Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/nuAvKIU1UX5WV8AiKE2AeDoGbvE.roa
File: nuAvKIU1UX5WV8AiKE2AeDoGbvE.roa (raw, json)
Hash identifier: S7xUPxIjaCC1iHLJZ1dHINGrm+PNMEWcbKeRAQN9BJ8=
Subject key identifier: 9E:E0:2F:28:85:35:51:7E:56:57:C0:22:28:4D:80:78:3A:06:6E:F1
Certificate issuer: /CN=20ba71e46c75916b8e5de193cc7f81069df86f73
Certificate serial: 03A0DB4B
Authority key identifier: 20:BA:71:E4:6C:75:91:6B:8E:5D:E1:93:CC:7F:81:06:9D:F8:6F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILpx5Gx1kWuOXeGTzH-BBp34b3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/nuAvKIU1UX5WV8AiKE2AeDoGbvE.roa
Signing time: Sat 01 Jan 2022 00:51:37 +0000
ROA not before: Sat 01 Jan 2022 00:51:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206616
IP address blocks: 185.149.92.0/22 maxlen: 29
212.15.88.0/21 maxlen: 21
2a07:7a80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60873547 (0x3a0db4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ba71e46c75916b8e5de193cc7f81069df86f73
Validity
Not Before: Jan 1 00:51:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ee02f288535517e5657c022284d80783a066ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:7f:52:97:49:36:a3:44:b9:ae:c3:51:5d:
7f:60:93:cd:cf:e8:3f:6a:64:31:c3:f4:5d:43:7a:
5c:32:b5:3b:cd:56:3d:97:fa:a9:38:04:6b:e1:d0:
c7:59:db:e4:11:b3:0f:58:d7:40:de:95:8e:c7:4b:
e4:57:c1:1e:82:4f:63:a7:12:fb:aa:a4:3d:7a:5f:
b1:00:76:bb:e8:6e:4f:23:ea:10:89:c6:3f:a8:0a:
8a:1d:28:5a:45:d1:b7:fb:e6:1f:19:cc:f3:5b:ae:
3b:c4:dd:15:6a:2e:ec:88:49:df:dc:f2:fe:22:1d:
79:37:0c:9f:cb:9f:c8:34:01:59:12:2e:5d:f3:fc:
c0:bd:a4:11:eb:e0:50:31:b3:ae:9e:fa:c0:bb:15:
77:eb:09:c0:10:64:f6:7e:03:fc:11:f7:f2:ce:bb:
ee:b3:5c:8b:b9:c9:2f:18:3c:7b:79:74:76:d2:25:
6b:8e:60:bf:f8:31:71:8a:30:3a:f7:58:99:7a:4d:
41:33:6e:a0:d3:8e:d4:62:66:a9:84:db:34:b9:51:
9c:3d:8f:16:07:70:ad:dc:79:fc:96:d9:ec:6e:91:
53:53:93:08:d7:c3:01:d1:a4:b8:28:72:a2:1d:5d:
a5:18:56:63:6d:f8:c4:c7:8e:04:b2:ff:c8:f0:3a:
b2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E0:2F:28:85:35:51:7E:56:57:C0:22:28:4D:80:78:3A:06:6E:F1
X509v3 Authority Key Identifier:
keyid:20:BA:71:E4:6C:75:91:6B:8E:5D:E1:93:CC:7F:81:06:9D:F8:6F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILpx5Gx1kWuOXeGTzH-BBp34b3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/nuAvKIU1UX5WV8AiKE2AeDoGbvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/d0642c-84e6-4290-afb1-484500bcfb07/1/ILpx5Gx1kWuOXeGTzH-BBp34b3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.92.0/22
212.15.88.0/21
IPv6:
