Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/nc0vnEP5VzjglOXf--Kby0282ic.roa
File: nc0vnEP5VzjglOXf--Kby0282ic.roa (raw, json)
Hash identifier: CAu1uJYI7jZYi3BrPtTQMmEj6C09lUwWaZNyoiSFVTs=
Subject key identifier: 9D:CD:2F:9C:43:F9:57:38:E0:94:E5:DF:FB:E2:9B:CB:4D:BC:DA:27
Certificate issuer: /CN=ea8b2cd11f85987898547450c9217811fcdea28b
Certificate serial: 0116D661
Authority key identifier: EA:8B:2C:D1:1F:85:98:78:98:54:74:50:C9:21:78:11:FC:DE:A2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oss0R-FmHiYVHRQySF4Efzeoos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/nc0vnEP5VzjglOXf--Kby0282ic.roa
Signing time: Sat 01 Jan 2022 04:55:40 +0000
ROA not before: Sat 01 Jan 2022 04:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15935
IP address blocks: 217.66.188.0/23 maxlen: 23
217.66.191.0/24 maxlen: 24
217.66.190.0/24 maxlen: 24
213.195.192.0/18 maxlen: 18
217.66.160.0/19 maxlen: 19
217.66.160.0/24 maxlen: 24
217.66.166.0/24 maxlen: 24
217.66.179.0/24 maxlen: 24
217.66.178.0/24 maxlen: 24
81.30.246.0/23 maxlen: 23
95.173.68.0/23 maxlen: 23
109.238.32.0/20 maxlen: 20
93.185.48.0/20 maxlen: 20
81.30.224.0/19 maxlen: 19
81.30.229.0/24 maxlen: 24
95.173.64.0/23 maxlen: 23
95.173.64.0/19 maxlen: 19
2a02:570::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18273889 (0x116d661)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea8b2cd11f85987898547450c9217811fcdea28b
Validity
Not Before: Jan 1 04:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dcd2f9c43f95738e094e5dffbe29bcb4dbcda27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6e:a6:b8:07:46:f5:59:22:6c:d9:4a:c3:a8:
94:f7:f8:86:d9:2e:2e:2f:c5:b2:04:db:f8:6a:ba:
27:3b:32:80:37:43:95:b3:b7:a4:0b:e9:24:9e:7d:
ed:7c:4f:5d:6b:85:f5:b6:20:ab:81:f7:df:2a:97:
31:03:db:7c:ae:04:d4:57:f4:b5:f5:8e:f9:14:dc:
b7:67:a7:a6:0d:98:37:5a:21:d1:8a:56:a9:cb:73:
4f:9a:7a:71:37:d7:c2:b9:2a:79:c1:ec:ad:ae:bd:
61:10:79:9e:40:ba:b5:0b:bc:e6:e7:49:bb:94:26:
88:09:93:28:55:f7:9f:35:3d:c8:a7:44:4d:d7:63:
6d:e6:f1:88:7c:c2:d9:45:9c:f1:24:04:5f:79:a9:
23:89:72:64:cf:60:d8:54:84:cf:22:8d:64:0b:29:
01:a9:c4:00:49:b8:5b:8d:aa:0c:f6:de:42:cd:ca:
ea:aa:f1:d4:df:27:af:41:c6:c3:84:94:c6:6f:ad:
2e:01:50:c0:8f:05:5d:68:fd:8f:7d:26:88:c4:b9:
66:31:fd:41:da:68:82:7e:f9:ac:7f:31:6c:6b:75:
19:3d:85:b4:47:a6:69:70:60:48:2a:c6:b2:dd:2d:
de:47:a5:8f:9b:ca:5f:c4:6b:bd:16:d9:eb:67:0f:
d6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CD:2F:9C:43:F9:57:38:E0:94:E5:DF:FB:E2:9B:CB:4D:BC:DA:27
X509v3 Authority Key Identifier:
keyid:EA:8B:2C:D1:1F:85:98:78:98:54:74:50:C9:21:78:11:FC:DE:A2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oss0R-FmHiYVHRQySF4Efzeoos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/nc0vnEP5VzjglOXf--Kby0282ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/1ff7ea-bc13-4b54-898d-1d1cd215275d/1/6oss0R-FmHiYVHRQySF4Efzeoos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.224.0/19
