Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncIZTOPi7VxKsOVXso65NKSanmU.roa
File: ncIZTOPi7VxKsOVXso65NKSanmU.roa (raw, json)
Hash identifier: zbqsly6MM+PZOcDQiyogcUIKUgNBZw1upG4R+vlJM0M=
Subject key identifier: 9D:C2:19:4C:E3:E2:ED:5C:4A:B0:E5:57:B2:8E:B9:34:A4:9A:9E:65
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0181EEA1342604AC46CF78CA08B3E3A71C30
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncIZTOPi7VxKsOVXso65NKSanmU.roa
Signing time: Mon 11 Jul 2022 18:59:10 +0000
ROA not before: Mon 11 Jul 2022 18:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:a1:34:26:04:ac:46:cf:78:ca:08:b3:e3:a7:1c:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 11 18:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dc2194ce3e2ed5c4ab0e557b28eb934a49a9e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5a:13:ea:5d:0a:b4:bb:ce:54:5b:cc:09:62:
a1:f2:8a:06:6d:fb:86:88:56:ca:42:60:8b:af:b8:
85:58:d2:b8:19:d1:31:4c:03:8d:02:f8:ab:c2:26:
93:2c:38:00:27:93:41:be:f1:38:24:2e:8b:17:6c:
e2:31:60:b4:78:d7:b8:2d:d3:ed:5a:b8:d7:16:cc:
d1:38:5e:c3:a2:eb:f8:67:fd:54:16:3b:74:7e:74:
76:10:dc:15:86:7a:4d:ed:1e:c1:a9:7c:0e:f5:b6:
8b:ae:f0:78:b6:ed:64:23:7e:e1:03:71:95:a6:60:
ed:55:d3:e5:e2:12:e5:c0:c0:43:40:39:52:26:73:
11:39:79:18:d9:fb:61:e0:4b:69:36:8d:ff:b3:66:
6a:83:18:22:5e:f3:c4:4b:db:3a:02:4f:80:53:b7:
5f:4f:fc:fc:42:21:de:c3:6e:89:42:9a:f0:71:bb:
e4:1b:39:b8:a5:a5:c9:d0:14:24:04:07:24:0b:09:
6e:68:69:ff:65:b7:07:a4:4a:06:a0:5f:1a:14:c6:
a7:4f:ed:82:b7:8b:aa:dd:be:13:6c:1d:3c:a2:13:
02:72:de:fe:0a:f4:65:21:d5:10:6e:a3:7f:0c:ad:
e4:0d:37:06:e1:b9:85:6a:ff:58:49:69:42:c1:59:
ae:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:C2:19:4C:E3:E2:ED:5C:4A:B0:E5:57:B2:8E:B9:34:A4:9A:9E:65
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ncIZTOPi7VxKsOVXso65NKSanmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
Signature Algorithm: sha256WithRSAEncryption
a7:65:45:ae:ed:09:5b:c2:2d:65:3f:c2:c9:d6:e2:bf:25:f2:
c0:df:28:c1:22:6e:d4:61:d8:cf:8e:1a:55:43:5a:be:01:1d:
c9:7f:a6:d6:e6:62:ee:ba:c5:13:f9:e9:b1:aa:07:a6:62:16:
9b:cb:f7:05:00:5d:35:bf:33:8c:e3:64:bf:83:44:86:25:de:
3d:fa:f4:37:ef:76:d9:4d:95:07:20:4d:82:93:c4:c2:42:03:
61:db:40:57:57:ed:ba:a5:1a:c5:34:99:4c:e3:3c:6c:e7:9d:
f7:b0:fb:af:0d:f1:33:f3:53:2a:e4:07:8e:53:45:ba:c3:0e:
97:55:ed:c4:61:2a:ab:0c:80:ef:f7:75:1d:a8:be:84:a4:1d:
2b:d2:a2:05:b1:1b:b2:17:8a:91:3f:20:a6:c4:87:50:82:57:
df:78:5c:ff:a9:00:77:c9:56:41:d2:0c:be:e3:ae:17:0b:d8:
eb:66:14:8c:24:47:fb:da:4d:81:7e:f4:3f:51:4b:cc:bc:6b:
81:65:3c:e5:7e:e5:26:c9:3a:95:ba:be:15:c2:55:99:4d:6b:
63:a5:cd:62:d2:26:12:b9:91:e7:d1:11:f3:01:c0:cd:c2:32:
1b:86:ae:21:38:48:e0:c3:f4:dc:7e:2e:72:80:91:a4:1a:1a:
bc:8c:de:ca
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYHuoTQmBKxGz3jKCLPjpxwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzExMTg1OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGMyMTk0Y2UzZTJlZDVjNGFiMGU1NTdiMjhlYjkzNGE0OWE5ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFoT6l0KtLvOVFvMCWKh8ooGbfuG
iFbKQmCLr7iFWNK4GdExTAONAvirwiaTLDgAJ5NBvvE4JC6LF2ziMWC0eNe4LdPt
WrjXFszROF7Douv4Z/1UFjt0fnR2ENwVhnpN7R7BqXwO9baLrvB4tu1kI37hA3GV
pmDtVdPl4hLlwMBDQDlSJnMROXkY2fth4EtpNo3/s2ZqgxgiXvPES9s6Ak+AU7df
T/z8QiHew26JQprwcbvkGzm4paXJ0BQkBAckCwluaGn/ZbcHpEoGoF8aFManT+2C
t4uq3b4TbB08ohMCct7+CvRlIdUQbqN/DK3kDTcG4bmFav9YSWlCwVmuwwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFJ3CGUzj4u1cSrDlV7KOuTSkmp5lMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbmNJWlRPUGk3VnhLc09WWHNvNjVOS1Nhbm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDA8BAIAATA2AwQCLQxE
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJv
MFwEAgACMFYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8AC
YAMHACoOsQcJ8gMHACoOsQcRZQMHACoOsQcXhgMHACoP5AQBAgMHBCoQzEABwDAN
BgkqhkiG9w0BAQsFAAOCAQEAp2VFru0JW8ItZT/CydbivyXywN8owSJu1GHYz44a
VUNavgEdyX+m1uZi7rrFE/npsaoHpmIWm8v3BQBdNb8zjONkv4NEhiXePfr0N+92
2U2VByBNgpPEwkIDYdtAV1ftuqUaxTSZTOM8bOed97D7rw3xM/NTKuQHjlNFusMO
l1XtxGEqqwyA7/d1Hai+hKQdK9KiBbEbsheKkT8gpsSHUIJX33hc/6kAd8lWQdIM
vuOuFwvY62YUjCRH+9pNgX70P1FLzLxrgWU85X7lJsk6lbq+FcJVmU1rY6XNYtIm
ErmR59ER8wHAzcIyG4auIThI4MP03H4ucoCRpBoavIzeyg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org