Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NUb3Ubh2DpyEq5FAr_0jHKWXrxY.roa
File: NUb3Ubh2DpyEq5FAr_0jHKWXrxY.roa (raw, json)
Hash identifier: DKUFllMtpGXka0zvr0y+UV8MNNn1BTmHpW+W8qF064c=
Subject key identifier: 35:46:F7:51:B8:76:0E:9C:84:AB:91:40:AF:FD:23:1C:A5:97:AF:16
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0B6E9A10
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NUb3Ubh2DpyEq5FAr_0jHKWXrxY.roa
Signing time: Sat 29 Jan 2022 08:43:32 +0000
ROA not before: Sat 29 Jan 2022 08:43:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49666
IP address blocks: 2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.9.0/24 maxlen: 24
2.188.7.0/24 maxlen: 24
2.188.17.0/24 maxlen: 24
2.188.12.0/22 maxlen: 22
2.188.22.0/24 maxlen: 24
2.188.23.0/24 maxlen: 24
2.188.30.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.176.0.0/17 maxlen: 17
217.218.67.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.176.128.0/17 maxlen: 17
2.188.76.0/24 maxlen: 24
195.146.63.0/24 maxlen: 24
2.185.0.0/16 maxlen: 16
78.38.245.0/24 maxlen: 24
78.38.253.0/24 maxlen: 24
2.189.3.0/24 maxlen: 24
2.189.1.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.181.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.177.0.0/16 maxlen: 16
2.189.72.0/24 maxlen: 24
2.189.44.0/24 maxlen: 24
2001:4188:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191797776 (0xb6e9a10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 29 08:43:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3546f751b8760e9c84ab9140affd231ca597af16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:38:a4:45:b8:8e:dc:e9:a6:d7:ad:91:04:ff:
07:59:7c:5d:fd:83:4c:60:59:48:cc:1f:f1:34:c8:
b6:1e:38:01:36:ed:12:d6:7f:41:57:80:ab:60:74:
34:27:2c:f4:1e:74:bf:77:9d:9f:81:d5:d8:ed:62:
7b:9f:32:dd:73:99:ae:d9:3a:54:a8:9e:ba:d3:22:
7e:91:f8:3c:42:29:5f:ad:40:b4:d7:58:49:97:82:
ef:f4:1e:c5:60:57:59:d0:aa:ad:a8:03:47:8a:84:
e1:22:2a:5d:30:0f:7c:2f:8e:20:d6:98:99:37:4b:
c1:50:61:8a:a3:32:2e:c1:e5:29:9d:d7:7c:a7:db:
a7:1b:da:8e:84:fa:cb:d2:62:cd:6c:de:7d:b2:85:
ac:58:5b:32:59:d3:5a:56:72:18:dd:c3:fa:ab:61:
53:0e:ec:7e:13:2b:ac:76:85:fe:64:a1:1c:fe:37:
9b:10:9d:04:cd:3f:3c:0c:b6:f4:72:89:a4:c1:ba:
59:ea:82:33:d1:e1:ee:82:05:6e:ce:ab:d8:bb:70:
93:95:14:58:e8:d0:3c:a5:9c:08:c8:a4:42:6f:b6:
26:0c:0a:78:1a:f0:52:6d:34:9b:28:f7:cd:96:a1:
28:63:db:83:19:53:68:94:5a:df:f9:fc:62:06:1a:
a3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:46:F7:51:B8:76:0E:9C:84:AB:91:40:AF:FD:23:1C:A5:97:AF:16
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NUb3Ubh2DpyEq5FAr_0jHKWXrxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.0.0/15
2.185.0.0/16
2.188.0.0/23
2.188.7.0/24
2.188.9.0/24
2.188.12.0/22
2.188.17.0/24
2.188.22.0/23
2.188.28.0/24
2.188.30.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.181.0/24
2.188.184.0/23
2.188.187.0/24
2.189.1.0/24
