Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/nqUFOslnZ6rB5xjdjkF0AdcDz1c.roa
File: nqUFOslnZ6rB5xjdjkF0AdcDz1c.roa (raw, json)
Hash identifier: cOkCSQdowhe2f2Uo/ZmiMwkRDujY4rR6+eVnCB8Lk3w=
Subject key identifier: 9E:A5:05:3A:C9:67:67:AA:C1:E7:18:DD:8E:41:74:01:D7:03:CF:57
Certificate issuer: /CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Certificate serial: 12E8576D
Authority key identifier: 8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/nqUFOslnZ6rB5xjdjkF0AdcDz1c.roa
Signing time: Sat 01 Jan 2022 04:58:04 +0000
ROA not before: Sat 01 Jan 2022 04:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203924
IP address blocks: 185.113.144.0/22 maxlen: 22
185.146.36.0/22 maxlen: 22
185.216.120.0/22 maxlen: 22
193.105.0.0/24 maxlen: 24
2a06:6a40::/29 maxlen: 29
2a0b:b640::/29 maxlen: 29
2a07:4d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317216621 (0x12e8576d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f90f6b75e913f2782ed549eb72172c59cc47af1
Validity
Not Before: Jan 1 04:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ea5053ac96767aac1e718dd8e417401d703cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:fd:69:83:9d:2c:8f:31:16:cc:9e:5a:e8:
0d:c9:24:c0:5e:61:03:33:1e:be:0b:9a:d2:12:68:
15:a8:f4:e0:9c:a2:e5:45:80:76:2e:93:c8:28:9c:
e2:91:13:55:ce:75:32:b6:b6:46:a6:1a:d1:5b:ff:
16:e6:fa:0d:7d:fd:95:72:e3:68:bb:d7:cf:4a:fb:
72:fd:e8:0c:cf:a2:c4:73:64:b2:f4:16:bf:03:74:
6e:64:19:52:5d:13:22:32:00:98:70:64:07:36:af:
11:74:f5:d0:2f:ec:b2:67:a6:a7:00:80:9c:7f:7d:
8d:94:01:19:4c:96:43:1e:4b:5e:8a:86:08:76:25:
a3:70:33:3d:12:e3:a6:ce:e2:46:bf:ea:3f:ef:bc:
1b:39:4c:d7:20:55:a7:43:d1:dc:0b:83:7f:d9:23:
c3:22:10:e5:32:42:67:39:90:37:96:5a:5a:87:76:
b9:73:36:3c:06:fd:9d:41:12:fe:ea:5b:8a:10:40:
f4:32:61:89:c7:8f:b0:ad:f5:bf:43:80:4f:40:1b:
a8:8c:6a:78:0a:17:04:0d:9c:bc:48:b9:ad:44:fd:
74:62:0b:36:49:0a:1d:83:f2:1d:88:ba:dd:af:e9:
c6:4d:d3:d7:6d:58:4e:1d:d0:27:1f:c9:02:15:cc:
ca:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A5:05:3A:C9:67:67:AA:C1:E7:18:DD:8E:41:74:01:D7:03:CF:57
X509v3 Authority Key Identifier:
keyid:8F:90:F6:B7:5E:91:3F:27:82:ED:54:9E:B7:21:72:C5:9C:C4:7A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5D2t16RPyeC7VSetyFyxZzEevE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/nqUFOslnZ6rB5xjdjkF0AdcDz1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/3d3c3b-1a95-4b50-8974-c1d0acb7819a/1/j5D2t16RPyeC7VSetyFyxZzEevE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.144.0/22
185.146.36.0/22
185.216.120.0/22
193.105.0.0/24
IPv6:
2a06:6a40::/29
2a07:4d00::/29
2a0b:b640::/29
