Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nsEqhprjwjZkxisqJ17mZ29cwQQ.roa
File: nsEqhprjwjZkxisqJ17mZ29cwQQ.roa (raw, json)
Hash identifier: e6J0rY6FG2/FhvmJac+SVLK6OwXpd/7ep7AJsWLSOHA=
Subject key identifier: 9E:C1:2A:86:9A:E3:C2:36:64:C6:2B:2A:27:5E:E6:67:6F:5C:C1:04
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 4477D699
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nsEqhprjwjZkxisqJ17mZ29cwQQ.roa
Signing time: Sat 01 Jan 2022 03:58:24 +0000
ROA not before: Sat 01 Jan 2022 03:58:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16028
IP address blocks: 193.251.162.0/23 maxlen: 24
193.251.160.0/24 maxlen: 24
81.52.208.0/21 maxlen: 24
2a01:cde0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148704409 (0x4477d699)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ec12a869ae3c23664c62b2a275ee6676f5cc104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:bb:fd:89:3e:ad:ac:6e:13:2c:2f:89:4a:
db:65:bb:52:55:a8:9e:49:fb:87:50:84:9f:b0:e8:
b6:3f:ed:5e:ad:73:ef:3d:8a:8d:21:f6:b2:b1:19:
0d:fe:14:21:0d:a9:a3:e2:67:01:a0:fd:20:41:6f:
0a:8f:aa:fc:7a:55:e5:4c:1a:c1:e7:40:c0:c6:1a:
0b:88:e5:a3:3c:71:eb:07:07:19:c3:44:50:1b:90:
f0:07:a1:d4:92:2c:ca:9e:6c:14:e5:7e:a9:cd:f8:
fa:50:13:29:a5:bf:44:79:38:b0:f9:85:45:fc:8c:
45:48:47:12:30:83:77:67:80:55:bd:22:0f:af:df:
3f:f2:78:b8:c1:b9:7d:89:d8:f9:b2:d8:69:59:a6:
43:75:99:87:55:a8:86:c7:92:fe:ce:9b:d6:59:4b:
26:2f:77:ab:49:d5:e6:95:e8:99:c3:c5:f1:4b:67:
39:44:09:81:65:71:34:ba:5d:e6:1d:67:68:3d:41:
07:03:be:c4:39:c1:e2:ed:26:58:71:bf:58:59:2e:
33:55:af:c1:ff:02:33:8f:fa:80:0b:78:fa:6b:ea:
1e:31:35:a4:2b:9d:bc:dd:09:ec:80:c2:ec:04:5b:
fc:ea:f3:19:c4:b4:01:a4:19:d7:c6:8d:27:7a:48:
4a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C1:2A:86:9A:E3:C2:36:64:C6:2B:2A:27:5E:E6:67:6F:5C:C1:04
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/nsEqhprjwjZkxisqJ17mZ29cwQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.52.208.0/21
193.251.160.0/24
193.251.162.0/23
IPv6:
2a01:cde0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:f7:3d:99:48:9f:d0:a0:59:71:20:a6:2d:e2:1d:e3:8a:48:
18:c5:2d:07:2d:82:eb:f4:88:64:e2:73:30:14:92:0e:d3:2e:
9e:8e:f4:f4:c7:01:64:70:be:98:c7:38:60:b5:7c:af:6d:29:
0b:25:1b:c1:f5:c8:17:e3:99:89:5b:03:ef:cc:a8:ca:5e:6f:
c8:a5:84:83:f4:6d:a6:a5:ff:7e:31:d6:14:dd:de:35:ac:29:
07:fa:78:09:05:61:a1:96:bf:de:b3:8c:b0:4e:0e:31:64:1c:
e7:07:5d:76:14:98:43:80:0b:bb:c5:60:49:40:69:e0:7b:39:
f1:15:ba:15:77:40:2d:0f:44:d4:e6:6f:2c:ea:e6:f5:b3:24:
97:57:34:87:dc:c9:48:f5:94:6e:30:df:a2:da:70:5f:0f:dd:
b3:d0:dc:d7:f7:88:55:97:8d:ee:5f:bb:ac:01:a6:49:bf:c9:
03:9c:89:1a:c7:e7:06:9d:e2:28:d0:16:74:2f:a3:42:6a:ad:
13:54:f9:ac:54:56:51:46:36:31:bd:84:71:79:36:9b:a5:10:
cb:58:78:2e:43:47:8c:7f:f1:20:0b:3c:66:92:f7:aa:97:a9:
5f:71:e6:4d:69:7a:d6:cd:59:55:d2:ce:43:62:15:4f:40:6c:
30:1f:e5:e2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIERHfWmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVjMTJhODY5YWUz
YzIzNjY0YzYyYjJhMjc1ZWU2Njc2ZjVjYzEwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxBu/2JPq2sbhMsL4lK22W7UlWonkn7h1CEn7Dotj/tXq1z
7z2KjSH2srEZDf4UIQ2po+JnAaD9IEFvCo+q/HpV5UwawedAwMYaC4jlozxx6wcH
GcNEUBuQ8Aeh1JIsyp5sFOV+qc34+lATKaW/RHk4sPmFRfyMRUhHEjCDd2eAVb0i
D6/fP/J4uMG5fYnY+bLYaVmmQ3WZh1WohseS/s6b1llLJi93q0nV5pXomcPF8Utn
OUQJgWVxNLpd5h1naD1BBwO+xDnB4u0mWHG/WFkuM1Wvwf8CM4/6gAt4+mvqHjE1
pCudvN0J7IDC7ARb/OrzGcS0AaQZ18aNJ3pISoECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSewSqGmuPCNmTGKyonXuZnb1zBBDAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L25zRXFocHJqd2paa3hpc3FKMTdtWjI5Y3dRUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1E00AMEAMH7oAMEAcH7ojANBAIA
AjAHAwUAKgHN4DANBgkqhkiG9w0BAQsFAAOCAQEAHvc9mUif0KBZcSCmLeId44pI
GMUtBy2C6/SIZOJzMBSSDtMuno709McBZHC+mMc4YLV8r20pCyUbwfXIF+OZiVsD
78yoyl5vyKWEg/RtpqX/fjHWFN3eNawpB/p4CQVhoZa/3rOMsE4OMWQc5wdddhSY
Q4ALu8VgSUBp4Hs58RW6FXdALQ9E1OZvLOrm9bMkl1c0h9zJSPWUbjDfotpwXw/d
s9Dc1/eIVZeN7l+7rAGmSb/JA5yJGsfnBp3iKNAWdC+jQmqtE1T5rFRWUUY2Mb2E
cXk2m6UQy1h4LkNHjH/xIAs8ZpL3qpepX3HmTWl61s1ZVdLOQ2IVT0BsMB/l4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org