Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/NkhxuKuLTA8j--Wl9tRzTZqhREk.roa
File: NkhxuKuLTA8j--Wl9tRzTZqhREk.roa (raw, json)
Hash identifier: VaxcuvAL6e/qL/yKYrGvQ0/pdwkmeyk7cSCvl/ppuAk=
Subject key identifier: 36:48:71:B8:AB:8B:4C:0F:23:FB:E5:A5:F6:D4:73:4D:9A:A1:44:49
Certificate issuer: /CN=51f866f32b47c69d478ad95354e257e51a236a57
Certificate serial: 450E5ED3
Authority key identifier: 51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/NkhxuKuLTA8j--Wl9tRzTZqhREk.roa
Signing time: Sat 12 Feb 2022 10:00:37 +0000
ROA not before: Sat 12 Feb 2022 10:00:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197530
IP address blocks: 158.255.92.0/23 maxlen: 24
193.138.118.0/24 maxlen: 24
46.21.208.0/20 maxlen: 20
94.232.152.0/21 maxlen: 21
158.255.88.0/21 maxlen: 24
2a02:2928::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1158569683 (0x450e5ed3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f866f32b47c69d478ad95354e257e51a236a57
Validity
Not Before: Feb 12 10:00:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=364871b8ab8b4c0f23fbe5a5f6d4734d9aa14449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:88:39:76:a5:de:51:9a:e8:0d:c1:9e:b7:
02:72:68:0c:c8:37:8e:18:73:77:31:1e:04:5b:f6:
c1:4a:76:99:15:4c:ba:60:d1:89:fc:21:a7:7b:fb:
d3:1e:31:ad:48:68:9e:fc:cd:ed:a8:8d:9b:e2:99:
34:33:07:e2:64:56:a2:1d:89:61:c9:a9:9f:ea:bd:
5f:33:e8:72:83:98:36:06:af:bc:b2:53:a1:33:f6:
68:98:2d:e5:2e:ea:7b:19:7d:dd:3f:0a:e7:f5:e3:
58:8a:a1:fc:ec:ce:1d:32:12:29:9c:17:32:bc:07:
6d:d7:de:96:56:cf:06:bd:c1:ca:05:48:03:56:31:
b5:e0:22:7d:99:36:1e:46:1d:fa:68:3c:4a:6c:02:
10:02:32:f1:37:41:ab:01:0f:82:ed:26:00:88:e4:
d0:36:6c:b4:bf:53:ed:3d:cd:16:1f:f7:c5:c5:e0:
3c:4d:3b:96:eb:96:e1:6a:5a:29:70:89:89:16:97:
80:24:1b:1b:61:03:5d:b6:b7:48:9d:00:47:ac:68:
c2:64:19:ce:57:e2:7d:e3:0e:4d:dc:1b:2b:85:8d:
93:c1:93:ea:e1:16:d4:72:77:36:f4:bb:2c:a6:a9:
c7:64:00:51:de:76:14:8e:04:3f:a3:9b:2e:94:af:
1f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:48:71:B8:AB:8B:4C:0F:23:FB:E5:A5:F6:D4:73:4D:9A:A1:44:49
X509v3 Authority Key Identifier:
keyid:51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/NkhxuKuLTA8j--Wl9tRzTZqhREk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Ufhm8ytHxp1HitlTVOJX5Rojalc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.208.0/20
94.232.152.0/21
158.255.88.0/21
193.138.118.0/24
IPv6:
2a02:2928::/32
Signature Algorithm: sha256WithRSAEncryption
