Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Nh39lvXv6d-tNkoIIEzK_VmtpXA.roa
File: Nh39lvXv6d-tNkoIIEzK_VmtpXA.roa (raw, json)
Hash identifier: KWg7bQcWZDGnomvRKssNbv7s8RX0hvBgdmyV19rFN/I=
Subject key identifier: 36:1D:FD:96:F5:EF:E9:DF:AD:36:4A:08:20:4C:CA:FD:59:AD:A5:70
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0182C6630B25AA5168E43422ACD09E1F1025
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Nh39lvXv6d-tNkoIIEzK_VmtpXA.roa
Signing time: Mon 22 Aug 2022 16:29:15 +0000
ROA not before: Mon 22 Aug 2022 16:29:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:63:0b:25:aa:51:68:e4:34:22:ac:d0:9e:1f:10:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Aug 22 16:29:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=361dfd96f5efe9dfad364a08204ccafd59ada570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:83:5f:eb:1e:12:49:c7:14:33:5c:63:ba:41:
f3:d6:4b:0e:f9:28:a9:9f:53:cf:35:43:3b:83:ef:
99:9d:d0:ca:7b:63:6c:54:28:bf:4e:38:02:8d:38:
a7:f0:d4:0b:bf:ee:46:5e:a9:26:22:86:ae:ff:42:
81:8d:29:3f:e6:d4:05:16:18:84:46:a5:83:53:8c:
6e:6f:49:51:db:df:16:3e:94:80:4a:93:bd:bb:85:
d3:c7:b7:c6:e0:b8:e5:01:68:b0:4e:3c:6e:a6:db:
bb:ea:2b:aa:76:0c:23:f4:cc:a3:8f:8f:a1:77:08:
3c:ad:89:2b:10:25:37:a3:a6:ff:a0:6d:a8:18:64:
c4:cf:f2:05:8a:b8:e9:6c:70:d3:9b:49:f8:a1:e4:
64:25:a8:c3:97:89:5f:d5:18:e4:f5:f7:36:df:09:
1f:6d:49:fe:88:ac:23:9d:06:62:ce:6c:29:30:6d:
3d:a5:49:b5:12:09:de:37:c2:1c:47:e9:23:5f:9a:
13:b8:f7:e6:16:b6:c3:ee:51:d1:86:8b:0a:f9:78:
ea:ec:2f:14:41:12:76:73:7f:85:d5:44:e3:7f:9b:
79:27:29:cc:7b:95:58:55:fb:bb:bf:a7:fb:d9:96:
39:4d:73:c5:4a:4d:dc:f7:3e:d7:eb:9e:21:0b:94:
42:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1D:FD:96:F5:EF:E9:DF:AD:36:4A:08:20:4C:CA:FD:59:AD:A5:70
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Nh39lvXv6d-tNkoIIEzK_VmtpXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.192.0/22
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0/23
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:206:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
51:8e:c6:77:15:c7:82:d7:05:f4:f3:87:3f:97:64:0b:8b:fc:
88:de:9b:48:8c:bd:99:5c:1e:fb:54:0f:75:8b:ab:44:17:38:
1e:70:30:08:7b:d8:52:90:b6:b4:7c:af:3c:d2:f6:50:fd:3b:
73:88:9d:86:bd:19:73:1c:e0:91:f6:d3:6c:a8:bb:1b:dc:23:
49:f4:18:a1:af:39:57:5e:17:d6:b0:4e:5b:67:c2:38:43:43:
fd:03:57:30:2c:bf:92:69:f0:84:61:cb:be:51:1a:53:2b:a4:
8e:24:9c:cb:67:6c:32:be:c8:28:a6:11:21:1e:00:d5:c2:18:
d5:58:23:fa:80:70:d4:f4:f5:7c:ce:b5:60:d6:ae:14:d5:54:
fb:c4:43:21:72:41:42:fb:df:da:1a:62:5e:7e:f0:33:52:50:
54:52:6c:37:df:2b:5b:7a:2b:44:f5:d0:88:90:d1:21:f6:f7:
ab:35:49:17:59:ac:0d:91:f5:9a:9d:7a:0a:92:87:bf:b6:0b:
29:cd:03:e0:f3:2c:08:08:a0:e1:a2:74:9f:e6:e4:a2:3f:3e:
93:9b:df:4e:8c:aa:3f:4b:7e:5b:11:da:70:d0:49:01:24:43:
ba:95:db:09:7a:6d:10:a9:61:e3:0d:3b:a3:f5:e9:cf:a1:1d:
fc:dd:6b:d2
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYLGYwslqlFo5DQirNCeHxAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjIwODIyMTYyOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFkZmQ5NmY1ZWZlOWRmYWQzNjRhMDgyMDRjY2FmZDU5YWRhNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhINf6x4SSccUM1xjukHz1ksO+Sip
n1PPNUM7g++ZndDKe2NsVCi/TjgCjTin8NQLv+5GXqkmIoau/0KBjSk/5tQFFhiE
RqWDU4xub0lR298WPpSASpO9u4XTx7fG4LjlAWiwTjxuptu76iuqdgwj9Myjj4+h
dwg8rYkrECU3o6b/oG2oGGTEz/IFirjpbHDTm0n4oeRkJajDl4lf1Rjk9fc23wkf
bUn+iKwjnQZizmwpMG09pUm1EgneN8IcR+kjX5oTuPfmFrbD7lHRhosK+Xjq7C8U
QRJ2c3+F1UTjf5t5JynMe5VYVfu7v6f72ZY5TXPFSk3c9z7X654hC5RClQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFDYd/Zb17+nfrTZKCCBMyv1ZraVwMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvTmgzOWx2WHY2ZC10TmtvSUlFektfVm10cFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTBQBAIAATBKAwQCAhHA
AwQAAhWvAwQBXHq4AwQAXHrPAwQBXb+oAwQAXb+sAwQAX2SdAwQAX2S0AwQCX2TU
AwQAX2T9MAwDBABfZXUDBABfZXYwQQQCAAIwOzASAwcAKgIjcAABAwcAKgIjcAAG
MBIDBwAqAiNwAQEDBwAqAiNwAQYwEQMGASoCI3ACAwcAKgIjcAIGMA0GCSqGSIb3
DQEBCwUAA4IBAQBRjsZ3FceC1wX084c/l2QLi/yI3ptIjL2ZXB77VA91i6tEFzge
cDAIe9hSkLa0fK880vZQ/TtziJ2GvRlzHOCR9tNsqLsb3CNJ9BihrzlXXhfWsE5b
Z8I4Q0P9A1cwLL+SafCEYcu+URpTK6SOJJzLZ2wyvsgophEhHgDVwhjVWCP6gHDU
9PV8zrVg1q4U1VT7xEMhckFC+9/aGmJefvAzUlBUUmw33ytbeitE9dCIkNEh9ver
NUkXWawNkfWanXoKkoe/tgspzQPg8ywICKDhonSf5uSiPz6Tm99OjKo/S35bEdpw
0EkBJEO6ldsJem0QqWHjDTuj9enPoR383WvS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:23 2023 by rpki-client on console-ams.rpki-client.org