Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/N1Lm06ufsihXYp9LJYWXiYOYBNs.roa
File: N1Lm06ufsihXYp9LJYWXiYOYBNs.roa (raw, json)
Hash identifier: ZK3SuLhp5eAP9qdaMqDLGlOJg84D0VlPbrr9CkqBmVA=
Subject key identifier: 37:52:E6:D3:AB:9F:B2:28:57:62:9F:4B:25:85:97:89:83:98:04:DB
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 0496531C
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/N1Lm06ufsihXYp9LJYWXiYOYBNs.roa
Signing time: Thu 21 Apr 2022 08:48:34 +0000
ROA not before: Thu 21 Apr 2022 08:48:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16342
IP address blocks: 85.89.160.0/20 maxlen: 20
77.237.0.0/19 maxlen: 19
85.89.176.0/20 maxlen: 20
185.67.216.0/22 maxlen: 22
185.67.217.0/24 maxlen: 24
185.67.216.0/24 maxlen: 24
185.67.218.0/24 maxlen: 24
185.67.219.0/24 maxlen: 24
31.182.0.0/15 maxlen: 17
217.113.224.0/20 maxlen: 20
2a03:af80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76960540 (0x496531c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Apr 21 08:48:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3752e6d3ab9fb22857629f4b25859789839804db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:01:99:da:37:a2:22:34:d9:87:01:73:9d:b9:
4b:e6:b8:22:44:ac:84:42:61:c0:01:22:3a:34:f5:
2a:5f:49:b3:39:04:dd:64:c6:7a:50:c6:81:9a:44:
0d:7e:61:df:62:8e:7c:26:8a:5e:9b:64:dd:dc:36:
1d:1d:14:f3:9e:4a:54:99:33:e6:29:33:12:83:a9:
2a:e2:4a:95:b0:54:9c:fd:71:0d:4b:33:23:a1:bb:
ef:42:e2:2d:0d:c4:ef:95:5c:c5:da:2a:71:e1:8c:
be:cf:f8:46:41:2a:9c:62:9d:90:bf:d1:8b:57:50:
de:4b:2d:2d:62:4a:c5:bc:3b:5d:a3:42:fa:1a:01:
22:3e:8c:77:42:9e:a6:f7:82:f2:4c:81:90:11:3e:
b6:74:a1:dd:a4:06:14:6f:44:2d:d2:80:9e:23:e9:
3d:92:a2:ae:c8:b6:5b:cd:5d:a9:5b:4e:5a:37:b1:
8b:40:9d:62:a6:65:97:bb:2e:f7:ae:46:10:6e:a9:
68:a0:d9:03:75:b5:b5:8d:64:8f:34:9a:70:cf:bc:
39:8a:11:eb:25:53:18:de:82:3c:90:7b:8a:8b:4e:
bd:2c:45:23:18:df:44:04:30:96:dc:82:9d:13:96:
aa:2d:07:74:f2:03:f6:70:70:ff:ca:1b:11:a6:58:
d1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:52:E6:D3:AB:9F:B2:28:57:62:9F:4B:25:85:97:89:83:98:04:DB
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/N1Lm06ufsihXYp9LJYWXiYOYBNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.182.0.0/15
77.237.0.0/19
85.89.160.0/19
185.67.216.0/22
217.113.224.0/20
IPv6:
2a03:af80::/29
Signature Algorithm: sha256WithRSAEncryption
33:06:e9:db:78:1d:31:25:8f:01:e5:eb:a0:e5:96:fc:26:e6:
85:f3:59:a1:36:c3:48:3b:c6:63:cf:9e:41:0a:bd:65:79:52:
