Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/NwE4HEO7UQiH5g4H4sGuF7fDEnc.roa
File: NwE4HEO7UQiH5g4H4sGuF7fDEnc.roa (raw, json)
Hash identifier: RAbLoqcs1CJhO2/4YumolZLcwsa1dQjypCIihzmrFxs=
Subject key identifier: 37:01:38:1C:43:BB:51:08:87:E6:0E:07:E2:C1:AE:17:B7:C3:12:77
Certificate issuer: /CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Certificate serial: 3711A39C
Authority key identifier: E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/NwE4HEO7UQiH5g4H4sGuF7fDEnc.roa
Signing time: Sat 01 Jan 2022 07:58:51 +0000
ROA not before: Sat 01 Jan 2022 07:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51420
IP address blocks: 109.164.64.0/19 maxlen: 24
109.164.96.0/23 maxlen: 23
2a03:3a06::/31 maxlen: 32
2a03:3a05::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923902876 (0x3711a39c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0b9c65dc95053e437e32c99acf3bdc5e95cb1ee
Validity
Not Before: Jan 1 07:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3701381c43bb510887e60e07e2c1ae17b7c31277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2f:67:ad:63:52:32:ac:54:e9:a7:9a:f7:af:
93:a7:cc:9a:b4:e9:86:ed:86:65:5c:2a:41:b2:2d:
ed:dd:94:00:d6:db:1b:7b:d8:e7:6a:5a:69:cf:8a:
30:86:d2:86:39:96:bf:cc:1b:46:dd:4f:73:fc:3a:
e0:15:f1:3f:ce:f4:70:14:2d:79:71:3d:df:38:57:
a0:1e:24:70:3c:d5:a1:1a:2a:60:74:a7:bc:1d:99:
23:09:e3:7c:14:6f:c2:b1:bc:72:64:8d:9e:32:32:
68:eb:a4:28:39:73:73:e8:1a:fe:db:3e:54:5c:45:
fc:4b:3a:7a:6f:e5:a9:bb:aa:13:00:4e:11:0b:f4:
db:53:71:28:bf:91:1d:c6:d3:79:84:08:94:38:80:
49:43:73:36:15:9b:a4:ee:9b:64:cf:20:07:21:13:
a5:5e:6c:d7:24:4d:ca:3c:6b:5b:c4:5f:b3:12:03:
22:c5:09:e4:7e:c5:a0:a5:71:ae:31:bb:62:66:8f:
8b:b4:68:6f:c1:cb:9b:73:54:4d:83:37:1b:20:05:
3d:71:02:b7:60:ac:61:5e:c3:f9:12:6c:d4:a8:20:
28:4b:d5:27:cf:e7:2c:34:02:43:6e:34:bf:59:95:
71:e8:f7:21:3b:22:d5:c1:03:91:f1:b3:7c:52:28:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:01:38:1C:43:BB:51:08:87:E6:0E:07:E2:C1:AE:17:B7:C3:12:77
X509v3 Authority Key Identifier:
keyid:E0:B9:C6:5D:C9:50:53:E4:37:E3:2C:99:AC:F3:BD:C5:E9:5C:B1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LnGXclQU-Q34yyZrPO9xelcse4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/NwE4HEO7UQiH5g4H4sGuF7fDEnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/d019bb-8768-4478-a39a-b94f7654a8c7/1/4LnGXclQU-Q34yyZrPO9xelcse4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.164.64.0-109.164.97.255
IPv6:
2a03:3a05::-2a03:3a07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:3f:9f:36:b8:a4:6b:6d:cb:25:e6:0a:95:57:bc:1a:eb:22:
7c:46:ee:ba:16:ce:53:b1:17:d8:e9:52:75:3f:e9:db:f4:10:
de:57:6b:c5:fa:bf:07:29:37:d4:ca:ee:49:88:6f:1f:08:a5:
47:2a:88:75:e4:66:0a:44:89:80:6f:77:2c:69:ac:64:80:16:
c6:a1:73:6c:a0:0f:c0:d2:90:33:e2:5c:44:0e:27:27:15:6c:
ed:d3:18:a6:43:53:c8:95:f3:85:48:6c:a7:e8:cc:fe:c3:41:
0b:49:58:8a:40:a0:b9:ed:2c:f8:b8:87:cc:0c:4d:8d:f4:90:
f7:1e:57:f8:07:20:c2:4e:34:2e:fd:da:43:0c:5d:93:3f:bc:
1a:bd:e7:49:32:91:ab:45:35:58:21:50:f3:67:41:dd:f7:05:
0b:71:fa:c6:f5:4f:bd:bc:8d:01:2b:ca:1e:4b:d4:0a:36:8b:
d2:2f:6e:fd:16:03:a7:06:38:b6:80:cd:de:c9:55:1a:a1:3c:
b9:e3:68:d4:4b:32:b2:50:87:81:85:dc:94:0c:1b:53:02:a5:
34:d2:26:45:7c:14:13:d5:8a:da:89:16:73:5b:a7:77:9d:3b:
5c:f8:67:ef:10:60:0d:b2:0c:fb:ed:2e:05:27:b3:65:77:96:
5d:b9:93:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIENxGjnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MGI5YzY1ZGM5NTA1M2U0MzdlMzJjOTlhY2YzYmRjNWU5NWNiMWVlMB4XDTIyMDEw
MTA3NTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzcwMTM4MWM0M2Ji
NTEwODg3ZTYwZTA3ZTJjMWFlMTdiN2MzMTI3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkvZ61jUjKsVOmnmvevk6fMmrTphu2GZVwqQbIt7d2UANbb
G3vY52paac+KMIbShjmWv8wbRt1Pc/w64BXxP870cBQteXE93zhXoB4kcDzVoRoq
YHSnvB2ZIwnjfBRvwrG8cmSNnjIyaOukKDlzc+ga/ts+VFxF/Es6em/lqbuqEwBO
EQv021NxKL+RHcbTeYQIlDiASUNzNhWbpO6bZM8gByETpV5s1yRNyjxrW8RfsxID
IsUJ5H7FoKVxrjG7YmaPi7Rob8HLm3NUTYM3GyAFPXECt2CsYV7D+RJs1KggKEvV
J8/nLDQCQ240v1mVcej3ITsi1cEDkfGzfFIo6hUCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQ3ATgcQ7tRCIfmDgfiwa4Xt8MSdzAfBgNVHSMEGDAWgBTgucZdyVBT5Dfj
LJms873F6Vyx7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRMbkdYY2xRVS1RMzR5eVpyUE85eGVsY3NlNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvZDAxOWJiLTg3NjgtNDQ3OC1hMzlhLWI5NGY3NjU0YThjNy8x
L053RTRIRU83VVFpSDVnNEg0c0d1RjdmREVuYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ZDAxOWJiLTg3NjgtNDQ3OC1hMzlhLWI5NGY3NjU0YThjNy8xLzRMbkdYY2xRVS1R
MzR5eVpyUE85eGVsY3NlNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wFAQCAAEwDjAMAwQGbaRAAwQBbaRgMBYEAgACMBAw
DgMFACoDOgUDBQMqAzoAMA0GCSqGSIb3DQEBCwUAA4IBAQBpP582uKRrbcsl5gqV
V7wa6yJ8Ru66Fs5TsRfY6VJ1P+nb9BDeV2vF+r8HKTfUyu5JiG8fCKVHKoh15GYK
RImAb3csaaxkgBbGoXNsoA/A0pAz4lxEDicnFWzt0ximQ1PIlfOFSGyn6Mz+w0EL
SViKQKC57Sz4uIfMDE2N9JD3Hlf4ByDCTjQu/dpDDF2TP7wavedJMpGrRTVYIVDz
Z0Hd9wULcfrG9U+9vI0BK8oeS9QKNovSL279FgOnBji2gM3eyVUaoTy542jUSzKy
UIeBhdyUDBtTAqU00iZFfBQT1YraiRZzW6d3nTtc+GfvEGANsgz77S4FJ7Nld5Zd
uZMY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:50 2023 by rpki-client on console-fra.rpki-client.org