Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/nkytKmjYz-DBgt3PoLDoVaPQ2Dg.roa
File: nkytKmjYz-DBgt3PoLDoVaPQ2Dg.roa (raw, json)
Hash identifier: pzX7UDnFT03i2mBz6bkN/9QAd3zw/1HIMJzWWhbQi/g=
Subject key identifier: 9E:4C:AD:2A:68:D8:CF:E0:C1:82:DD:CF:A0:B0:E8:55:A3:D0:D8:38
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 1B423C58
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/nkytKmjYz-DBgt3PoLDoVaPQ2Dg.roa
Signing time: Sat 01 Jan 2022 10:59:20 +0000
ROA not before: Sat 01 Jan 2022 10:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.0.0/19 maxlen: 24
85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
185.91.28.0/24 maxlen: 24
91.148.236.0/22 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
91.148.240.0/20 maxlen: 24
193.138.220.0/24 maxlen: 24
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.194.0/23 maxlen: 23
91.148.193.0/24 maxlen: 24
91.148.196.0/22 maxlen: 22
91.148.200.0/21 maxlen: 21
91.148.208.0/20 maxlen: 20
2a01:788:aaac::/48 maxlen: 48
2a01:788::/32 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 457325656 (0x1b423c58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 1 10:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e4cad2a68d8cfe0c182ddcfa0b0e855a3d0d838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:83:f9:b1:b8:b0:34:c9:9a:23:38:8c:40:
51:11:87:1e:93:2e:01:ef:d9:9e:d3:b0:3f:72:ff:
63:2c:81:2c:a1:dc:ab:23:bc:c8:dc:75:5d:12:cb:
1c:ea:75:2c:6d:bd:2b:0d:42:96:c2:c9:21:d5:3c:
c1:97:1a:2b:92:cc:ba:c0:b2:3f:d5:b8:04:46:1b:
29:08:6d:07:a2:9a:4a:e1:e9:8a:5d:01:cb:97:a9:
d3:5d:cf:52:db:f8:7a:8d:70:17:e0:ea:4e:84:1a:
0a:f2:c3:60:cc:3b:d4:1b:58:9c:09:14:b7:cb:5b:
ef:a8:33:2c:82:ca:32:1b:e8:c8:07:09:07:84:f7:
89:b7:2e:34:bd:d9:7c:ff:c1:f9:ae:39:c7:d3:cf:
64:d3:6c:89:a5:dd:b5:8e:f7:6b:bd:ef:b8:c2:05:
d1:2a:88:de:5d:e8:74:c0:ff:12:2d:77:6e:6f:57:
92:61:24:70:71:49:53:1a:08:e4:22:66:2f:e9:d5:
00:77:bd:f9:96:07:54:5d:d4:2b:9d:d7:7d:fd:dc:
3a:52:63:6b:5c:fb:d9:c7:dc:26:d3:5c:7f:34:6c:
6d:04:b1:d8:0e:36:8f:36:2f:12:dd:86:b6:51:ef:
9d:a4:d7:16:bc:0b:4c:46:63:25:28:0f:f7:a0:14:
3d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4C:AD:2A:68:D8:CF:E0:C1:82:DD:CF:A0:B0:E8:55:A3:D0:D8:38
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/nkytKmjYz-DBgt3PoLDoVaPQ2Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.0.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.193.0-91.148.223.255
91.148.236.0-91.148.255.255
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
02:fe:31:b3:42:d7:d9:f2:8a:79:49:cb:d1:ed:c3:19:ff:a0:
18:74:75:ed:41:79:31:49:8a:68:b2:51:de:a7:b4:30:84:0f:
3e:2c:6d:20:82:bf:72:28:dd:65:6d:26:18:a0:e1:87:ac:42:
df:0b:f3:3f:c7:b8:6c:48:15:ae:66:8a:97:07:bb:ac:4a:c7:
ae:e2:16:6c:a6:e1:f4:44:54:48:b7:ef:22:fc:c8:bd:61:34:
9f:e2:58:6a:48:ee:9a:91:b8:86:26:d9:37:59:93:c3:55:93:
13:ef:73:d0:3b:03:ca:07:18:f0:15:2e:86:95:66:40:5e:00:
46:85:83:3c:77:5b:86:12:08:61:99:1d:b7:58:29:ba:34:f4:
ec:5b:dc:54:5e:3e:f3:5a:90:f2:69:d8:55:89:8c:f0:9a:ee:
d2:48:bb:07:96:39:a5:0f:3a:56:5b:3e:c8:ff:41:7e:5a:0f:
f5:7f:39:ed:95:4d:70:5e:2a:35:61:fb:70:e3:62:42:a6:93:
a1:f4:f1:32:e7:36:d2:bd:fe:80:e1:19:38:f3:ce:d9:97:c4:
ed:d2:a2:bb:57:b1:9d:8d:45:b0:95:6a:d2:fe:05:f9:8c:23:
e6:86:f3:bc:09:d9:ce:51:78:6c:c7:50:cd:27:3c:bb:b2:f9:
f8:0a:e9:5b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEG0I8WDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjQ4Y2YxNDZiNGM3M2QyNzQwOTZkNzA1NzA4ZDI0YjcyOTMyOWY4MB4XDTIyMDEw
MTEwNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU0Y2FkMmE2OGQ4
Y2ZlMGMxODJkZGNmYTBiMGU4NTVhM2QwZDgzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHmg/mxuLA0yZojOIxAURGHHpMuAe/ZntOwP3L/YyyBLKHc
qyO8yNx1XRLLHOp1LG29Kw1ClsLJIdU8wZcaK5LMusCyP9W4BEYbKQhtB6KaSuHp
il0By5ep013PUtv4eo1wF+DqToQaCvLDYMw71BtYnAkUt8tb76gzLILKMhvoyAcJ
B4T3ibcuNL3ZfP/B+a45x9PPZNNsiaXdtY73a73vuMIF0SqI3l3odMD/Ei13bm9X
kmEkcHFJUxoI5CJmL+nVAHe9+ZYHVF3UK53Xff3cOlJja1z72cfcJtNcfzRsbQSx
2A42jzYvEt2GtlHvnaTXFrwLTEZjJSgP96AUPc0CAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSeTK0qaNjP4MGC3c+gsOhVo9DYODAfBgNVHSMEGDAWgBRLSM8Ua0xz0nQJ
bXBXCNJLcpMp+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MwalBGR3RNYzlKMENXMXdWd2pTUzNLVEtmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvM2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8x
L25reXRLbWpZei1EQmd0M1BvTERvVmFQUTJEZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
M2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8xL1MwalBGR3RNYzlK
MENXMXdWd2pTUzNLVEtmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSDALAwMCVQwDBANVDDAwDAMEAVUMOgME
BlUMADAMAwQAW5TBAwQFW5TAMAsDBAJblOwDAwBblAMEALlbHAMEAMGK3AMEAcPI
VDANBAIAAjAHAwUAKgEHiDANBgkqhkiG9w0BAQsFAAOCAQEAAv4xs0LX2fKKeUnL
0e3DGf+gGHR17UF5MUmKaLJR3qe0MIQPPixtIIK/cijdZW0mGKDhh6xC3wvzP8e4
bEgVrmaKlwe7rErHruIWbKbh9ERUSLfvIvzIvWE0n+JYakjumpG4hibZN1mTw1WT
E+9z0DsDygcY8BUuhpVmQF4ARoWDPHdbhhIIYZkdt1gpujT07FvcVF4+81qQ8mnY
VYmM8Jru0ki7B5Y5pQ86Vls+yP9BfloP9X857ZVNcF4qNWH7cONiQqaTofTxMuc2
0r3+gOEZOPPO2ZfE7dKiu1exnY1FsJVq0v4F+Ywj5obzvAnZzlF4bMdQzSc8u7L5
+ArpWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:48 2024 by rpki-client on console-fra.rpki-client.org