Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NXFFymbJxxZruTelY7f_75Ml5Hk.roa
File: NXFFymbJxxZruTelY7f_75Ml5Hk.roa (raw, json)
Hash identifier: XjWDYrEWBmV2T7eSN+w0a3+ml6zOcNrYNyBaTbk5Ks0=
Subject key identifier: 35:71:45:CA:66:C9:C7:16:6B:B9:37:A5:63:B7:FF:EF:93:25:E4:79
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0187862E1BA002431A6B4C7E35E082486B55
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NXFFymbJxxZruTelY7f_75Ml5Hk.roa
Signing time: Sat 15 Apr 2023 18:29:41 +0000
ROA not before: Sat 15 Apr 2023 18:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 20
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 20
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 19
2.189.160.0/21 maxlen: 21
2.189.168.0/21 maxlen: 21
2.188.212.0/23 maxlen: 23
2.188.208.0/23 maxlen: 24
2.189.80.0/21 maxlen: 21
2.189.88.0/21 maxlen: 21
2.188.60.0/22 maxlen: 22
2.188.72.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:86:2e:1b:a0:02:43:1a:6b:4c:7e:35:e0:82:48:6b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Apr 15 18:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=357145ca66c9c7166bb937a563b7ffef9325e479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0f:17:65:a4:26:5d:2f:8b:37:f7:de:3b:16:
ba:2b:05:c5:58:a6:c3:f5:fe:1b:d1:5c:a8:19:47:
5a:a4:f7:68:f8:a0:55:87:fa:05:84:4f:a5:c9:40:
32:44:eb:43:cc:28:be:e7:bf:e2:3a:54:c9:46:bf:
82:a0:b9:9e:f3:7d:88:a1:48:4d:c1:c5:03:19:e5:
54:b6:42:14:45:c6:10:4f:0d:08:1e:37:7b:9c:15:
7e:b3:6d:90:07:64:40:9d:45:90:00:56:3e:93:70:
e0:06:a6:23:66:27:de:e8:4c:f5:86:16:68:ba:a5:
ac:f3:fc:be:93:6f:d4:a6:9d:cb:24:ae:6d:27:a7:
fa:0e:5c:82:fe:e3:e7:83:c2:22:16:ff:ed:f9:f6:
59:7e:9e:b1:04:08:4a:ca:7e:b2:d1:f4:5e:48:0c:
a3:10:53:4e:e4:4d:d1:35:42:1a:cb:b9:ca:eb:b0:
bc:01:c6:ca:e4:1e:f8:b1:70:32:6b:db:a1:95:ee:
26:95:c4:7c:5e:f9:60:13:bc:f9:eb:3d:54:0d:5a:
8b:64:61:fb:87:33:31:cf:e8:5e:dd:b5:6a:39:7b:
41:c8:50:18:1a:7f:bd:62:a1:75:a4:67:bb:05:5c:
47:89:d4:2e:af:58:79:35:8d:5f:6e:86:c9:5a:00:
bd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:71:45:CA:66:C9:C7:16:6B:B9:37:A5:63:B7:FF:EF:93:25:E4:79
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/NXFFymbJxxZruTelY7f_75Ml5Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.60.0/22
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.80.0/20
2.189.160.0/20
Signature Algorithm: sha256WithRSAEncryption
a3:6c:77:86:f5:5a:83:30:a9:32:d7:c5:34:f5:dc:25:de:28:
c4:22:1e:4a:ec:0e:5f:25:df:69:a1:59:c0:43:0b:6b:c3:89:
f7:ed:eb:60:e9:d2:4d:a6:12:31:48:5b:b4:f5:30:ae:b0:23:
bc:66:10:55:67:c3:cc:00:25:e0:64:69:13:89:dd:a6:c0:e0:
3a:6a:43:59:87:f4:cd:50:e7:6d:fa:f3:24:59:aa:a7:4c:22:
fb:8d:b5:e1:79:9e:ec:cc:2c:4a:90:80:80:3c:d5:1a:13:ba:
ab:b2:cf:c4:c4:97:a3:25:e9:42:e1:22:e5:f2:a6:13:11:49:
61:fd:52:cb:8e:79:af:cb:62:52:8a:3e:5d:b8:61:83:1e:ff:
25:2f:2c:fc:a7:4f:7d:f4:68:f9:1e:1b:cb:5c:d7:13:4d:3f:
31:a9:87:39:06:d3:9f:2a:df:d7:00:03:01:19:6a:2e:43:c6:
40:a6:e5:70:61:3a:97:d1:e6:5a:cb:79:b5:2c:42:23:3b:22:
44:b8:f5:59:22:44:4d:b1:8c:9c:e9:f4:31:81:8a:ba:2c:8c:
fb:fa:6a:9e:e3:3c:c3:1c:2f:b0:b0:ed:85:d5:1c:b8:51:22:
b5:76:b5:e3:73:33:06:ff:54:d7:c2:0b:4e:ba:08:83:6e:49:
36:25:3c:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYeGLhugAkMaa0x+NeCCSGtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNDE1MTgyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTcxNDVjYTY2YzljNzE2NmJiOTM3YTU2M2I3ZmZlZjkzMjVlNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA8XZaQmXS+LN/feOxa6KwXFWKbD
9f4b0VyoGUdapPdo+KBVh/oFhE+lyUAyROtDzCi+57/iOlTJRr+CoLme832IoUhN
wcUDGeVUtkIURcYQTw0IHjd7nBV+s22QB2RAnUWQAFY+k3DgBqYjZife6Ez1hhZo
uqWs8/y+k2/Upp3LJK5tJ6f6DlyC/uPng8IiFv/t+fZZfp6xBAhKyn6y0fReSAyj
EFNO5E3RNUIay7nK67C8AcbK5B74sXAya9uhle4mlcR8XvlgE7z56z1UDVqLZGH7
hzMxz+he3bVqOXtByFAYGn+9YqF1pGe7BVxHidQur1h5NY1fbobJWgC9GQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDVxRcpmyccWa7k3pWO3/++TJeR5MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvTlhGRnltYkp4eFpydVRlbFk3Zl83NU1sNUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCArw8AwQC
ArxIAwQDArygAwQBArywAwQGArzAAwQEAr1QAwQEAr2gMA0GCSqGSIb3DQEBCwUA
A4IBAQCjbHeG9VqDMKky18U09dwl3ijEIh5K7A5fJd9poVnAQwtrw4n37etg6dJN
phIxSFu09TCusCO8ZhBVZ8PMACXgZGkTid2mwOA6akNZh/TNUOdt+vMkWaqnTCL7
jbXheZ7szCxKkICAPNUaE7qrss/ExJejJelC4SLl8qYTEUlh/VLLjnmvy2JSij5d
uGGDHv8lLyz8p0999Gj5HhvLXNcTTT8xqYc5BtOfKt/XAAMBGWouQ8ZApuVwYTqX
0eZay3m1LEIjOyJEuPVZIkRNsYyc6fQxgYq6LIz7+mqe4zzDHC+wsO2F1Ry4USK1
drXjczMG/1TXwgtOugiDbkk2JTz7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:15 2025 by rpki-client