Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/nZAY14jNbgONsAKCwdx9YqygBSU.roa
File: nZAY14jNbgONsAKCwdx9YqygBSU.roa (raw, json)
Hash identifier: zIE11VUptToAzR7y/Bh/FFYIyYa7GJ1apwltGDbxrtY=
Subject key identifier: 9D:90:18:D7:88:CD:6E:03:8D:B0:02:82:C1:DC:7D:62:AC:A0:05:25
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0E489E91
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/nZAY14jNbgONsAKCwdx9YqygBSU.roa
Signing time: Wed 04 May 2022 09:39:04 +0000
ROA not before: Wed 04 May 2022 09:39:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48519
IP address blocks: 195.253.66.0/24 maxlen: 24
195.253.65.0/24 maxlen: 24
195.253.84.0/22 maxlen: 22
195.253.88.0/23 maxlen: 23
195.253.96.0/19 maxlen: 24
185.119.136.0/22 maxlen: 24
195.253.48.0/22 maxlen: 22
195.253.52.0/23 maxlen: 23
2a01:5b0:8::/46 maxlen: 48
2a01:5b0:2::/48 maxlen: 48
2a01:5b0:5::/48 maxlen: 48
2a01:5b0:20::/43 maxlen: 48
2a01:5b0:10::/47 maxlen: 47
2a01:5b0:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239640209 (0xe489e91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: May 4 09:39:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d9018d788cd6e038db00282c1dc7d62aca00525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:07:fc:00:49:96:08:15:cc:f3:ad:2b:ed:bb:
6c:58:d0:0d:d5:f7:aa:60:a9:f1:52:98:3f:8e:74:
19:d0:c6:5e:f2:f1:0d:7b:69:28:86:50:87:c5:04:
41:fb:09:b8:66:a4:e0:41:82:6e:ec:d2:2d:e9:d4:
da:2f:53:4d:cb:1d:bb:9e:d1:09:38:0c:48:7a:1b:
a9:f1:85:94:d5:42:a7:4d:4c:5c:2b:0a:e3:99:d8:
4a:1b:d5:6c:a1:a0:6e:19:46:94:66:e8:e5:c7:65:
9d:46:ee:0e:a7:a8:1c:5e:47:d6:ef:e1:9a:2e:4f:
e7:0d:a8:f5:61:d9:6f:63:62:00:be:60:90:1c:02:
3a:66:2e:21:6e:fd:4e:76:41:9b:d1:0c:2a:d6:ad:
e8:51:14:6e:7e:3c:b5:6d:e1:70:ce:f5:38:3f:33:
03:1d:3b:bc:23:a5:ae:07:27:ac:41:b3:4c:ff:0e:
af:c5:03:b8:2e:a9:58:1d:5e:86:5d:90:bf:46:0e:
06:a5:52:6b:6c:f6:0c:48:0e:43:b3:16:72:0c:8a:
54:6e:dc:fe:da:e3:93:5a:92:7b:57:1f:fe:f9:e1:
77:72:90:00:f2:06:82:b3:53:2f:79:e7:2e:94:ff:
2f:f6:11:d7:ac:27:22:a6:5e:cf:64:47:90:50:c4:
84:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:90:18:D7:88:CD:6E:03:8D:B0:02:82:C1:DC:7D:62:AC:A0:05:25
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/nZAY14jNbgONsAKCwdx9YqygBSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.136.0/22
195.253.48.0-195.253.53.255
195.253.65.0-195.253.66.255
195.253.84.0-195.253.89.255
195.253.96.0/19
IPv6:
2a01:5b0:2::/48
2a01:5b0:5::-2a01:5b0:6:ffff:ffff:ffff:ffff:ffff
2a01:5b0:8::/46
2a01:5b0:10::/47
2a01:5b0:20::/43
