Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nMwQUpXcRwxeHF1mZ1VKUr9i_7k.roa
File: nMwQUpXcRwxeHF1mZ1VKUr9i_7k.roa (raw, json)
Hash identifier: ikMgOnX1PbL2IE833bHDS+bIh9AicNw7WAmuun/bnNI=
Subject key identifier: 9C:CC:10:52:95:DC:47:0C:5E:1C:5D:66:67:55:4A:52:BF:62:FF:B9
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0184327442760A8771CF55EB220FB46517B5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nMwQUpXcRwxeHF1mZ1VKUr9i_7k.roa
Signing time: Tue 01 Nov 2022 09:09:50 +0000
ROA not before: Tue 01 Nov 2022 09:09:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
91.242.120.0/21 maxlen: 21
91.242.70.0/23 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:74:42:76:0a:87:71:cf:55:eb:22:0f:b4:65:17:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 1 09:09:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ccc105295dc470c5e1c5d6667554a52bf62ffb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:03:1c:53:84:a1:85:33:e7:2f:60:45:65:da:
d0:06:00:ef:36:4e:c7:dc:12:e1:bb:1d:82:fe:cf:
6c:50:c4:4f:df:03:aa:26:2c:19:8b:28:4a:2b:22:
0e:46:bd:0c:cb:e3:ad:77:ba:e6:da:b5:82:1a:31:
ed:11:d6:44:5c:a0:89:f8:58:3d:d8:d9:d6:1a:49:
b7:39:19:3c:a1:22:6a:4e:d9:6b:7c:07:b6:ed:26:
6b:e3:87:af:e2:da:05:8b:b3:85:89:97:b1:f5:35:
b9:07:dd:88:fa:5b:05:43:db:f0:c2:4f:6b:63:06:
d2:1e:8d:7e:50:fc:10:14:df:48:da:d7:db:d7:9b:
d4:0f:b3:9a:ad:c4:7d:43:01:1f:22:73:f3:46:64:
75:96:31:e2:76:6b:ee:69:14:ea:27:cc:52:1f:69:
fa:57:de:63:3a:8a:65:55:93:b2:68:80:a1:ce:ac:
84:e1:19:4d:88:55:bd:f2:b3:1d:f2:06:eb:4d:86:
63:f3:0c:ae:76:f0:03:0c:99:a3:f7:22:8c:71:e6:
7e:17:1b:8f:a3:64:71:94:d0:8c:71:04:a6:ee:62:
0c:c1:a7:d2:4c:6a:bb:c1:06:ff:98:f9:38:cb:15:
49:42:ff:17:d6:4d:ce:d6:e9:73:fc:30:10:2f:c1:
03:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CC:10:52:95:DC:47:0C:5E:1C:5D:66:67:55:4A:52:BF:62:FF:B9
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/nMwQUpXcRwxeHF1mZ1VKUr9i_7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
03:95:0d:f9:a0:a4:5d:91:8e:64:12:ab:45:ed:80:59:2b:33:
39:ec:fe:bb:5e:03:21:de:91:34:a5:7c:69:05:8a:16:00:ac:
91:99:45:64:f6:64:e3:c6:8d:88:b1:5b:28:d4:70:c1:00:44:
da:3c:b4:65:e4:3a:33:72:e1:06:34:e9:3e:8d:9b:bc:ac:09:
ba:cf:c5:ea:82:10:ae:ee:c9:ba:cc:23:2d:3e:31:88:04:72:
0e:1c:da:2f:a8:95:09:08:6c:50:2a:5f:90:20:80:88:9c:d0:
5e:b0:ce:44:be:73:be:16:05:df:23:ca:9d:9c:8e:c8:88:01:
3e:a9:1b:d0:cb:66:9a:d9:d9:ff:25:ec:54:ec:21:74:d4:5f:
95:7b:1e:89:25:af:db:76:e8:cd:34:2a:39:d8:4d:e8:a1:20:
29:a7:a9:4f:c6:91:00:aa:8a:2b:d6:0b:8d:e1:42:1e:b8:0c:
6c:68:6d:e2:1a:24:e3:e1:bb:f2:97:48:6a:a3:b2:79:34:72:
23:af:7d:a7:1b:cb:e0:7b:ce:32:bd:c0:a1:e7:b2:f0:6a:e3:
a4:08:2f:f3:3f:d7:02:61:48:68:a7:e9:ef:ee:d3:4a:58:4a:
4e:11:41:58:1a:6f:c5:d3:16:53:c7:54:6c:99:f8:0b:8b:da:
86:1f:53:44
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYQydEJ2Codxz1XrIg+0ZRe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMTAxMDkwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NjMTA1Mjk1ZGM0NzBjNWUxYzVkNjY2NzU1NGE1MmJmNjJmZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAMcU4ShhTPnL2BFZdrQBgDvNk7H
3BLhux2C/s9sUMRP3wOqJiwZiyhKKyIORr0My+Otd7rm2rWCGjHtEdZEXKCJ+Fg9
2NnWGkm3ORk8oSJqTtlrfAe27SZr44ev4toFi7OFiZex9TW5B92I+lsFQ9vwwk9r
YwbSHo1+UPwQFN9I2tfb15vUD7OarcR9QwEfInPzRmR1ljHidmvuaRTqJ8xSH2n6
V95jOoplVZOyaIChzqyE4RlNiFW98rMd8gbrTYZj8wyudvADDJmj9yKMceZ+FxuP
o2RxlNCMcQSm7mIMwafSTGq7wQb/mPk4yxVJQv8X1k3O1ulz/DAQL8EDtwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJzMEFKV3EcMXhxdZmdVSlK/Yv+5MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbk13UVVwWGNSd3hlSEYxbVoxVktVcjlpXzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALUN0AwQG
W/JAAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0BAQsFAAOC
AQEAA5UN+aCkXZGOZBKrRe2AWSszOez+u14DId6RNKV8aQWKFgCskZlFZPZk48aN
iLFbKNRwwQBE2jy0ZeQ6M3LhBjTpPo2bvKwJus/F6oIQru7JuswjLT4xiARyDhza
L6iVCQhsUCpfkCCAiJzQXrDORL5zvhYF3yPKnZyOyIgBPqkb0MtmmtnZ/yXsVOwh
dNRflXseiSWv23bozTQqOdhN6KEgKaepT8aRAKqKK9YLjeFCHrgMbGht4hok4+G7
8pdIaqOyeTRyI699pxvL4HvOMr3Aoeey8GrjpAgv8z/XAmFIaKfp7+7TSlhKThFB
WBpvxdMWU8dUbJn4C4vahh9TRA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org