5bgA5w0HItmLY4sDBHkefbe1BSaRq4V1hjUbyyz3iF+C2609JEYmAbKHjajTv
m1xmkIBEwYCIXM19KFmM9QnUUVu8S1lvZbLHHothUrIbd8aiS4c5YCLHFw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:30 2023 by rpki-client on console-ams.rpki-client.org