Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa
File: NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa (raw, json)
Hash identifier: Ox6uh6vN68yVSJRXPxSKX69AZOC4qYJjVdL2VrdI70c=
Subject key identifier: 35:1A:C0:9E:A2:8D:FD:B3:75:63:2D:3F:80:69:00:18:F7:F0:1D:44
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 0184E3B9B16CEACF0CC57DEBF2CC0599824B
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa
Signing time: Mon 05 Dec 2022 19:18:28 +0000
ROA not before: Mon 05 Dec 2022 19:18:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 185.97.236.0/22 maxlen: 22
81.17.240.0/20 maxlen: 24
194.36.58.0/23 maxlen: 23
91.197.234.0/23 maxlen: 23
194.36.64.0/23 maxlen: 23
176.52.222.0/23 maxlen: 23
185.209.164.0/22 maxlen: 22
200.69.8.0/21 maxlen: 21
185.206.192.0/22 maxlen: 22
78.153.192.0/19 maxlen: 24
185.2.64.0/22 maxlen: 22
46.22.128.0/20 maxlen: 20
2a01:a8::/32 maxlen: 32
2a01:ac::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:b9:b1:6c:ea:cf:0c:c5:7d:eb:f2:cc:05:99:82:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Dec 5 19:18:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=351ac09ea28dfdb375632d3f80690018f7f01d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:26:25:fc:77:b9:23:01:60:6e:3e:c9:6b:
19:d9:d7:da:60:35:db:74:7e:04:80:ed:23:0b:00:
c7:9d:1b:4e:91:72:d3:d8:95:6a:e2:e8:71:e8:05:
74:17:40:76:78:9e:d7:81:ae:9c:e6:63:d7:97:b3:
94:97:b0:36:3e:d8:1f:e8:7e:a9:8f:1b:26:b0:91:
57:ad:d3:36:4c:c3:be:f9:79:e7:e5:3d:60:95:45:
7c:de:4e:d1:c3:67:3b:54:0d:d5:94:dd:1a:d7:81:
82:b3:00:29:f3:82:1e:14:84:65:cc:ca:8f:e9:3d:
45:c0:53:5f:54:41:ad:9e:4b:93:41:80:eb:1e:dc:
f7:ad:f3:e2:0c:64:2a:cd:e7:24:c9:bb:8e:55:b1:
c5:b6:e2:72:e3:89:e6:e3:2d:3d:f3:0c:3c:30:6e:
16:3c:8e:37:cc:73:60:04:76:81:55:74:0c:5e:48:
0a:dc:d2:bd:99:48:15:50:28:eb:bf:d1:6a:84:ab:
ee:84:5b:6a:03:7a:ad:dc:b5:9d:ff:33:9f:92:45:
3a:86:80:37:f1:0e:5a:83:b3:a9:bd:37:7a:5f:25:
f0:84:96:8d:ed:fb:c0:4d:c2:a9:36:cf:83:b1:7f:
9c:eb:cc:ed:d1:3b:f2:00:20:28:c0:85:46:5e:75:
b4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:C0:9E:A2:8D:FD:B3:75:63:2D:3F:80:69:00:18:F7:F0:1D:44
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/NRrAnqKN_bN1Yy0_gGkAGPfwHUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
91.197.234.0/23
176.52.222.0/23
185.2.64.0/22
185.97.236.0/22
185.206.192.0/22
185.209.164.0/22