07:fb:b3:27:7e:74:34:3f:1b:13:d1:74:5b:80:4f:ce:7e:a5:
8b:e5:81:2b:50:cd:df:97:5d:a7:85:26:13:65:ee:35:c0:e2:
a4:4b:c7:53:ce:64:74:3c:31:09:e7:46:30:4b:a4:ff:d9:63:
43:89:9b:e6:d4:a2:c3:a2:e7:a8:1e:fb:ad:84:0e:7a:0d:6e:
19:f1:20:93:6a:2b:ef:f8:e7:03:af:5a:45:30:6c:23:25:a7:
7f:7d:a2:a9:dd:ee:fb:20:0c:d1:fc:86:2a:71:03:5c:a6:34:
d6:1d:3d:f5:73:4f:d4:84:58:9c:af:1b:75:0f:db:86:bb:11:
1d:20:b8:94:5a:0b:a4:aa:1b:c0:1c:31:7a:f5:d5:9e:3e:99:
f2:f5:45:83:5a:b5:5a:ad:5a:73:9c:33:49:e8:71:5b:f8:b7:
c5:80:55:35:12:52:22:6d:90:44:0a:0c:8f:3f:f2:67:ed:f0:
52:99:b8:26:69:d8:fc:fe:5f:48:83:c8:30:18:61:de:18:1c:
80:5c:93:f6:1a:5b:ed:2f:bb:30:84:64:2f:2a:9e:88:dc:9a:
8a:8a:b2:67:97:1f:00:8b:a8:f1:55:bc:4c:ec:bc:0e:c7:23:
46:68:2e:b8:5c:f0:da:b6:78:f7:0b:3b:ac:39:7e:19:74:87:
0b:43:01:fb
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIERQ5e0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWY4NjZmMzJiNDdjNjlkNDc4YWQ5NTM1NGUyNTdlNTFhMjM2YTU3MB4XDTIyMDIx
MjEwMDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY0ODcxYjhhYjhi
NGMwZjIzZmJlNWE1ZjZkNDczNGQ5YWExNDQ0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZAiDl2pd5RmugNwZ63AnJoDMg3jhhzdzEeBFv2wUp2mRVM
umDRifwhp3v70x4xrUhonvzN7aiNm+KZNDMH4mRWoh2JYcmpn+q9XzPocoOYNgav
vLJToTP2aJgt5S7qexl93T8K5/XjWIqh/OzOHTISKZwXMrwHbdfellbPBr3BygVI
A1YxteAifZk2HkYd+mg8SmwCEAIy8TdBqwEPgu0mAIjk0DZstL9T7T3NFh/3xcXg
PE07luuW4WpaKXCJiRaXgCQbG2EDXba3SJ0AR6xowmQZzlfifeMOTdwbK4WNk8GT
6uEW1HJ3NvS7LKapx2QAUd52FI4EP6ObLpSvH7UCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQ2SHG4q4tMDyP75aX21HNNmqFESTAfBgNVHSMEGDAWgBRR+GbzK0fGnUeK
2VNU4lflGiNqVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VmaG04eXRIeHAxSGl0bFRWT0pYNVJvamFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8x
L05raHh1S3VMVEE4ai0tV2w5dFJ6VFpxaFJFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8xL1VmaG04eXRIeHAx
SGl0bFRWT0pYNVJvamFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBC4V0AMEA17omAMEA57/WAMEAMGK
djANBAIAAjAHAwUAKgIpKDANBgkqhkiG9w0BAQsFAAOCAQEAB/uzJ350ND8bE9F0
W4BPzn6li+WBK1DN35ddp4UmE2XuNcDipEvHU85kdDwxCedGMEuk/9ljQ4mb5tSi
w6LnqB77rYQOeg1uGfEgk2or7/jnA69aRTBsIyWnf32iqd3u+yAM0fyGKnEDXKY0
1h099XNP1IRYnK8bdQ/bhrsRHSC4lFoLpKobwBwxevXVnj6Z8vVFg1q1Wq1ac5wz
SehxW/i3xYBVNRJSIm2QRAoMjz/yZ+3wUpm4JmnY/P5fSIPIMBhh3hgcgFyT9hpb
7S+7MIRkLyqeiNyaioqyZ5cfAIuo8VW8TOy8DscjRmguuFzw2rZ49ws7rDl+GXSH
C0MB+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:17 2024 by rpki-client on console-ams.rpki-client.org