Signature Algorithm: sha256WithRSAEncryption
1f:fa:cf:64:b5:88:b5:40:6a:40:b6:29:c9:e1:bb:f9:05:73:
fa:d2:bd:dd:0b:92:5e:cf:63:13:b5:d1:c6:07:a8:0c:b6:0a:
0b:be:cf:29:5a:16:4d:d2:78:70:69:79:0b:42:41:29:04:f5:
2f:b2:56:c2:8c:83:20:c3:d4:74:35:53:1c:59:69:9f:01:6b:
a3:cd:49:d8:88:da:22:b7:bc:07:06:b7:86:31:00:77:c5:e0:
32:42:59:4e:e4:c5:d0:0e:3c:46:d4:89:14:4a:ec:d7:2f:58:
9f:b1:71:79:18:00:fa:f9:82:8f:7b:01:18:e7:28:cd:f2:be:
7c:c6:3e:47:cf:01:9a:5a:c7:47:0d:b4:a2:dc:04:e8:b0:5e:
5b:5d:b5:59:5b:1b:0f:e9:af:7a:dc:d5:8d:21:f1:53:cf:f7:
0b:49:08:90:18:fd:3d:0b:65:b1:94:04:64:65:e4:c0:40:15:
49:5e:55:cb:56:19:1a:6a:9f:5e:40:a1:ba:a4:75:3f:42:f8:
0d:bc:0b:76:8d:14:eb:a0:0e:da:26:3d:7b:98:12:f9:a3:a4:
1f:9f:24:b9:12:31:3a:ef:55:b0:15:0e:23:d6:62:3e:30:9b:
e2:2f:8f:6a:62:67:33:7b:a2:a7:be:50:e1:0f:5e:6e:00:94:
86:f1:d0:d6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEEuhXbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjkwZjZiNzVlOTEzZjI3ODJlZDU0OWViNzIxNzJjNTljYzQ3YWYxMB4XDTIyMDEw
MTA0NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVhNTA1M2FjOTY3
NjdhYWMxZTcxOGRkOGU0MTc0MDFkNzAzY2Y1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4I/WmDnSyPMRbMnlroDckkwF5hAzMevgua0hJoFaj04Jyi
5UWAdi6TyCic4pETVc51Mra2RqYa0Vv/Fub6DX39lXLjaLvXz0r7cv3oDM+ixHNk
svQWvwN0bmQZUl0TIjIAmHBkBzavEXT10C/ssmempwCAnH99jZQBGUyWQx5LXoqG
CHYlo3AzPRLjps7iRr/qP++8GzlM1yBVp0PR3AuDf9kjwyIQ5TJCZzmQN5ZaWod2
uXM2PAb9nUES/upbihBA9DJhicePsK31v0OAT0AbqIxqeAoXBA2cvEi5rUT9dGIL
NkkKHYPyHYi63a/pxk3T121YTh3QJx/JAhXMygMCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSepQU6yWdnqsHnGN2OQXQB1wPPVzAfBgNVHSMEGDAWgBSPkPa3XpE/J4Lt
VJ63IXLFnMR68TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o1RDJ0MTZSUHllQzdWU2V0eUZ5eFp6RWV2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvM2QzYzNiLTFhOTUtNGI1MC04OTc0LWMxZDBhY2I3ODE5YS8x
L25xVUZPc2xuWjZyQjV4amRqa0YwQWRjRHoxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
M2QzYzNiLTFhOTUtNGI1MC04OTc0LWMxZDBhY2I3ODE5YS8xL2o1RDJ0MTZSUHll
QzdWU2V0eUZ5eFp6RWV2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wHgQCAAEwGAMEArlxkAMEArmSJAMEArnYeAMEAMFp
ADAbBAIAAjAVAwUDKgZqQAMFAyoHTQADBQMqC7ZAMA0GCSqGSIb3DQEBCwUAA4IB
AQAf+s9ktYi1QGpAtinJ4bv5BXP60r3dC5Jez2MTtdHGB6gMtgoLvs8pWhZN0nhw
aXkLQkEpBPUvslbCjIMgw9R0NVMcWWmfAWujzUnYiNoit7wHBreGMQB3xeAyQllO
5MXQDjxG1IkUSuzXL1ifsXF5GAD6+YKPewEY5yjN8r58xj5HzwGaWsdHDbSi3ATo
sF5bXbVZWxsP6a963NWNIfFTz/cLSQiQGP09C2WxlARkZeTAQBVJXlXLVhkaap9e
QKG6pHU/QvgNvAt2jRTroA7aJj17mBL5o6QfnyS5EjE671WwFQ4j1mI+MJviL49q
Ymcze6KnvlDhD15uAJSG8dDW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:00 2024 by rpki-client on console-ams.rpki-client.org