Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/p_NuscTWUqtTkj9joljAAFzy-Kk.roa
File: p_NuscTWUqtTkj9joljAAFzy-Kk.roa (raw, json)
Hash identifier: QhUdryPZttySbe5W6XXskyactt1NCgvbOHeZLg78J5s=
Subject key identifier: A7:F3:6E:B1:C4:D6:52:AB:53:92:3F:63:A2:58:C0:00:5C:F2:F8:A9
Certificate issuer: /CN=22a776a6955c0163c9cf1a838c41dfee5da9db3d
Certificate serial: 02083DDB
Authority key identifier: 22:A7:76:A6:95:5C:01:63:C9:CF:1A:83:8C:41:DF:EE:5D:A9:DB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/p_NuscTWUqtTkj9joljAAFzy-Kk.roa
Signing time: Sat 01 Jan 2022 15:01:29 +0000
ROA not before: Sat 01 Jan 2022 15:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 176.103.220.0/23 maxlen: 23
91.227.74.0/24 maxlen: 24
193.148.68.0/22 maxlen: 22
91.216.248.0/24 maxlen: 24
2a10:fc80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34094555 (0x2083ddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a776a6955c0163c9cf1a838c41dfee5da9db3d
Validity
Not Before: Jan 1 15:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7f36eb1c4d652ab53923f63a258c0005cf2f8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:1c:cd:5d:c6:55:7d:79:a1:fe:5f:a0:93:
c9:ba:0f:fc:49:ad:ad:c9:1d:de:0c:4c:3d:69:cd:
f3:5d:25:25:04:51:2c:e5:8d:9d:98:28:f0:f6:cc:
6f:03:08:75:8b:cb:b8:82:14:cc:7e:ce:1c:f9:5e:
be:ae:7a:70:97:eb:51:fb:c8:57:f3:36:5e:97:53:
7c:7a:0d:0d:b8:fe:ab:a5:6d:49:5c:87:d8:c9:69:
08:d1:93:ed:b1:4a:be:e2:4b:50:15:af:87:4b:b1:
72:8f:3c:64:12:5e:4b:16:d1:4f:92:28:c4:30:28:
63:2d:f7:a4:9f:a0:ad:4a:ce:4b:7d:df:22:51:d8:
a3:85:91:7c:42:77:c2:d2:2d:60:63:62:03:d7:1a:
90:f5:9e:b3:76:21:55:b8:1b:f5:80:ed:16:b2:3c:
a4:91:d6:b0:30:b6:9b:3e:7a:c5:b2:76:5f:43:59:
da:3c:a4:fe:4f:be:76:57:27:69:cf:8a:c8:53:e8:
16:be:b5:aa:3e:25:0a:6d:80:d8:38:e4:74:33:06:
65:5f:4c:0c:5d:5b:3f:01:73:fe:95:0d:50:7e:c6:
17:b4:70:16:68:9b:5c:cf:4c:4f:87:f8:cb:e9:ea:
78:80:bb:22:a0:fa:56:1f:23:1a:85:1c:19:da:a5:
01:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F3:6E:B1:C4:D6:52:AB:53:92:3F:63:A2:58:C0:00:5C:F2:F8:A9
X509v3 Authority Key Identifier:
keyid:22:A7:76:A6:95:5C:01:63:C9:CF:1A:83:8C:41:DF:EE:5D:A9:DB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/p_NuscTWUqtTkj9joljAAFzy-Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ced8f-d024-45bb-922c-af1de3d0f217/1/Iqd2ppVcAWPJzxqDjEHf7l2p2z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.248.0/24
91.227.74.0/24
176.103.220.0/23
193.148.68.0/22
IPv6:
2a10:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