93.185.48.0/20
95.173.64.0/19
109.238.32.0/20
213.195.192.0/18
217.66.160.0/19
IPv6:
2a02:570::/32
Signature Algorithm: sha256WithRSAEncryption
4e:be:32:75:1e:cf:57:7a:0f:47:fd:67:22:2c:da:f9:bb:59:
99:5e:11:0f:ef:25:a9:5f:3d:5f:4d:c8:67:e4:68:7f:9f:94:
07:03:b4:f9:ca:e7:a0:77:05:df:99:be:45:1c:6f:c6:1a:0e:
e9:1c:0b:dd:6f:d4:28:86:d8:87:56:8b:16:46:73:c6:70:f1:
e3:bc:ae:4f:fe:b5:eb:df:39:45:f5:94:e0:57:ae:ff:9d:df:
06:86:c8:ac:d5:5d:98:f1:30:3c:05:47:b6:f2:f3:81:8c:e3:
e7:c5:70:74:b6:e8:1f:45:7d:ef:94:23:3c:03:b0:ca:d0:50:
06:0f:b5:91:69:43:07:d1:ab:b0:de:96:67:2a:6b:65:11:60:
84:09:aa:b3:dc:d0:70:6c:d9:90:3c:79:5e:ae:7c:f7:b7:31:
30:2b:0c:e5:e4:65:fa:c8:31:14:c5:77:b2:24:8d:0c:8e:28:
fa:7b:97:48:19:4e:a2:7b:3d:af:ad:d2:7a:8d:e3:3a:21:90:
19:a5:56:bd:32:4d:aa:d6:12:a6:9a:b0:25:e7:39:59:aa:fa:
69:1e:d1:fe:76:a6:08:e0:b4:a7:12:8d:1f:6d:61:07:e3:98:
75:af:9b:21:50:3f:06:ea:77:42:76:27:a1:08:32:b6:3a:d2:
25:89:18:9b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEARbWYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YThiMmNkMTFmODU5ODc4OTg1NDc0NTBjOTIxNzgxMWZjZGVhMjhiMB4XDTIyMDEw
MTA0NTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRjZDJmOWM0M2Y5
NTczOGUwOTRlNWRmZmJlMjliY2I0ZGJjZGEyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVuprgHRvVZImzZSsOolPf4htkuLi/FsgTb+Gq6JzsygDdD
lbO3pAvpJJ597XxPXWuF9bYgq4H33yqXMQPbfK4E1Ff0tfWO+RTct2enpg2YN1oh
0YpWqctzT5p6cTfXwrkqecHsra69YRB5nkC6tQu85udJu5QmiAmTKFX3nzU9yKdE
TddjbebxiHzC2UWc8SQEX3mpI4lyZM9g2FSEzyKNZAspAanEAEm4W42qDPbeQs3K
6qrx1N8nr0HGw4SUxm+tLgFQwI8FXWj9j30miMS5ZjH9Qdpogn75rH8xbGt1GT2F
tEemaXBgSCrGst0t3kelj5vKX8RrvRbZ62cP1rECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBSdzS+cQ/lXOOCU5d/74pvLTbzaJzAfBgNVHSMEGDAWgBTqiyzRH4WYeJhU
dFDJIXgR/N6iizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZvc3MwUi1GbUhpWVZIUlF5U0Y0RWZ6ZW9vcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvMWZmN2VhLWJjMTMtNGI1NC04OThkLTFkMWNkMjE1Mjc1ZC8x
L25jMHZuRVA1VnpqZ2xPWGYtLUtieTAyODJpYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
MWZmN2VhLWJjMTMtNGI1NC04OThkLTFkMWNkMjE1Mjc1ZC8xLzZvc3MwUi1GbUhp
WVZIUlF5U0Y0RWZ6ZW9vcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBVEe4AMEBF25MAMEBV+tQAMEBG3u
IAMEBtXDwAMEBdlCoDANBAIAAjAHAwUAKgIFcDANBgkqhkiG9w0BAQsFAAOCAQEA
Tr4ydR7PV3oPR/1nIiza+btZmV4RD+8lqV89X03IZ+Rof5+UBwO0+crnoHcF35m+
RRxvxhoO6RwL3W/UKIbYh1aLFkZzxnDx47yuT/616985RfWU4Feu/53fBobIrNVd
mPEwPAVHtvLzgYzj58VwdLboH0V975QjPAOwytBQBg+1kWlDB9GrsN6WZyprZRFg
hAmqs9zQcGzZkDx5Xq5897cxMCsM5eRl+sgxFMV3siSNDI4o+nuXSBlOons9r63S
eo3jOiGQGaVWvTJNqtYSppqwJec5War6aR7R/namCOC0pxKNH21hB+OYda+bIVA/
Bup3QnYnoQgytjrSJYkYmw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:09 2025 by rpki-client