Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/NhOKVJ9Z_M8NVeU4DNrQEQc6XcE.roa
File: NhOKVJ9Z_M8NVeU4DNrQEQc6XcE.roa (raw, json)
Hash identifier: X/x7vm9dwX0lpE5GXYQzeDVJQecRs194QcS/rO4dukw=
Subject key identifier: 36:13:8A:54:9F:59:FC:CF:0D:55:E5:38:0C:DA:D0:11:07:3A:5D:C1
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 1D5F4992
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/NhOKVJ9Z_M8NVeU4DNrQEQc6XcE.roa
Signing time: Tue 29 Mar 2022 18:10:21 +0000
ROA not before: Tue 29 Mar 2022 18:10:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 212.111.211.0/24 maxlen: 24
77.47.210.0/23 maxlen: 24
212.111.216.0/23 maxlen: 24
212.111.218.0/23 maxlen: 24
77.47.240.0/23 maxlen: 24
195.178.128.0/22 maxlen: 24
195.178.142.0/23 maxlen: 24
195.178.146.0/23 maxlen: 24
185.143.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 492784018 (0x1d5f4992)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Mar 29 18:10:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36138a549f59fccf0d55e5380cdad011073a5dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:22:9c:dc:eb:9d:79:0a:7f:6e:97:b2:e4:
df:ed:72:8f:6a:44:2d:7b:0f:44:8a:2b:97:b9:02:
4b:40:d0:fd:e6:d6:42:77:99:63:7d:d8:51:b0:4a:
e1:6e:33:e4:d7:76:c7:8d:43:c2:6f:d8:25:5a:26:
e3:1f:c0:26:2b:ca:16:12:6b:57:9e:6c:9f:24:6d:
e0:f5:3b:36:04:1f:a8:59:fe:66:aa:b6:2a:19:72:
4e:c8:05:0e:bd:64:7e:ed:da:f7:40:5f:9a:a0:57:
9b:14:34:4d:38:7f:23:41:0a:b1:67:c1:85:e0:fa:
a7:ea:bf:4c:4a:c4:92:26:fb:1e:90:f8:2c:d9:93:
15:77:59:cf:dd:03:2f:15:20:a5:19:9c:3f:85:dc:
1b:9c:2f:1e:76:a8:17:57:9a:3e:21:82:d9:d6:0c:
01:39:84:c2:4c:9e:49:a3:81:21:64:9d:14:45:05:
af:89:ca:e8:f9:c9:90:1c:d1:f1:12:d9:c7:28:e1:
31:2d:b7:6e:4e:2b:e0:37:62:b4:e2:69:b8:41:91:
b2:42:2a:34:c6:50:76:da:0f:c6:0c:dd:aa:0f:d1:
44:99:11:ba:48:2b:34:4e:ac:81:24:7f:b1:5d:9c:
71:73:dd:33:27:18:f9:dc:98:46:bd:44:09:61:15:
10:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:13:8A:54:9F:59:FC:CF:0D:55:E5:38:0C:DA:D0:11:07:3A:5D:C1
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/NhOKVJ9Z_M8NVeU4DNrQEQc6XcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.210.0/23
77.47.240.0/23
185.143.56.0/22
195.178.128.0/22
195.178.142.0/23
195.178.146.0/23
212.111.211.0/24
212.111.216.0/22
Signature Algorithm: sha256WithRSAEncryption
71:43:ab:54:ba:10:bc:d7:4e:7d:97:27:5d:74:ee:1a:e5:f3:
3f:43:51:6a:ce:22:94:46:d9:69:b4:82:d0:1e:f8:23:18:8c:
11:da:ec:d8:e5:1f:13:f5:cd:78:32:d9:1e:d1:33:3f:8d:db:
