Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nmTYZwXStgaoPrNcbAu6OnPSB3A.roa
File: nmTYZwXStgaoPrNcbAu6OnPSB3A.roa (raw, json)
Hash identifier: kqac2L1dKrVi3o7SuOurGwqfQ+xdHljQ98WoIgdCrrM=
Subject key identifier: 9E:64:D8:67:05:D2:B6:06:A8:3E:B3:5C:6C:0B:BA:3A:73:D2:07:70
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184D998EF4D6024703C9EAAAD415775C6A2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nmTYZwXStgaoPrNcbAu6OnPSB3A.roa
Signing time: Sat 03 Dec 2022 20:06:29 +0000
ROA not before: Sat 03 Dec 2022 20:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.69.0/24 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d9:98:ef:4d:60:24:70:3c:9e:aa:ad:41:57:75:c6:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 3 20:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e64d86705d2b606a83eb35c6c0bba3a73d20770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ff:53:8d:ef:70:7e:bc:57:88:9d:8c:b9:b9:
1c:65:46:04:3e:f1:c0:ef:a7:d6:e3:63:0d:db:b6:
2d:98:07:c9:19:1f:f2:4f:88:2c:c1:18:b2:c6:a3:
30:e4:67:57:e1:68:b5:32:d4:50:72:2d:cb:26:4b:
b5:b1:e8:70:13:1e:1f:b5:1b:ac:a8:ea:8c:08:f8:
e6:9b:82:5d:61:49:35:36:a0:3b:be:39:30:a5:4b:
e9:72:5d:ce:bd:4c:3f:51:6d:b1:c0:39:78:bd:bf:
20:ae:b5:23:3c:14:62:5e:c8:0b:62:4d:6f:73:ff:
df:24:b5:f4:7a:7a:3e:45:f9:32:8b:31:87:47:a2:
ef:e7:2c:2d:90:0a:67:0e:9b:14:ca:68:24:19:95:
4e:86:db:b5:90:f0:45:82:be:96:89:c9:f7:e6:8f:
31:83:76:56:a7:5b:ac:b1:64:ac:01:39:46:7a:ef:
fb:f6:e6:61:b7:88:d7:97:79:2b:f2:86:9f:f7:44:
98:ac:ea:2b:18:a4:53:17:1b:03:b0:0e:e7:4a:93:
52:8c:ab:86:ed:61:67:37:d3:85:f7:f3:20:5c:c3:
ba:2f:a3:ec:04:0b:94:51:a5:a4:a2:b9:2f:48:b1:
90:fb:f9:52:59:c0:45:de:16:57:4e:20:b2:63:a7:
56:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:64:D8:67:05:D2:B6:06:A8:3E:B3:5C:6C:0B:BA:3A:73:D2:07:70
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nmTYZwXStgaoPrNcbAu6OnPSB3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.69.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:250::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
01:43:75:9d:18:ec:e4:49:c4:fc:3b:9b:e3:08:f3:21:de:d0:
b3:be:23:b9:82:4c:5b:d1:3c:aa:c6:4f:8c:7f:81:1a:b6:a2:
f7:24:82:13:73:b8:be:09:74:bc:95:85:a7:12:ba:cd:46:9c:
5a:3a:f9:2d:18:cd:fd:2d:54:23:19:ca:1d:a5:ae:d5:0f:43:
99:ad:38:39:4b:85:c9:5a:8b:fc:f4:52:e7:ba:32:51:0b:b7:
72:65:42:c1:e1:f7:4e:0b:2a:cf:0f:19:60:b6:b6:78:01:a5:
e4:22:d7:f0:9f:a3:a0:d2:60:0b:4d:b0:49:ea:ca:90:84:96:
22:4b:ba:3e:9e:93:09:78:29:0f:9f:77:45:f8:4c:ca:1e:5e:
d6:7e:fd:77:71:9e:6f:f7:66:fe:5e:7f:5f:c6:67:c5:d2:e7:
b6:c8:ed:8a:d8:9d:33:0e:aa:69:c6:ff:86:fd:66:70:7f:7a:
e6:d9:c9:f0:59:bb:7c:17:19:35:3c:25:48:11:fc:53:a6:70:
c7:f5:2b:e0:d1:3c:e8:0a:d9:1f:79:8a:3f:da:f8:df:1f:8c:
5d:00:73:f7:a2:6f:cf:d9:75:56:d9:15:d4:db:27:75:9d:fc:
dd:10:58:e6:78:51:20:48:06:7a:9a:5e:cf:2e:4b:42:0c:ae:
b1:33:c4:cc
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYTZmO9NYCRwPJ6qrUFXdcaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjAzMjAwNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY0ZDg2NzA1ZDJiNjA2YTgzZWIzNWM2YzBiYmEzYTczZDIwNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkP9Tje9wfrxXiJ2MubkcZUYEPvHA
76fW42MN27YtmAfJGR/yT4gswRiyxqMw5GdX4Wi1MtRQci3LJku1sehwEx4ftRus
qOqMCPjmm4JdYUk1NqA7vjkwpUvpcl3OvUw/UW2xwDl4vb8grrUjPBRiXsgLYk1v
c//fJLX0eno+RfkyizGHR6Lv5ywtkApnDpsUymgkGZVOhtu1kPBFgr6Wicn35o8x
g3ZWp1ussWSsATlGeu/79uZht4jXl3kr8oaf90SYrOorGKRTFxsDsA7nSpNSjKuG
7WFnN9OF9/MgXMO6L6PsBAuUUaWkorkvSLGQ+/lSWcBF3hZXTiCyY6dWCQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFJ5k2GcF0rYGqD6zXGwLujpz0gdwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbm1UWVp3WFN0Z2FvUHJOY2JBdTZPblBTQjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzA2BAIAATAwAwQAHyq3
AwQALQxFAwQCLYiIAwQAVcrLAwQAXrF6AwQAwjJcAwQAwjJeAwQAwjJvMHUEAgAC
MG8DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcEKg6XxAEAAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAEC
AwcEKhDMQAJQAwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAAFDdZ0Y7ORJxPw7
m+MI8yHe0LO+I7mCTFvRPKrGT4x/gRq2ovckghNzuL4JdLyVhacSus1GnFo6+S0Y
zf0tVCMZyh2lrtUPQ5mtODlLhclai/z0Uue6MlELt3JlQsHh904LKs8PGWC2tngB
peQi1/Cfo6DSYAtNsEnqypCEliJLuj6ekwl4KQ+fd0X4TMoeXtZ+/Xdxnm/3Zv5e
f1/GZ8XS57bI7YrYnTMOqmnG/4b9ZnB/eubZyfBZu3wXGTU8JUgR/FOmcMf1K+DR
POgK2R95ij/a+N8fjF0Ac/eib8/ZdVbZFdTbJ3Wd/N0QWOZ4USBIBnqaXs8uS0IM
rrEzxMw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org