2.189.3.0/24
2.189.44.0/24
2.189.72.0/24
78.38.245.0/24
78.38.253.0/24
195.146.63.0/24
217.218.67.0/24
IPv6:
2001:4188:2::/48
Signature Algorithm: sha256WithRSAEncryption
3b:35:f5:0d:ed:71:db:a3:41:8d:82:1d:b3:5c:9b:5b:51:52:
e1:2c:19:58:bc:92:15:e0:d1:d5:10:2d:24:3e:46:5b:b8:62:
da:74:12:25:20:21:f0:b0:2e:f6:b7:e4:75:70:56:c6:32:24:
ca:97:4d:86:ed:51:ce:cc:eb:02:ba:75:5b:9c:02:81:41:db:
2c:99:a8:39:16:e0:f2:47:bf:f6:73:40:52:9b:06:90:be:8a:
82:b5:fa:4e:ed:74:0e:d8:ce:05:56:42:c5:4b:87:4f:c6:ef:
35:cb:2f:fc:de:75:1c:4b:b3:d8:a7:8d:da:70:dc:4c:05:e1:
3a:27:93:6d:bf:70:0d:6b:65:6c:50:31:ff:8f:81:fd:67:cb:
80:eb:50:bc:7f:9e:40:6d:35:73:d1:17:2a:28:a7:c0:47:6e:
c9:96:72:7e:b0:5d:92:85:37:d0:e1:14:80:14:d5:d4:d1:50:
76:f9:8b:30:79:38:5e:93:d2:76:a7:eb:df:c7:f1:fe:2a:3f:
66:83:13:18:02:3a:d2:34:f7:f2:13:4c:3e:c7:68:83:3e:63:
3e:b6:05:25:23:99:78:41:3e:fd:0a:92:b4:4d:de:ff:3e:38:
3a:90:21:ae:70:54:33:97:16:aa:d3:e2:ea:c1:07:db:94:d5:
5a:f4:63:42
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIEC26aEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2EzOWU0Nzk0YzM0NjEyZTdmMjI1NjliMWE2YTgxNzEwMjYwYWU1MB4XDTIyMDEy
OTA4NDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU0NmY3NTFiODc2
MGU5Yzg0YWI5MTQwYWZmZDIzMWNhNTk3YWYxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKs4pEW4jtzpptetkQT/B1l8Xf2DTGBZSMwf8TTIth44ATbt
EtZ/QVeAq2B0NCcs9B50v3edn4HV2O1ie58y3XOZrtk6VKieutMifpH4PEIpX61A
tNdYSZeC7/QexWBXWdCqragDR4qE4SIqXTAPfC+OINaYmTdLwVBhiqMyLsHlKZ3X
fKfbpxvajoT6y9JizWzefbKFrFhbMlnTWlZyGN3D+qthUw7sfhMrrHaF/mShHP43
mxCdBM0/PAy29HKJpMG6WeqCM9Hh7oIFbs6r2Ltwk5UUWOjQPKWcCMikQm+2JgwK
eBrwUm00myj3zZahKGPbgxlTaJRa3/n8YgYao9kCAwEAAaOCAqcwggKjMB0GA1Ud
DgQWBBQ1RvdRuHYOnISrkUCv/SMcpZevFjAfBgNVHSMEGDAWgBQno55HlMNGEufy
JWmxpqgXECYK5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o2T2VSNVREUmhMbjhpVnBzYWFvRnhBbUN1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8x
L05VYjNVYmgyRHB5RXE1RkFyXzBqSEtXWHJ4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MzhmYzMzLTA2YzEtNDAwNi05ZTIzLWY3NGQ5NTE4NTc2Yy8xL0o2T2VSNVREUmhM
bjhpVnBzYWFvRnhBbUN1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vAYIKwYBBQUHAQcBAf8EgawwgakwgZUEAgABMIGOAwMBArADAwACuQMEAQK8AAME
AAK8BwMEAAK8CQMEAgK8DAMEAAK8EQMEAQK8FgMEAAK8HAMEAAK8HgMEAwK8QAME
AAK8TAMEAAK8swMEAAK8tQMEAQK8uAMEAAK8uwMEAAK9AQMEAAK9AwMEAAK9LAME
AAK9SAMEAE4m9QMEAE4m/QMEAMOSPwMEANnaQzAPBAIAAjAJAwcAIAFBiAACMA0G
CSqGSIb3DQEBCwUAA4IBAQA7NfUN7XHbo0GNgh2zXJtbUVLhLBlYvJIV4NHVEC0k
PkZbuGLadBIlICHwsC72t+R1cFbGMiTKl02G7VHOzOsCunVbnAKBQdssmag5FuDy
R7/2c0BSmwaQvoqCtfpO7XQO2M4FVkLFS4dPxu81yy/83nUcS7PYp43acNxMBeE6
J5Ntv3ANa2VsUDH/j4H9Z8uA61C8f55AbTVz0RcqKKfAR27JlnJ+sF2ShTfQ4RSA
FNXU0VB2+YsweThek9J2p+vfx/H+Kj9mgxMYAjrSNPfyE0w+x2iDPmM+tgUlI5l4
QT79CpK0Td7/Pjg6kCGucFQzlxaq0+LqwQfblNVa9GNC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:45 2023 by rpki-client on console-ams.rpki-client.org