e4:2d:a1:ab:56:f4:1a:04:8e:5f:18:ea:d0:49:8f:4a:cc:21:
ea:6c:1f:13:de:9e:1a:28:4e:f6:8a:53:d5:17:de:8b:81:b8:
45:39:56:d5:b4:0c:34:7a:72:b5:ec:7d:73:88:40:1d:b9:40:
f0:35:b1:4f:37:cf:e2:e9:e8:89:d6:1b:4f:83:59:ef:e1:69:
29:00:9e:31:4b:19:ed:2c:93:6c:9a:9f:4b:2d:c2:67:21:b8:
d0:0b:9a:2b:7b:e5:f3:6d:bc:0b:ea:a8:6b:15:9e:b5:c0:b8:
44:91:0e:68:fd:64:f5:45:94:62:f1:b2:6e:c0:50:f2:10:91:
dc:ff:50:44:1a:54:8e:ee:06:e5:50:c4:7b:c5:2b:19:51:dc:
af:87:b3:03:aa:6a:e6:b6:a2:f8:49:a1:d9:b2:f8:02:07:40:
bb:0f:d3:82:5f:5f:22:25:a9:8e:8d:f3:b9:db:71:bc:ba:b8:
4a:80:fb:2e:11:d3:dc:03:80:68:b8:c8:9e:90:1c:93:ae:8c:
49:42:05:3e:b9:dd:32:4f:84:7b:39:7a:8a:5e:b1:1d:c6:c8:
ff:71:c6:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEBJZTHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Nzk4M2IzYTk3NThmY2JlNzg3MzNkOTE1NWFlZDI2NmM4ODJhMjNjMB4XDTIyMDQy
MTA4NDgzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc1MmU2ZDNhYjlm
YjIyODU3NjI5ZjRiMjU4NTk3ODk4Mzk4MDRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwBmdo3oiI02YcBc525S+a4IkSshEJhwAEiOjT1Kl9JszkE
3WTGelDGgZpEDX5h32KOfCaKXptk3dw2HR0U855KVJkz5ikzEoOpKuJKlbBUnP1x
DUszI6G770LiLQ3E75VcxdoqceGMvs/4RkEqnGKdkL/Ri1dQ3kstLWJKxbw7XaNC
+hoBIj6Md0KepveC8kyBkBE+tnSh3aQGFG9ELdKAniPpPZKirsi2W81dqVtOWjex
i0CdYqZll7su965GEG6paKDZA3W1tY1kjzSacM+8OYoR6yVTGN6CPJB7iotOvSxF
IxjfRAQwltyCnROWqi0HdPID9nBw/8obEaZY0Y8CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQ3UubTq5+yKFdin0slhZeJg5gE2zAfBgNVHSMEGDAWgBTHmDs6l1j8vnhz
PZFVrtJmyIKiPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g1ZzdPcGRZX0w1NGN6MlJWYTdTWnNpQ29qdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvODExZDE2LWI1MTMtNDdlZC05ZTcxLTIzODQwNWYyY2RlOS8x
L04xTG0wNnVmc2loWFlwOUxKWVdYaVlPWUJOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
ODExZDE2LWI1MTMtNDdlZC05ZTcxLTIzODQwNWYyY2RlOS8xL3g1ZzdPcGRZX0w1
NGN6MlJWYTdTWnNpQ29qdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMDAR+2AwQFTe0AAwQFVVmgAwQCuUPY
AwQE2XHgMA0EAgACMAcDBQMqA6+AMA0GCSqGSIb3DQEBCwUAA4IBAQAzBunbeB0x
JY8B5eug5Zb8JuaF81mhNsNIO8Zjz55BCr1leVLkLaGrVvQaBI5fGOrQSY9KzCHq
bB8T3p4aKE72ilPVF96LgbhFOVbVtAw0enK17H1ziEAduUDwNbFPN8/i6eiJ1htP
g1nv4WkpAJ4xSxntLJNsmp9LLcJnIbjQC5ore+XzbbwL6qhrFZ61wLhEkQ5o/WT1
RZRi8bJuwFDyEJHc/1BEGlSO7gblUMR7xSsZUdyvh7MDqmrmtqL4SaHZsvgCB0C7
D9OCX18iJamOjfO523G8urhKgPsuEdPcA4BouMiekByTroxJQgU+ud0yT4R7OXqK
XrEdxsj/ccbI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:38 2023 by rpki-client on console-ams.rpki-client.org