Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/1-nf0ZoJ-u2hKP1Aixe86ozADi5Y.roa
File: 1-nf0ZoJ-u2hKP1Aixe86ozADi5Y.roa (raw, json)
Hash identifier: 1NTTttcOA+GYB4Hrfmh0K2an98XsA2OKuh+gutJRfRI=
Subject key identifier: FA:77:F4:66:82:7E:BB:68:4A:3F:50:22:C5:EF:3A:A3:30:03:8B:96
Certificate issuer: /CN=9241ad0e7fc22bfbab567be89f63d9805e5eb9aa
Certificate serial: 0183569023D221026FDA3A45C1B53F4CC286
Authority key identifier: 92:41:AD:0E:7F:C2:2B:FB:AB:56:7B:E8:9F:63:D9:80:5E:5E:B9:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkGtDn_CK_urVnvon2PZgF5euao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/1-nf0ZoJ-u2hKP1Aixe86ozADi5Y.roa
Signing time: Mon 19 Sep 2022 16:23:50 +0000
ROA not before: Mon 19 Sep 2022 16:23:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59545
IP address blocks: 92.63.163.0/24 maxlen: 24
92.63.162.0/24 maxlen: 24
92.63.160.0/24 maxlen: 24
92.63.161.0/24 maxlen: 24
92.63.160.0/21 maxlen: 21
185.69.100.0/22 maxlen: 24
178.20.248.0/21 maxlen: 24
141.138.144.0/21 maxlen: 21
141.138.145.0/24 maxlen: 24
141.138.151.0/24 maxlen: 24
141.138.148.0/24 maxlen: 24
141.138.149.0/24 maxlen: 24
141.138.146.0/24 maxlen: 24
141.138.147.0/24 maxlen: 24
2a01:a680:a1::/48 maxlen: 48
2a01:a680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:56:90:23:d2:21:02:6f:da:3a:45:c1:b5:3f:4c:c2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9241ad0e7fc22bfbab567be89f63d9805e5eb9aa
Validity
Not Before: Sep 19 16:23:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa77f466827ebb684a3f5022c5ef3aa330038b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:ff:89:ae:1e:5b:66:5f:f3:c9:43:2e:f9:
c5:aa:3a:eb:76:cf:ec:df:16:8e:a6:6f:47:21:14:
07:9e:f4:7b:55:26:19:bd:cb:bb:a4:ea:3a:10:ea:
21:53:bd:b7:9c:91:4f:c8:f0:b9:c6:5f:17:c3:57:
6c:80:dd:22:43:d8:bb:e4:0b:35:0f:d8:0f:73:99:
e5:84:5a:91:db:8c:8f:1f:34:5f:83:27:52:bd:52:
21:0b:ff:6e:b3:9f:f9:01:e9:08:d6:ca:a3:86:95:
dd:d4:2e:ca:ec:d0:81:e2:95:8e:8d:7b:1d:91:17:
14:b8:60:82:bf:14:ba:79:64:de:83:28:04:ff:dc:
73:27:ac:7d:25:0c:eb:9d:24:dd:00:6f:d0:8f:d9:
49:72:53:28:b2:43:92:87:61:cf:42:87:40:9c:36:
be:31:23:a2:73:c6:47:9e:78:bf:7a:1b:c1:57:7e:
0f:17:68:ea:c4:ad:4a:0c:74:d1:09:ab:29:ca:d7:
23:0b:c1:a3:97:f7:d8:9c:16:d4:24:b4:7b:48:e3:
c4:f4:52:16:0a:ff:79:43:1f:92:09:a0:53:e8:2b:
19:57:14:d1:60:69:7d:8f:78:87:d6:0e:c0:e3:c2:
d4:8a:b3:63:f8:fc:77:ba:99:ee:70:69:4f:8e:6b:
40:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:77:F4:66:82:7E:BB:68:4A:3F:50:22:C5:EF:3A:A3:30:03:8B:96
X509v3 Authority Key Identifier:
keyid:92:41:AD:0E:7F:C2:2B:FB:AB:56:7B:E8:9F:63:D9:80:5E:5E:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkGtDn_CK_urVnvon2PZgF5euao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/1-nf0ZoJ-u2hKP1Aixe86ozADi5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/fb1a6d-4138-4c4f-aed9-4544c6109729/1/kkGtDn_CK_urVnvon2PZgF5euao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.160.0/21