04:24:37:0f:1d:54:e3:c1:20:b1:07:8c:7b:b3:b2:70:63:6f:
ba:85:7b:15:ac:14:95:e2:16:98:b6:19:6d:07:dc:e5:29:1c:
71:b2:8c:09:e5:a9:05:52:6c:c0:95:33:5e:d2:63:22:67:68:
d1:27:b0:6d:0c:c1:ec:0f:86:2b:f7:e9:f4:3a:14:3f:ad:38:
8e:90:25:f5:86:5d:1e:8f:6f:6d:e2:69:cd:a8:59:ed:cf:02:
73:99:d5:3f:2b:8f:53:4e:ef:9c:64:2f:5d:93:86:f0:3a:0b:
6c:2e:71:9d:ba:98:f0:ba:e8:de:57:fe:08:49:97:fa:a6:45:
82:b7:53:8f:0c:8a:f4:c4:a6:6b:24:aa:a3:19:b9:50:4f:59:
31:6d:44:8c:22:f1:74:62:30:0f:04:10:d5:e3:d3:b7:ae:4c:
26:eb:8e:c8:cc:0a:b7:b5:97:65:e6:26:bf:f7:44:36:e1:68:
8a:92:4b:c8:5a:b2:7d:8b:33:b8:98:99:97:2c:b9:fe:b6:02:
d6:a9:16:f7:0e:be:0f:60:2a:1e:0d:11:e6:a5:fc:7d:95:f1:
3b:0d:e6:ac:00:27:6c:e4:8d:d3:96:3c:15:b6:13:99:24:15:
22:ff:08:c8:72:5f:bb:58:72:e4:44:fe:f0:c7:52:93:5f:65:
f2:8f:3e:02
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAgg92zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmE3NzZhNjk1NWMwMTYzYzljZjFhODM4YzQxZGZlZTVkYTlkYjNkMB4XDTIyMDEw
MTE1MDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTdmMzZlYjFjNGQ2
NTJhYjUzOTIzZjYzYTI1OGMwMDA1Y2YyZjhhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL05HM1dxlV9eaH+X6CTyboP/Emtrckd3gxMPWnN810lJQRR
LOWNnZgo8PbMbwMIdYvLuIIUzH7OHPlevq56cJfrUfvIV/M2XpdTfHoNDbj+q6Vt
SVyH2MlpCNGT7bFKvuJLUBWvh0uxco88ZBJeSxbRT5IoxDAoYy33pJ+grUrOS33f
IlHYo4WRfEJ3wtItYGNiA9cakPWes3YhVbgb9YDtFrI8pJHWsDC2mz56xbJ2X0NZ
2jyk/k++dlcnac+KyFPoFr61qj4lCm2A2DjkdDMGZV9MDF1bPwFz/pUNUH7GF7Rw
FmibXM9MT4f4y+nqeIC7IqD6Vh8jGoUcGdqlAZECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSn826xxNZSq1OSP2OiWMAAXPL4qTAfBgNVHSMEGDAWgBQip3amlVwBY8nP
GoOMQd/uXanbPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lxZDJwcFZjQVdQSnp4cURqRUhmN2wycDJ6MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvNWNlZDhmLWQwMjQtNDViYi05MjJjLWFmMWRlM2QwZjIxNy8x
L3BfTnVzY1RXVXF0VGtqOWpvbGpBQUZ6eS1Lay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
NWNlZDhmLWQwMjQtNDViYi05MjJjLWFmMWRlM2QwZjIxNy8xL0lxZDJwcFZjQVdQ
Snp4cURqRUhmN2wycDJ6MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFvY+AMEAFvjSgMEAbBn3AMEAsGU
RDANBAIAAjAHAwUDKhD8gDANBgkqhkiG9w0BAQsFAAOCAQEABCQ3Dx1U48EgsQeM
e7OycGNvuoV7FawUleIWmLYZbQfc5SkccbKMCeWpBVJswJUzXtJjImdo0SewbQzB
7A+GK/fp9DoUP604jpAl9YZdHo9vbeJpzahZ7c8Cc5nVPyuPU07vnGQvXZOG8DoL
bC5xnbqY8Lro3lf+CEmX+qZFgrdTjwyK9MSmaySqoxm5UE9ZMW1EjCLxdGIwDwQQ
1ePTt65MJuuOyMwKt7WXZeYmv/dENuFoipJLyFqyfYszuJiZlyy5/rYC1qkW9w6+
D2AqHg0R5qX8fZXxOw3mrAAnbOSN05Y8FbYTmSQVIv8IyHJfu1hy5ET+8MdSk19l
8o8+Ag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-fra.rpki-client.org