Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/nxwAW6WOLNub5F1MhzPRRRaf7Jo.roa
File: nxwAW6WOLNub5F1MhzPRRRaf7Jo.roa (raw, json)
Hash identifier: 3yHk/eQJIhDB54fuoh/cLweoUh1v7XtqKwDpKTpCIOI=
Subject key identifier: 9F:1C:00:5B:A5:8E:2C:DB:9B:E4:5D:4C:87:33:D1:45:16:9F:EC:9A
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 0185640BEE6B42AE64823BF48D50D5C17FDD
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/nxwAW6WOLNub5F1MhzPRRRaf7Jo.roa
Signing time: Fri 30 Dec 2022 17:19:41 +0000
ROA not before: Fri 30 Dec 2022 17:19:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61333
IP address blocks: 94.228.108.0/24 maxlen: 24
94.228.107.0/24 maxlen: 24
94.228.110.0/24 maxlen: 24
94.228.96.0/24 maxlen: 24
94.228.96.0/20 maxlen: 24
94.228.98.0/24 maxlen: 24
94.228.100.0/24 maxlen: 24
94.228.104.0/24 maxlen: 24
94.228.105.0/24 maxlen: 24
149.126.64.0/24 maxlen: 24
149.126.64.0/21 maxlen: 24
149.126.65.0/24 maxlen: 24
149.126.67.0/24 maxlen: 24
149.126.66.0/24 maxlen: 24
149.126.70.0/24 maxlen: 24
194.169.198.0/24 maxlen: 24
185.251.52.0/24 maxlen: 24
185.251.54.0/24 maxlen: 24
185.251.53.0/24 maxlen: 24
193.200.249.0/24 maxlen: 24
2a00:e30:ed00::/41 maxlen: 48
2a00:e30:a00::/40 maxlen: 48
2a00:e30:2100::/41 maxlen: 41
2a00:e30:3000::/41 maxlen: 41
2a00:e30:6900::/41 maxlen: 41
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:64:0b:ee:6b:42:ae:64:82:3b:f4:8d:50:d5:c1:7f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Dec 30 17:19:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f1c005ba58e2cdb9be45d4c8733d145169fec9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cc:8f:2d:ad:7c:09:e5:92:2b:26:e7:41:71:
09:81:51:56:f5:98:18:1f:9c:ac:7e:14:dd:43:31:
df:1e:72:11:3e:47:ac:2d:cb:af:3b:df:db:d0:c2:
4a:b9:01:f6:8e:be:53:6e:94:72:a0:76:14:94:a8:
6b:d7:44:08:ef:b0:c7:a5:51:30:7b:95:56:81:08:
0c:31:f3:00:8e:a6:e1:1d:43:56:7e:ae:b0:26:55:
70:08:c8:40:86:4c:81:a4:25:a4:46:3e:8e:13:5f:
37:c6:e4:b4:ac:73:fe:28:cc:0e:d5:00:9a:fc:78:
5b:d5:34:78:da:97:2b:60:d8:29:f9:d1:ad:de:9f:
7d:b0:31:2f:a0:45:4d:e3:39:56:2a:20:2e:5b:ac:
f1:0c:32:76:35:9d:31:50:4a:e3:31:6d:3e:a2:da:
72:81:58:36:2a:e8:f0:4c:07:67:03:c4:c2:a9:10:
b4:62:66:23:67:8a:c5:2f:85:df:d5:54:f6:ed:8a:
c4:d1:88:18:88:a8:d5:46:50:61:e8:12:27:e6:c6:
89:3b:ba:6f:e9:93:7a:07:c9:1a:83:9b:cc:2b:35:
a7:4c:29:3e:39:db:4c:53:8a:84:95:4f:39:39:4a:
23:0a:73:ca:80:0b:d7:05:4e:c5:ec:e7:91:a8:06:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1C:00:5B:A5:8E:2C:DB:9B:E4:5D:4C:87:33:D1:45:16:9F:EC:9A
