Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/nPHiDOX4JDXiM7wDZ8Fh2D9y37w.roa
File: nPHiDOX4JDXiM7wDZ8Fh2D9y37w.roa (raw, json)
Hash identifier: ewYYsr9dPMt4EgCcU4PzIytNqKrNmjkVPYwfIsefmuc=
Subject key identifier: 9C:F1:E2:0C:E5:F8:24:35:E2:33:BC:03:67:C1:61:D8:3F:72:DF:BC
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 0811E2F6
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/nPHiDOX4JDXiM7wDZ8Fh2D9y37w.roa
Signing time: Sat 01 Jan 2022 05:55:37 +0000
ROA not before: Sat 01 Jan 2022 05:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207143
IP address blocks: 185.229.89.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
2a11:8b82::/32 maxlen: 32
2a11:8b81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135389942 (0x811e2f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: Jan 1 05:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cf1e20ce5f82435e233bc0367c161d83f72dfbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:98:99:0f:58:c0:bf:f0:a8:a8:46:4f:a5:
e1:76:a8:1d:d1:05:e3:00:31:03:58:57:e5:9e:32:
a9:35:d0:36:8f:08:f8:4d:4c:ff:68:58:7e:d8:7c:
61:e0:e8:2d:ca:8b:8d:85:75:98:55:0d:2f:98:be:
70:81:84:67:4a:f0:5c:52:bc:0f:58:4d:b5:10:70:
d3:a5:b0:81:f6:49:8b:a8:7d:f6:07:1b:7e:d2:d0:
30:20:f8:7d:44:3e:d6:e6:f4:fb:43:30:0f:c1:c6:
d2:c7:c1:1a:9e:1f:96:80:7a:91:40:f2:8d:b2:f8:
d1:4e:21:ef:e7:c8:44:fd:61:ab:5b:0f:47:a7:43:
b9:b2:61:99:ef:ab:cf:f9:d6:7d:2d:06:e4:08:33:
f7:35:23:1b:0a:09:13:0a:52:db:51:eb:38:88:a4:
e0:55:11:4d:6f:8d:4f:78:f4:09:31:b4:a7:c4:41:
1b:1d:43:39:c7:57:69:fd:ed:8b:9b:da:2e:a2:9b:
94:ef:a7:8f:55:35:24:39:99:91:9f:20:84:cd:1f:
21:27:7a:ab:8b:f3:f0:a1:22:51:04:1a:d2:ec:c5:
f3:93:84:86:03:e5:fe:66:af:85:b1:e4:74:b4:31:
22:78:78:0d:dc:30:4d:42:c3:4e:69:18:c8:ce:3b:
3a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F1:E2:0C:E5:F8:24:35:E2:33:BC:03:67:C1:61:D8:3F:72:DF:BC
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/nPHiDOX4JDXiM7wDZ8Fh2D9y37w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.156.0/22
185.229.88.0/22
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:af:c7:39:d2:91:b6:63:73:5b:c2:d9:54:b3:fd:8a:ae:19:
af:22:22:7f:f8:0d:51:d9:bb:0e:27:83:5c:49:4f:1e:4a:a6:
6c:c1:1f:fe:94:5f:1f:8a:20:06:10:01:66:d0:89:59:4a:1e:
b1:0a:9e:4b:0d:b6:5d:b1:e0:54:a5:68:75:80:ab:25:cf:38:
b0:bf:d3:3d:e9:a1:64:79:14:06:40:d5:21:ee:08:b2:1e:b8:
f2:83:20:69:03:68:c5:44:ea:6f:6e:cc:d8:4c:fc:ca:2c:91:
6f:bc:e8:3e:d2:5d:bc:6a:60:2d:e5:d9:c9:83:f6:d4:df:6b:
61:c4:4c:f3:46:73:65:39:70:d6:a6:94:36:ad:e1:75:65:0d:
90:ab:41:c6:f8:7b:0a:5f:cf:04:67:92:4b:e0:33:8c:4d:d9:
bb:cc:65:66:cd:25:a1:5f:81:b8:6b:83:04:7b:fd:ac:0c:22:
d6:25:c5:05:a9:7c:c2:bd:1a:18:a8:e2:ba:d0:90:f7:7b:0b:
90:ad:76:a9:ef:5a:e4:70:da:fa:6a:01:4c:5a:cb:f6:c5:38:
39:c1:ae:cb:fd:76:c8:0a:14:e3:ca:5a:3f:ef:0c:d9:2d:6b:
3e:8d:94:8e:e3:84:16:fb:e2:72:3d:0a:f5:89:86:59:38:de:
4b:8a:b4:80
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECBHi9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjNhMmIzZGQ3NjY3Mjc1ZjA5ODg2ZGY3ZGEwNzlmNzU1Y2VlZDU5MB4XDTIyMDEw
MTA1NTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNmMWUyMGNlNWY4
MjQzNWUyMzNiYzAzNjdjMTYxZDgzZjcyZGZiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRemJkPWMC/8KioRk+l4XaoHdEF4wAxA1hX5Z4yqTXQNo8I
+E1M/2hYfth8YeDoLcqLjYV1mFUNL5i+cIGEZ0rwXFK8D1hNtRBw06WwgfZJi6h9
9gcbftLQMCD4fUQ+1ub0+0MwD8HG0sfBGp4floB6kUDyjbL40U4h7+fIRP1hq1sP
R6dDubJhme+rz/nWfS0G5Agz9zUjGwoJEwpS21HrOIik4FURTW+NT3j0CTG0p8RB
Gx1DOcdXaf3ti5vaLqKblO+nj1U1JDmZkZ8ghM0fISd6q4vz8KEiUQQa0uzF85OE
hgPl/mavhbHkdLQxInh4DdwwTULDTmkYyM47Ol8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSc8eIM5fgkNeIzvANnwWHYP3LfvDAfBgNVHSMEGDAWgBSSOis912ZydfCY
ht99oHn3Vc7tWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tqb3JQZGRtY25Yd21JYmZmYUI1OTFYTzdWay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYjc5NmY0LTJlODgtNGVhYS1hMjY5LTI3MzhiY2I0M2Q2ZC8x
L25QSGlET1g0SkRYaU03d0RaOEZoMkQ5eTM3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
Yjc5NmY0LTJlODgtNGVhYS1hMjY5LTI3MzhiY2I0M2Q2ZC8xL2tqb3JQZGRtY25Y
d21JYmZmYUI1OTFYTzdWay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEArllnAMEArnlWDAWBAIAAjAQMA4D
BQAqEYuBAwUAKhGLgjANBgkqhkiG9w0BAQsFAAOCAQEAVq/HOdKRtmNzW8LZVLP9
iq4ZryIif/gNUdm7DieDXElPHkqmbMEf/pRfH4ogBhABZtCJWUoesQqeSw22XbHg
VKVodYCrJc84sL/TPemhZHkUBkDVIe4Ish648oMgaQNoxUTqb27M2Ez8yiyRb7zo
PtJdvGpgLeXZyYP21N9rYcRM80ZzZTlw1qaUNq3hdWUNkKtBxvh7Cl/PBGeSS+Az
jE3Zu8xlZs0loV+BuGuDBHv9rAwi1iXFBal8wr0aGKjiutCQ93sLkK12qe9a5HDa
+moBTFrL9sU4OcGuy/12yAoU48paP+8M2S1rPo2UjuOEFvvicj0K9YmGWTjeS4q0
gA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:01 2025 by rpki-client