Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/6NKlcRRQ7_lfeUI2STs2QEg_4C4.roa
File: 6NKlcRRQ7_lfeUI2STs2QEg_4C4.roa (raw, json)
Hash identifier: kddEv0aVln2nqYrOqTlD0uilQElcFp5i46kWNzAPnto=
Subject key identifier: E8:D2:A5:71:14:50:EF:F9:5F:79:42:36:49:3B:36:40:48:3F:E0:2E
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 1F933573
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/6NKlcRRQ7_lfeUI2STs2QEg_4C4.roa
Signing time: Sat 01 Jan 2022 14:06:39 +0000
ROA not before: Sat 01 Jan 2022 14:06:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57433
IP address blocks: 185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
94.154.51.0/24 maxlen: 24
94.154.48.0/21 maxlen: 21
94.154.49.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.48.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.163.0/24 maxlen: 24
176.100.32.0/21 maxlen: 21
176.100.32.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
37.114.37.0/24 maxlen: 24
37.114.32.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
2a00:ccc1::/48 maxlen: 48
2a00:ccc0::/32 maxlen: 32
2a00:ccc1:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 529741171 (0x1f933573)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 14:06:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8d2a5711450eff95f794236493b3640483fe02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:64:f0:25:9e:5f:9e:75:33:3f:21:52:f6:
ad:a9:b5:fb:38:a4:54:c3:e4:e8:02:0c:4b:a5:40:
27:6e:ea:da:37:9d:99:b0:e0:dc:9c:13:8f:61:ff:
9b:cb:72:7e:20:66:41:ec:96:fe:eb:67:e2:34:af:
bd:6e:6e:aa:6d:5d:60:84:1d:f1:d4:d6:6b:84:7b:
b8:e1:ec:14:e9:ae:1d:e6:e5:d0:b6:e6:6b:c4:e8:
6a:8d:51:a5:b0:3e:79:ae:d6:85:ea:3c:2e:57:92:
cd:d5:84:6a:a0:a1:1e:6c:b7:45:8e:9c:33:8a:cc:
43:c7:0d:46:af:4e:97:46:ff:45:a6:c1:ef:a5:35:
89:5c:26:7b:15:c9:7a:fe:2b:74:ab:6a:9c:e0:cd:
e2:4d:0a:53:eb:9d:73:76:50:41:6b:dc:25:45:de:
27:e3:fb:4e:df:b4:72:cb:1f:fa:1d:51:74:bf:51:
62:0c:1b:af:18:26:34:f7:62:bf:a3:0c:01:8b:79:
f8:92:ea:30:6b:aa:26:05:9d:83:88:42:5b:a4:cb:
47:63:4b:1f:5f:8b:58:70:74:08:1a:22:90:a1:54:
e5:cb:18:a7:b2:bd:be:86:1b:04:dc:98:a8:fb:25:
87:95:5f:f0:b8:12:43:a9:3d:59:70:2c:b7:52:4a:
e2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D2:A5:71:14:50:EF:F9:5F:79:42:36:49:3B:36:40:48:3F:E0:2E
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/6NKlcRRQ7_lfeUI2STs2QEg_4C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/24
37.114.37.0/24
37.114.58.0/24
43.251.160.0/22
94.154.48.0/21
176.100.32.0/21
185.14.92.0/23
IPv6:
2a00:ccc0::-2a00:ccc1:0:ffff:ffff:ffff:ffff:ffff
2a00:ccc1:4::/48
Signature Algorithm: sha256WithRSAEncryption
32:4a:d7:77:b6:7e:ff:cb:f7:17:55:fb:19:fe:a5:22:43:86:
46:2f:4e:41:9b:d8:f6:ca:dd:92:f5:98:66:a8:ab:ba:88:ab:
4c:8d:9a:ea:70:e8:fc:1b:fc:89:c8:ef:77:71:9b:2f:60:55:
30:11:c3:96:aa:88:1c:d0:c2:25:f2:01:1c:d0:25:dd:27:4b:
7b:99:a8:9f:84:38:68:92:ed:e7:f8:b4:54:c1:53:a3:2b:6f:
02:f4:77:03:a9:03:fb:c1:c1:43:eb:8c:fa:e1:f9:08:27:dd:
93:01:67:37:66:77:20:99:6c:7e:52:ac:12:44:59:a7:ea:97:
6d:1c:55:2b:ca:79:7f:89:3c:db:13:1d:8c:21:9c:26:fc:1d:
fc:00:2c:4d:20:f4:07:f1:18:76:a0:d4:b1:bc:50:a7:3c:62:
ff:3b:38:bb:b5:eb:fb:cf:63:f6:5e:0a:c0:8e:36:50:e9:a7:
0a:d7:9a:d7:72:1d:6f:db:0b:de:0a:49:d6:23:9e:2f:fb:cf:
a6:69:24:64:47:16:01:66:d3:3a:37:60:13:2a:1a:a0:7b:f6:
3b:ca:84:ab:11:ce:8c:b3:66:5e:2e:27:85:d4:ad:95:67:6b:
0d:d4:a5:d2:5b:54:ce:d8:c3:e1:48:c1:05:57:da:4c:35:21:
d7:2b:b7:6e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEH5M1czANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDEw
MTE0MDYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThkMmE1NzExNDUw
ZWZmOTVmNzk0MjM2NDkzYjM2NDA0ODNmZTAyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf+ZPAlnl+edTM/IVL2ram1+zikVMPk6AIMS6VAJ27q2jed
mbDg3JwTj2H/m8tyfiBmQeyW/utn4jSvvW5uqm1dYIQd8dTWa4R7uOHsFOmuHebl
0Lbma8Toao1RpbA+ea7Wheo8LleSzdWEaqChHmy3RY6cM4rMQ8cNRq9Ol0b/RabB
76U1iVwmexXJev4rdKtqnODN4k0KU+udc3ZQQWvcJUXeJ+P7Tt+0cssf+h1RdL9R
YgwbrxgmNPdiv6MMAYt5+JLqMGuqJgWdg4hCW6TLR2NLH1+LWHB0CBoikKFU5csY
p7K9voYbBNyYqPslh5Vf8LgSQ6k9WXAst1JK4lsCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBTo0qVxFFDv+V95QjZJOzZASD/gLjAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
LzZOS2xjUlJRN19sZmVVSTJTVHMyUUVnXzRDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwMAQCAAEwKgMEACVyIAMEACVyJQMEACVyOgMEAiv7
oAMEA16aMAMEA7BkIAMEAbkOXDAhBAIAAjAbMBADBQYqAMzAAwcAKgDMwQAAAwcA
KgDMwQAEMA0GCSqGSIb3DQEBCwUAA4IBAQAyStd3tn7/y/cXVfsZ/qUiQ4ZGL05B
m9j2yt2S9ZhmqKu6iKtMjZrqcOj8G/yJyO93cZsvYFUwEcOWqogc0MIl8gEc0CXd
J0t7maifhDhoku3n+LRUwVOjK28C9HcDqQP7wcFD64z64fkIJ92TAWc3ZncgmWx+
UqwSRFmn6pdtHFUrynl/iTzbEx2MIZwm/B38ACxNIPQH8Rh2oNSxvFCnPGL/Ozi7
tev7z2P2XgrAjjZQ6acK15rXch1v2wveCknWI54v+8+maSRkRxYBZtM6N2ATKhqg
e/Y7yoSrEc6Ms2ZeLieF1K2VZ2sN1KXSW1TO2MPhSMEFV9pMNSHXK7du
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:45 2023 by rpki-client on console-ams.rpki-client.org