2a07:7a80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:00:35:55:11:8e:c1:5b:aa:b7:f5:23:b5:50:9d:9c:4d:d6:
d3:2d:67:bd:db:d6:85:f2:3f:d5:1e:c2:40:14:e6:a4:2e:4e:
d8:eb:0f:5a:99:75:fe:d3:e9:08:06:55:91:c6:e9:c8:8d:3f:
95:4c:d3:8c:f0:10:e2:d3:c4:f2:4b:af:1c:2b:17:51:65:08:
e7:19:3b:be:b1:68:d1:97:63:29:8f:ca:b9:17:f6:61:2b:31:
19:85:70:e1:d8:60:bb:e2:38:f6:7d:e9:48:9b:7f:05:b6:26:
ec:e4:df:9b:1b:fb:74:03:f8:91:7c:ac:22:58:4f:2b:b3:68:
6b:8f:28:c5:65:1b:e8:14:72:87:00:0d:83:f3:4b:ec:90:ac:
e3:92:4d:c1:94:22:9e:5e:e2:32:e9:22:f1:97:8f:7c:f9:ad:
db:9b:79:5d:9c:d6:aa:ce:c0:0d:21:b1:ee:aa:d8:1d:11:1a:
2f:77:f9:8a:dc:9f:76:80:2c:e3:01:9c:af:99:80:31:47:1d:
10:bd:d0:98:b9:27:82:ab:a6:21:5f:e2:1b:05:74:c7:c6:f6:
3b:34:98:6e:3d:34:53:d6:01:25:99:a3:1e:7e:3d:4a:6a:06:
88:22:ec:2b:3d:8a:7c:01:e0:d8:89:98:7b:3d:46:37:81:73:
18:67:c6:ad
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA6DbSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGJhNzFlNDZjNzU5MTZiOGU1ZGUxOTNjYzdmODEwNjlkZjg2ZjczMB4XDTIyMDEw
MTAwNTEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVlMDJmMjg4NTM1
NTE3ZTU2NTdjMDIyMjg0ZDgwNzgzYTA2NmVmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjDf1KXSTajRLmuw1Fdf2CTzc/oP2pkMcP0XUN6XDK1O81W
PZf6qTgEa+HQx1nb5BGzD1jXQN6VjsdL5FfBHoJPY6cS+6qkPXpfsQB2u+huTyPq
EInGP6gKih0oWkXRt/vmHxnM81uuO8TdFWou7IhJ39zy/iIdeTcMn8ufyDQBWRIu
XfP8wL2kEevgUDGzrp76wLsVd+sJwBBk9n4D/BH38s677rNci7nJLxg8e3l0dtIl
a45gv/gxcYowOvdYmXpNQTNuoNOO1GJmqYTbNLlRnD2PFgdwrdx5/JbZ7G6RU1OT
CNfDAdGkuChyoh1dpRhWY234xMeOBLL/yPA6slcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSe4C8ohTVRflZXwCIoTYB4OgZu8TAfBgNVHSMEGDAWgBQgunHkbHWRa45d
4ZPMf4EGnfhvczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lMcHg1R3gxa1d1T1hlR1R6SC1CQnAzNGIzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvZDA2NDJjLTg0ZTYtNDI5MC1hZmIxLTQ4NDUwMGJjZmIwNy8x
L251QXZLSVUxVVg1V1Y4QWlLRTJBZURvR2J2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ZDA2NDJjLTg0ZTYtNDI5MC1hZmIxLTQ4NDUwMGJjZmIwNy8xL0lMcHg1R3gxa1d1
T1hlR1R6SC1CQnAzNGIzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmVXAMEA9QPWDANBAIAAjAHAwUD
Kgd6gDANBgkqhkiG9w0BAQsFAAOCAQEATwA1VRGOwVuqt/UjtVCdnE3W0y1nvdvW
hfI/1R7CQBTmpC5O2OsPWpl1/tPpCAZVkcbpyI0/lUzTjPAQ4tPE8kuvHCsXUWUI
5xk7vrFo0ZdjKY/KuRf2YSsxGYVw4dhgu+I49n3pSJt/BbYm7OTfmxv7dAP4kXys
IlhPK7Noa48oxWUb6BRyhwANg/NL7JCs45JNwZQinl7iMuki8ZePfPmt25t5XZzW
qs7ADSGx7qrYHREaL3f5ityfdoAs4wGcr5mAMUcdEL3QmLkngqumIV/iGwV0x8b2
OzSYbj00U9YBJZmjHn49SmoGiCLsKz2KfAHg2ImYez1GN4FzGGfGrQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:18 2023 by rpki-client on console-ams.rpki-client.org