Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/Nc-eTE8P-bI-l2JJslSQJYxrR1U.roa
File: Nc-eTE8P-bI-l2JJslSQJYxrR1U.roa (raw, json)
Hash identifier: bi0drpNa2+cyGbgfgNLWU1Z9g7zq7ZpP6tfI2SFs9AA=
Subject key identifier: 35:CF:9E:4C:4F:0F:F9:B2:3E:97:62:49:B2:54:90:25:8C:6B:47:55
Certificate issuer: /CN=99efbb2b1653422837937dd27de354e68f9e01a3
Certificate serial: 08F16832
Authority key identifier: 99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/Nc-eTE8P-bI-l2JJslSQJYxrR1U.roa
Signing time: Sat 01 Jan 2022 04:01:45 +0000
ROA not before: Sat 01 Jan 2022 04:01:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48325
IP address blocks: 185.137.240.0/22 maxlen: 24
185.137.240.0/24 maxlen: 24
185.137.242.0/23 maxlen: 23
185.137.241.0/24 maxlen: 24
2a07:b80::/32 maxlen: 32
2a07:b81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150038578 (0x8f16832)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99efbb2b1653422837937dd27de354e68f9e01a3
Validity
Not Before: Jan 1 04:01:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35cf9e4c4f0ff9b23e976249b25490258c6b4755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ba:13:19:c2:38:be:2d:9f:9b:d6:ce:7d:8e:
e7:4c:5b:ee:66:ac:55:6c:8c:12:18:43:26:6e:1e:
74:c7:3e:71:f4:f2:ce:e4:36:46:bd:a8:e1:e6:05:
d3:17:45:2f:fb:a7:d4:fc:4c:53:bb:63:3d:e6:d0:
87:90:73:7e:e6:50:96:92:a8:3e:95:6d:c0:81:a7:
74:4d:74:08:56:10:80:f8:f0:a3:da:27:00:02:f2:
cb:f5:84:c4:d1:a5:71:44:7f:1b:91:e4:93:fd:39:
63:97:23:ef:aa:c8:3c:20:2b:a9:6e:a0:17:10:74:
39:4f:dc:e3:25:56:98:61:48:e0:17:ac:33:e1:a1:
e2:86:cf:0d:ee:c1:0f:43:e9:d5:3c:01:5c:cd:40:
63:34:fa:e9:6d:f2:5d:14:66:76:4f:64:13:b1:09:
a8:15:2e:97:d8:6b:74:49:a6:f0:34:5f:e9:71:8b:
91:c4:96:21:4e:7d:69:02:54:b3:4e:d1:09:ab:ad:
ef:44:98:60:9b:e3:67:34:8e:a9:10:a8:c4:00:86:
a8:1a:9c:2d:71:63:c2:c0:55:eb:cc:d7:db:4f:ff:
9e:33:32:ae:fa:42:2c:00:0b:c7:55:0d:4d:32:7d:
e1:f3:5d:60:b9:df:d7:68:cd:81:44:31:c6:64:20:
c4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CF:9E:4C:4F:0F:F9:B2:3E:97:62:49:B2:54:90:25:8C:6B:47:55
X509v3 Authority Key Identifier:
keyid:99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/Nc-eTE8P-bI-l2JJslSQJYxrR1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/me-7KxZTQig3k33SfeNU5o-eAaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.240.0/22
IPv6:
2a07:b80::/31
Signature Algorithm: sha256WithRSAEncryption
5a:26:13:97:6b:e0:af:0d:cb:1c:01:f0:c5:a8:bc:1e:97:19:
34:89:44:4a:b3:5c:ab:44:a7:f1:a0:8e:24:7d:cc:be:52:c8:
9d:48:29:63:91:9a:01:cb:9f:36:72:11:07:5b:04:ef:c3:f9:
9c:08:ce:56:05:de:f2:5c:bc:67:52:8e:c9:e9:4d:c5:e3:18:
f7:5e:8d:b4:a1:3f:3b:d7:83:43:72:08:2e:8e:e1:93:1f:3b:
e5:f8:d7:0b:f1:d7:a4:36:7a:52:14:2b:70:54:4a:37:53:7e:
5a:77:78:c0:d1:a8:98:6e:4d:82:91:cc:13:4b:2a:49:62:98:
c4:df:d5:42:41:51:a3:32:fb:c2:6f:43:ea:56:1b:aa:73:38:
68:06:d1:74:d8:e1:0e:20:38:f8:01:2a:bd:a8:98:3b:98:c2:
8a:57:75:c7:1e:56:d3:85:23:cf:1a:7d:47:ac:f2:ab:1a:4d:
85:32:6e:db:44:7f:21:1d:dd:a0:e5:00:01:79:79:87:47:da:
f6:47:64:0f:10:c0:87:e8:3c:89:21:f9:d3:ed:f1:e3:1e:26:
d1:7e:da:8a:ac:bd:1a:cf:80:ca:e7:56:f7:83:cc:31:b4:c5:
a2:ae:08:7c:30:1d:d0:fe:ae:58:00:42:56:79:e5:f4:b8:6c:
c2:f7:6c:12
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECPFoMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWVmYmIyYjE2NTM0MjI4Mzc5MzdkZDI3ZGUzNTRlNjhmOWUwMWEzMB4XDTIyMDEw
MTA0MDE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVjZjllNGM0ZjBm
ZjliMjNlOTc2MjQ5YjI1NDkwMjU4YzZiNDc1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJu6ExnCOL4tn5vWzn2O50xb7masVWyMEhhDJm4edMc+cfTy
zuQ2Rr2o4eYF0xdFL/un1PxMU7tjPebQh5BzfuZQlpKoPpVtwIGndE10CFYQgPjw
o9onAALyy/WExNGlcUR/G5Hkk/05Y5cj76rIPCArqW6gFxB0OU/c4yVWmGFI4Bes
M+Gh4obPDe7BD0Pp1TwBXM1AYzT66W3yXRRmdk9kE7EJqBUul9hrdEmm8DRf6XGL
kcSWIU59aQJUs07RCaut70SYYJvjZzSOqRCoxACGqBqcLXFjwsBV68zX20//njMy
rvpCLAALx1UNTTJ94fNdYLnf12jNgUQxxmQgxEMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ1z55MTw/5sj6XYkmyVJAljGtHVTAfBgNVHSMEGDAWgBSZ77srFlNCKDeT
fdJ941Tmj54BozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21lLTdLeFpUUWlnM2szM1NmZU5VNW8tZUFhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMzI2YmJjLWQwNjEtNGFmMS04OTY0LTQxZDc5ZWZiNDlhOS8x
L05jLWVURThQLWJJLWwySkpzbFNRSll4clIxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MzI2YmJjLWQwNjEtNGFmMS04OTY0LTQxZDc5ZWZiNDlhOS8xL21lLTdLeFpUUWln
M2szM1NmZU5VNW8tZUFhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmJ8DANBAIAAjAHAwUBKgcLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWiYTl2vgrw3LHAHwxai8HpcZNIlESrNcq0Sn8aCO
JH3MvlLInUgpY5GaAcufNnIRB1sE78P5nAjOVgXe8ly8Z1KOyelNxeMY916NtKE/
O9eDQ3IILo7hkx875fjXC/HXpDZ6UhQrcFRKN1N+Wnd4wNGomG5NgpHME0sqSWKY
xN/VQkFRozL7wm9D6lYbqnM4aAbRdNjhDiA4+AEqvaiYO5jCild1xx5W04Ujzxp9
R6zyqxpNhTJu20R/IR3doOUAAXl5h0fa9kdkDxDAh+g8iSH50+3x4x4m0X7aiqy9
Gs+AyudW94PMMbTFoq4IfDAd0P6uWABCVnnl9LhswvdsEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:00 2024 by rpki-client on console-fra.rpki-client.org