Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/nmfKwEiwQ5fDrTqqbK6WP2iqsiM.roa
File: nmfKwEiwQ5fDrTqqbK6WP2iqsiM.roa (raw, json)
Hash identifier: OdOzBHF4ArIExZNikjqeTxGv60LwI3C3kPpWagZgFcg=
Subject key identifier: 9E:67:CA:C0:48:B0:43:97:C3:AD:3A:AA:6C:AE:96:3F:68:AA:B2:23
Certificate issuer: /CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Certificate serial: 0B22FC7E
Authority key identifier: BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/nmfKwEiwQ5fDrTqqbK6WP2iqsiM.roa
Signing time: Sat 01 Jan 2022 14:00:55 +0000
ROA not before: Sat 01 Jan 2022 14:00:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60144
IP address blocks: 45.150.76.0/22 maxlen: 24
185.53.8.0/22 maxlen: 24
192.162.136.0/24 maxlen: 24
192.162.136.0/22 maxlen: 24
45.138.36.0/22 maxlen: 24
91.215.156.0/22 maxlen: 24
185.56.28.0/22 maxlen: 24
185.27.236.0/22 maxlen: 24
2a07:f9c0::/29 maxlen: 48
2a02:5060::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186842238 (0xb22fc7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Validity
Not Before: Jan 1 14:00:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e67cac048b04397c3ad3aaa6cae963f68aab223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bb:03:9e:b4:2d:c6:c7:55:92:e1:9f:64:ff:
6b:58:13:09:02:3f:e1:16:30:67:3f:b8:c9:c6:44:
5c:73:2f:89:d0:8b:73:7e:0d:98:e9:84:48:7a:13:
4e:af:20:74:ff:d1:e6:b5:68:94:0b:5e:00:cd:ce:
7b:32:e0:02:df:31:90:a4:41:0c:6d:74:d2:44:05:
09:ef:44:06:43:3b:2d:48:a6:21:27:64:1f:4e:a4:
f4:76:5a:96:b7:60:ff:9c:49:92:8c:84:04:82:09:
44:c1:cc:56:7c:d7:74:b6:9a:6a:c6:29:54:db:9d:
0e:5f:94:3d:bf:20:06:3f:ed:05:0c:d7:7d:f8:7a:
54:71:c8:2c:e8:95:ba:2f:77:05:28:c5:df:14:29:
15:22:ed:db:1b:8b:67:ca:e6:a3:3b:95:22:4e:94:
b1:26:46:fc:9a:e0:25:3a:e6:9b:72:f3:98:3b:29:
7c:40:28:f5:b6:4f:47:e4:37:28:05:2f:75:50:6a:
42:1a:a1:18:8c:dc:a6:9f:86:0b:ed:84:c1:26:63:
53:88:84:19:a9:28:db:cb:dd:17:71:b5:b2:88:ff:
45:e8:c9:8f:51:0f:ef:49:7a:16:64:d7:8a:5e:6e:
e5:4d:f2:4a:6c:fb:61:cc:ed:f4:73:f8:31:10:c3:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:67:CA:C0:48:B0:43:97:C3:AD:3A:AA:6C:AE:96:3F:68:AA:B2:23
X509v3 Authority Key Identifier:
keyid:BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/nmfKwEiwQ5fDrTqqbK6WP2iqsiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.36.0/22
45.150.76.0/22
91.215.156.0/22
185.27.236.0/22
185.53.8.0/22
185.56.28.0/22
192.162.136.0/22
IPv6:
2a02:5060::/32
2a07:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:38:b7:47:5d:a5:60:82:d0:c3:36:22:5c:0a:b5:e1:26:79:
3e:cb:04:50:7c:45:e1:f4:b9:f4:7d:94:ca:d7:b5:39:fd:61:
ba:ce:6c:90:82:14:bd:94:05:47:c3:03:d9:e4:e6:53:4e:78:
f1:6b:5a:50:65:c4:e5:52:31:ba:9e:51:e1:1e:0a:83:a8:7f:
5b:42:2d:1b:2a:e4:3b:82:10:e2:22:8c:34:81:90:ce:c8:c3:
e4:50:33:cb:7d:c1:84:af:c7:d1:ac:fe:3d:d9:4b:91:d2:60:
b4:2d:0c:c4:c5:f2:a1:c4:b6:6d:1d:f1:31:27:3c:b2:1c:9a:
f9:cd:e0:1c:1a:05:c9:f2:b5:59:bb:f1:3f:ed:30:a4:93:4c:
63:84:7d:2d:f4:01:34:8d:15:04:1e:b7:c4:18:07:9c:b2:9c:
7b:e1:ef:f1:1a:4e:05:bd:97:65:f9:79:30:35:de:a8:52:1f:
26:6f:e1:0e:cc:36:9c:d7:9c:08:be:39:b4:85:b1:8c:8b:bb:
1c:8a:b2:5b:1a:62:9d:22:0f:8b:77:c5:93:36:87:8f:bc:7b:
03:c0:87:bb:d8:c0:8c:7e:b5:9f:d2:f3:6b:29:5a:04:80:7f:
b1:42:3b:1f:08:dd:ea:ac:6d:50:bc:26:41:a6:81:96:33:c4:
28:4f:44:89
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECyL8fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2M2M2YwMTBjNTQwYmNkNDU1NDM0NGJmYjlhNTlhMmVkYmFiYzI5MB4XDTIyMDEw
MTE0MDA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU2N2NhYzA0OGIw
NDM5N2MzYWQzYWFhNmNhZTk2M2Y2OGFhYjIyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+7A560LcbHVZLhn2T/a1gTCQI/4RYwZz+4ycZEXHMvidCL
c34NmOmESHoTTq8gdP/R5rVolAteAM3OezLgAt8xkKRBDG100kQFCe9EBkM7LUim
ISdkH06k9HZalrdg/5xJkoyEBIIJRMHMVnzXdLaaasYpVNudDl+UPb8gBj/tBQzX
ffh6VHHILOiVui93BSjF3xQpFSLt2xuLZ8rmozuVIk6UsSZG/JrgJTrmm3LzmDsp
fEAo9bZPR+Q3KAUvdVBqQhqhGIzcpp+GC+2EwSZjU4iEGako28vdF3G1soj/RejJ
j1EP70l6FmTXil5u5U3ySmz7Yczt9HP4MRDDzoECAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBSeZ8rASLBDl8OtOqpsrpY/aKqyIzAfBgNVHSMEGDAWgBS8xj8BDFQLzUVU
NEv7mlmi7bq8KTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZNWV9BUXhVQzgxRlZEUkwtNXBab3UyNnZDay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvYTI5YzY3LWYyNGQtNDk3OS1iMmFmLWNjNDFjNGEzMTk4ZC8x
L25tZkt3RWl3UTVmRHJUcXFiSzZXUDJpcXNpTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
YTI5YzY3LWYyNGQtNDk3OS1iMmFmLWNjNDFjNGEzMTk4ZC8xL3ZNWV9BUXhVQzgx
RlZEUkwtNXBab3UyNnZDay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEAi2KJAMEAi2WTAMEAlvXnAMEArkb
7AMEArk1CAMEArk4HAMEAsCiiDAUBAIAAjAOAwUAKgJQYAMFAyoH+cAwDQYJKoZI
hvcNAQELBQADggEBAEo4t0ddpWCC0MM2IlwKteEmeT7LBFB8ReH0ufR9lMrXtTn9
YbrObJCCFL2UBUfDA9nk5lNOePFrWlBlxOVSMbqeUeEeCoOof1tCLRsq5DuCEOIi
jDSBkM7Iw+RQM8t9wYSvx9Gs/j3ZS5HSYLQtDMTF8qHEtm0d8TEnPLIcmvnN4Bwa
BcnytVm78T/tMKSTTGOEfS30ATSNFQQet8QYB5yynHvh7/EaTgW9l2X5eTA13qhS
HyZv4Q7MNpzXnAi+ObSFsYyLuxyKslsaYp0iD4t3xZM2h4+8ewPAh7vYwIx+tZ/S
82spWgSAf7FCOx8I3eqsbVC8JkGmgZYzxChPRIk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:39 2023 by rpki-client on console-ams.rpki-client.org