141.138.144.0/21
178.20.248.0/21
185.69.100.0/22
IPv6:
2a01:a680::/32
Signature Algorithm: sha256WithRSAEncryption
10:43:6b:4f:4e:a2:03:6e:6a:aa:7e:c3:cd:b0:f9:88:46:59:
00:90:5e:c4:bd:5d:00:38:ff:c4:02:8b:1e:36:05:55:4f:72:
d4:b2:50:4c:86:58:02:15:8c:ae:9a:e3:cc:10:d5:0b:05:e8:
44:32:7e:33:f6:eb:82:29:c5:e3:0b:94:12:5b:a1:ca:20:85:
bd:82:6c:7a:7f:33:99:f0:f6:4d:1b:74:86:3f:60:8a:29:d1:
66:6a:a3:82:4a:5c:4b:35:a9:e4:40:e1:c6:11:a0:07:f3:f1:
50:e1:7b:d0:d3:ec:64:fc:c8:7b:46:7e:5e:5c:41:a9:f4:64:
fd:e3:dd:30:d6:4e:46:13:01:54:e0:d2:4b:f6:8f:ae:f7:4d:
9e:9e:4a:06:dc:eb:70:4a:a5:62:7e:df:b2:c6:7e:d6:75:c7:
fb:ef:bf:19:65:13:b1:e8:5f:34:7b:a9:ce:cb:f2:50:37:56:
f4:ee:bb:3b:2c:92:74:2e:f1:78:7d:a3:1f:a0:b5:a4:e8:b1:
1a:32:bf:fd:b7:94:ac:54:b3:c5:31:0d:b2:e8:2c:b1:71:dc:
d8:86:a7:a9:68:40:94:94:4f:58:fe:06:33:bd:42:bc:ac:94:
2a:91:24:a2:7b:c6:01:d8:2c:ac:98:6c:9d:db:12:e3:5c:d3:
88:9b:64:c9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYNWkCPSIQJv2jpFwbU/TMKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDFhZDBlN2ZjMjJiZmJhYjU2N2JlODlmNjNkOTgwNWU1
ZWI5YWEwHhcNMjIwOTE5MTYyMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTc3ZjQ2NjgyN2ViYjY4NGEzZjUwMjJjNWVmM2FhMzMwMDM4Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaf/ia4eW2Zf88lDLvnFqjrrds/s
3xaOpm9HIRQHnvR7VSYZvcu7pOo6EOohU723nJFPyPC5xl8Xw1dsgN0iQ9i75As1
D9gPc5nlhFqR24yPHzRfgydSvVIhC/9us5/5AekI1sqjhpXd1C7K7NCB4pWOjXsd
kRcUuGCCvxS6eWTegygE/9xzJ6x9JQzrnSTdAG/Qj9lJclMoskOSh2HPQodAnDa+
MSOic8ZHnni/ehvBV34PF2jqxK1KDHTRCaspytcjC8Gjl/fYnBbUJLR7SOPE9FIW
Cv95Qx+SCaBT6CsZVxTRYGl9j3iH1g7A48LUirNj+Px3upnucGlPjmtAxwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPp39GaCfrtoSj9QIsXvOqMwA4uWMB8GA1UdIwQY
MBaAFJJBrQ5/wiv7q1Z76J9j2YBeXrmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tHdERuX0NLX3VyVm52b24yUFpnRjVldWFvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9mYjFhNmQtNDEzOC00YzRmLWFlZDkt
NDU0NGM2MTA5NzI5LzEvMS1uZjBab0otdTJoS1AxQWl4ZTg2b3pBRGk1WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvZmIxYTZkLTQxMzgtNGM0Zi1hZWQ5LTQ1NDRjNjEwOTcy
OS8xL2trR3REbl9DS191clZudm9uMlBaZ0Y1ZXVhby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA1w/oAME
A42KkAMEA7IU+AMEArlFZDANBAIAAjAHAwUAKgGmgDANBgkqhkiG9w0BAQsFAAOC
AQEAEENrT06iA25qqn7DzbD5iEZZAJBexL1dADj/xAKLHjYFVU9y1LJQTIZYAhWM
rprjzBDVCwXoRDJ+M/brginF4wuUEluhyiCFvYJsen8zmfD2TRt0hj9giinRZmqj
gkpcSzWp5EDhxhGgB/PxUOF70NPsZPzIe0Z+XlxBqfRk/ePdMNZORhMBVODSS/aP
rvdNnp5KBtzrcEqlYn7fssZ+1nXH+++/GWUTsehfNHupzsvyUDdW9O67OyySdC7x
eH2jH6C1pOixGjK//beUrFSzxTENsugssXHc2IanqWhAlJRPWP4GM71CvKyUKpEk
onvGAdgsrJhsndsS41zTiJtkyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:37 2024 by rpki-client on console-fra.rpki-client.org