194.36.58.0/23
194.36.64.0/23
200.69.8.0/21
IPv6:
2a01:a8::/32
2a01:ac::/32
Signature Algorithm: sha256WithRSAEncryption
62:0f:a7:ef:fb:6d:ad:06:c3:5b:f1:1a:5a:9c:9d:66:e1:3b:
37:b3:ee:29:10:8f:e6:48:70:40:26:7a:22:bc:f2:fa:48:ad:
9b:b8:2b:0a:1f:7d:97:ba:6b:3b:15:33:6a:de:d9:a7:03:b8:
a6:38:8d:24:2b:02:88:32:c3:65:13:b7:08:aa:8c:c9:d8:ba:
83:2b:75:ee:ae:4a:87:78:56:1c:a8:bf:e9:4e:e8:b5:0e:a7:
84:0c:2e:0d:69:c6:30:91:ff:86:10:69:f1:f7:b5:41:a0:68:
a5:83:ee:2e:8b:ed:0a:07:63:3a:60:31:1c:d4:06:b6:a5:23:
00:e5:4d:73:bf:1d:3f:3f:51:2a:69:3f:a5:3b:8a:55:6a:a4:
e6:29:b5:63:ca:6d:fa:71:02:96:e2:04:11:59:89:4c:c8:14:
5a:4c:ed:8c:fc:fa:e9:30:ac:8f:9c:e9:fa:a8:5c:b1:4e:62:
50:b1:36:8a:f3:42:33:52:50:d4:39:61:e5:32:2c:19:0e:0e:
bd:e8:b2:f9:c4:43:ef:c0:7e:2e:87:9a:e2:b1:88:05:bd:81:
54:e3:3d:8a:0a:59:7f:92:76:0a:7d:1a:c5:c3:d9:64:ea:26:
fa:1f:27:95:c8:36:8e:22:5f:ec:5c:67:20:83:a1:dc:c9:0a:
66:51:ee:c4
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYTjubFs6s8MxX3r8swFmYJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjIxMjA1MTkxODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFhYzA5ZWEyOGRmZGIzNzU2MzJkM2Y4MDY5MDAxOGY3ZjAxZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6omJfx3uSMBYG4+yWsZ2dfaYDXb
dH4EgO0jCwDHnRtOkXLT2JVq4uhx6AV0F0B2eJ7Xga6c5mPXl7OUl7A2Ptgf6H6p
jxsmsJFXrdM2TMO++Xnn5T1glUV83k7Rw2c7VA3VlN0a14GCswAp84IeFIRlzMqP
6T1FwFNfVEGtnkuTQYDrHtz3rfPiDGQqzeckybuOVbHFtuJy44nm4y098ww8MG4W
PI43zHNgBHaBVXQMXkgK3NK9mUgVUCjrv9FqhKvuhFtqA3qt3LWd/zOfkkU6hoA3
8Q5ag7OpvTd6XyXwhJaN7fvATcKpNs+DsX+c68zt0TvyACAowIVGXnW0swIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDUawJ6ijf2zdWMtP4BpABj38B1EMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvTlJyQW5xS05fYk4xWXkwX2dHa0FHUGZ3SFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQELhaAAwQF
TpnAAwQEURHwAwQBW8XqAwQBsDTeAwQCuQJAAwQCuWHsAwQCuc7AAwQCudGkAwQB
wiQ6AwQBwiRAAwQDyEUIMBQEAgACMA4DBQAqAQCoAwUAKgEArDANBgkqhkiG9w0B
AQsFAAOCAQEAYg+n7/ttrQbDW/EaWpydZuE7N7PuKRCP5khwQCZ6Irzy+kitm7gr
Ch99l7prOxUzat7ZpwO4pjiNJCsCiDLDZRO3CKqMydi6gyt17q5Kh3hWHKi/6U7o
tQ6nhAwuDWnGMJH/hhBp8fe1QaBopYPuLovtCgdjOmAxHNQGtqUjAOVNc78dPz9R
Kmk/pTuKVWqk5im1Y8pt+nECluIEEVmJTMgUWkztjPz66TCsj5zp+qhcsU5iULE2
ivNCM1JQ1Dlh5TIsGQ4Oveiy+cRD78B+Loea4rGIBb2BVOM9igpZf5J2Cn0axcPZ
ZOom+h8nlcg2jiJf7FxnIIOh3MkKZlHuxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org