4e:f7:85:e5:b1:08:41:ea:ab:7f:c1:d7:db:f5:b6:89:06:23:
4f:5a:f1:25:3a:16:7a:a7:98:41:e7:54:d5:b7:ec:9c:cb:ae:
00:ae:1f:b5:13:60:78:1c:6e:30:2d:c8:2b:2c:78:ea:ac:ff:
de:9b:1d:d8:3b:cb:46:38:b9:f0:05:0e:43:e4:dd:18:1c:4b:
e6:81:40:2e:e7:83:bf:1d:46:7c:9a:98:7e:7a:02:50:fd:26:
9d:29:c3:36:fa:fe:ef:1e:53:ee:aa:fb:35:16:73:ec:6d:aa:
6f:08:9e:81:52:db:2d:bb:69:ed:e1:c3:fc:75:68:2d:af:d6:
78:dd:f6:e2:86:f7:85:70:7a:1d:d1:08:4f:4d:4d:18:f6:58:
b8:8b:86:21:04:3e:43:f7:ad:24:e9:bd:37:21:19:b5:52:d3:
dd:7b:2c:6c:1d:04:f6:e8:e0:2b:f1:02:21:73:e0:80:b5:f6:
7c:9e:5b:93:23:5b:7e:45:7d:3b:04:18:87:cf:00:08:1f:f1:
c5:f5:d1:b2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEHV9JkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTQyNjMyNWFjYjhjZTYwOWE2ODZmYTY1NWIwNTg5Njg4MDliMzQ2MB4XDTIyMDMy
OTE4MTAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzYxMzhhNTQ5ZjU5
ZmNjZjBkNTVlNTM4MGNkYWQwMTEwNzNhNWRjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEbIpzc6515Cn9ul7Lk3+1yj2pELXsPRIorl7kCS0DQ/ebW
QneZY33YUbBK4W4z5Nd2x41Dwm/YJVom4x/AJivKFhJrV55snyRt4PU7NgQfqFn+
Zqq2KhlyTsgFDr1kfu3a90BfmqBXmxQ0TTh/I0EKsWfBheD6p+q/TErEkib7HpD4
LNmTFXdZz90DLxUgpRmcP4XcG5wvHnaoF1eaPiGC2dYMATmEwkyeSaOBIWSdFEUF
r4nK6PnJkBzR8RLZxyjhMS23bk4r4DditOJpuEGRskIqNMZQdtoPxgzdqg/RRJkR
ukgrNE6sgSR/sV2ccXPdMycY+dyYRr1ECWEVEA0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQ2E4pUn1n8zw1V5TgM2tARBzpdwTAfBgNVHSMEGDAWgBQZQmMlrLjOYJpo
b6ZVsFiWiAmzRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dVSmpKYXk0em1DYWFHLW1WYkJZbG9nSnMwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvOGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8x
L05oT0tWSjlaX004TlZlVTRETnJRRVFjNlhjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
OGI2ZmIwLWE4NzUtNDk0Ny04YWU0LTAzZjRjNzExM2MzNC8xL0dVSmpKYXk0em1D
YWFHLW1WYkJZbG9nSnMwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAU0v0gMEAU0v8AMEArmPOAMEAsOy
gAMEAcOyjgMEAcOykgMEANRv0wMEAtRv2DANBgkqhkiG9w0BAQsFAAOCAQEAcUOr
VLoQvNdOfZcnXXTuGuXzP0NRas4ilEbZabSC0B74IxiMEdrs2OUfE/XNeDLZHtEz
P43bTveF5bEIQeqrf8HX2/W2iQYjT1rxJToWeqeYQedU1bfsnMuuAK4ftRNgeBxu
MC3IKyx46qz/3psd2DvLRji58AUOQ+TdGBxL5oFALueDvx1GfJqYfnoCUP0mnSnD
Nvr+7x5T7qr7NRZz7G2qbwiegVLbLbtp7eHD/HVoLa/WeN324ob3hXB6HdEIT01N
GPZYuIuGIQQ+Q/etJOm9NyEZtVLT3XssbB0E9ujgK/ECIXPggLX2fJ5bkyNbfkV9
OwQYh88ACB/xxfXRsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:42 2024 by rpki-client on console-fra.rpki-client.org