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/nxwAW6WOLNub5F1MhzPRRRaf7Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.96.0/20
149.126.64.0/21
185.251.52.0-185.251.54.255
193.200.249.0/24
194.169.198.0/24
IPv6:
2a00:e30:a00::/40
2a00:e30:2100::/41
2a00:e30:3000::/41
2a00:e30:6900::/41
2a00:e30:ed00::/41
Signature Algorithm: sha256WithRSAEncryption
85:6a:ca:08:48:e1:9d:c2:2a:55:8d:a8:bb:a2:b5:6e:28:a8:
c3:65:73:94:cd:72:87:5c:cd:30:e7:44:cf:38:0e:17:0a:77:
51:dd:63:42:d5:3a:ea:1e:86:dc:59:d4:d5:fa:06:c4:83:a9:
77:3a:4b:12:53:5b:de:55:c1:f5:59:c2:51:ac:ba:d9:ab:46:
93:e9:98:14:e3:86:41:c6:24:77:9b:97:d0:b0:1a:89:c9:ce:
52:6a:32:1d:6d:0d:ed:f7:20:38:0e:62:ca:fa:13:d2:93:a3:
5a:44:0b:ce:a7:79:61:03:e9:20:63:65:9f:b5:e2:9f:22:4b:
ec:26:89:ec:64:25:7d:a8:b7:fe:ec:a4:b1:ca:11:2d:fc:37:
1b:7e:94:67:b4:a3:1f:ac:e8:f5:8f:f0:5f:3a:6a:98:24:79:
bf:2e:54:82:02:73:ab:87:a5:a5:8e:13:07:20:46:ea:ba:4c:
47:05:14:aa:c1:b8:68:4a:ef:ed:56:38:c3:2e:25:54:99:2e:
26:d1:5e:15:9d:87:6e:a2:35:19:ce:4c:ff:68:96:cb:65:b9:
6d:bd:8b:18:eb:6a:dc:81:13:c5:52:dd:4d:75:fe:cb:57:9d:
44:dd:3a:d7:d1:21:94:ee:59:f0:5d:5a:73:03:86:6c:eb:d3:
c5:d4:cf:82
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVkC+5rQq5kgjv0jVDVwX/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjIxMjMwMTcxOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFjMDA1YmE1OGUyY2RiOWJlNDVkNGM4NzMzZDE0NTE2OWZlYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMyPLa18CeWSKybnQXEJgVFW9ZgY
H5ysfhTdQzHfHnIRPkesLcuvO9/b0MJKuQH2jr5TbpRyoHYUlKhr10QI77DHpVEw
e5VWgQgMMfMAjqbhHUNWfq6wJlVwCMhAhkyBpCWkRj6OE183xuS0rHP+KMwO1QCa
/Hhb1TR42pcrYNgp+dGt3p99sDEvoEVN4zlWKiAuW6zxDDJ2NZ0xUErjMW0+otpy
gVg2KujwTAdnA8TCqRC0YmYjZ4rFL4Xf1VT27YrE0YgYiKjVRlBh6BIn5saJO7pv
6ZN6B8kag5vMKzWnTCk+OdtMU4qElU85OUojCnPKgAvXBU7F7OeRqAaCOwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFJ8cAFuljizbm+RdTIcz0UUWn+yaMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvbnh3QVc2V09MTnViNUYxTWh6UFJSUmFmN0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjAsBAIAATAmAwQEXuRgAwQD
lX5AMAwDBAK5+zQDBAC5+zYDBADByPkDBADCqcYwMgQCAAIwLAMGACoADjAKAwcH
KgAOMCEAAwcHKgAOMDAAAwcHKgAOMGkAAwcHKgAOMO0AMA0GCSqGSIb3DQEBCwUA
A4IBAQCFasoISOGdwipVjai7orVuKKjDZXOUzXKHXM0w50TPOA4XCndR3WNC1Trq
HobcWdTV+gbEg6l3OksSU1veVcH1WcJRrLrZq0aT6ZgU44ZBxiR3m5fQsBqJyc5S
ajIdbQ3t9yA4DmLK+hPSk6NaRAvOp3lhA+kgY2WfteKfIkvsJonsZCV9qLf+7KSx
yhEt/DcbfpRntKMfrOj1j/BfOmqYJHm/LlSCAnOrh6WljhMHIEbqukxHBRSqwbho
Su/tVjjDLiVUmS4m0V4VnYduojUZzkz/aJbLZbltvYsY62rcgRPFUt1Ndf7LV51E
3TrX0SGU7lnwXVpzA4Zs69PF1M+C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:01 2024 by rpki-client on console-ams.rpki-client.org