Signature Algorithm: sha256WithRSAEncryption
7a:e2:f9:d4:1a:8e:ee:48:d9:25:2f:a4:92:93:f6:21:8d:08:
6e:05:07:f5:94:3c:8a:26:20:0f:98:74:3d:69:f2:78:b8:7f:
71:a0:30:68:95:9b:5f:bd:04:eb:09:6f:cf:07:44:97:d2:16:
5b:1e:c3:ea:76:80:c9:cd:a0:f4:c5:f8:49:e8:e7:b3:fa:23:
1f:36:1a:14:af:cb:a3:a5:38:dc:4a:24:98:00:2b:8c:55:34:
21:50:6f:ba:d7:83:d2:a5:9f:bc:e3:05:4a:6b:59:fd:25:22:
93:8c:29:58:c7:0f:b4:d6:cf:7a:9d:0f:e7:09:80:a6:d7:41:
fb:ac:e2:d5:da:00:60:af:d0:a2:a8:01:dd:62:0c:b6:e5:11:
51:35:c7:6d:a4:60:c9:c1:d5:2f:1f:2f:75:97:6a:be:f8:37:
3d:db:d5:54:4a:8f:fc:dd:ac:3d:b2:29:75:64:4b:2c:f8:c6:
43:57:0c:83:5b:3a:17:70:7e:ce:14:5a:ff:fa:35:79:90:3e:
8d:ec:72:f7:8f:01:d6:6b:4b:a6:d2:7b:a7:a4:fc:ab:b3:d3:
f9:48:b2:35:a4:38:de:b8:8b:31:87:ec:e6:4d:73:d0:b5:49:
4c:23:5a:c2:24:a8:26:e8:98:e4:9a:cd:19:c7:4f:59:59:07:
76:e0:12:70
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIEDkiekTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGMxZTQyNmY1OGU0MmFlMzBlNTZjZGI3ZmY0ZDhmOWRkZDg1YjMwMB4XDTIyMDUw
NDA5MzkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ5MDE4ZDc4OGNk
NmUwMzhkYjAwMjgyYzFkYzdkNjJhY2EwMDUyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOsH/ABJlggVzPOtK+27bFjQDdX3qmCp8VKYP450GdDGXvLx
DXtpKIZQh8UEQfsJuGak4EGCbuzSLenU2i9TTcsdu57RCTgMSHobqfGFlNVCp01M
XCsK45nYShvVbKGgbhlGlGbo5cdlnUbuDqeoHF5H1u/hmi5P5w2o9WHZb2NiAL5g
kBwCOmYuIW79TnZBm9EMKtat6FEUbn48tW3hcM71OD8zAx07vCOlrgcnrEGzTP8O
r8UDuC6pWB1ehl2Qv0YOBqVSa2z2DEgOQ7MWcgyKVG7c/trjk1qSe1cf/vnhd3KQ
APIGgrNTL3nnLpT/L/YR16wnIqZez2RHkFDEhKUCAwEAAaOCAnswggJ3MB0GA1Ud
DgQWBBSdkBjXiM1uA42wAoLB3H1irKAFJTAfBgNVHSMEGDAWgBRQweQm9Y5CrjDl
bNt/9Nj53dhbMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VNSGtKdldPUXE0dzVXemJmX1RZLWQzWVd6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvOWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8x
L25aQVkxNGpOYmdPTnNBS0N3ZHg5WXF5Z0JTVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
OWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8xL1VNSGtKdldPUXE0
dzVXemJmX1RZLWQzWVd6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kAYIKwYBBQUHAQcBAf8EgYAwfjA8BAIAATA2AwQCuXeIMAwDBATD/TADBAHD/TQw
DAMEAMP9QQMEAMP9QjAMAwQCw/1UAwQBw/1YAwQFw/1gMD4EAgACMDgDBwAqAQWw
AAIwEgMHACoBBbAABQMHACoBBbAABgMHAioBBbAACAMHASoBBbAAEAMHBSoBBbAA
IDANBgkqhkiG9w0BAQsFAAOCAQEAeuL51BqO7kjZJS+kkpP2IY0IbgUH9ZQ8iiYg
D5h0PWnyeLh/caAwaJWbX70E6wlvzwdEl9IWWx7D6naAyc2g9MX4Sejns/ojHzYa
FK/Lo6U43EokmAArjFU0IVBvuteD0qWfvOMFSmtZ/SUik4wpWMcPtNbPep0P5wmA
ptdB+6zi1doAYK/QoqgB3WIMtuURUTXHbaRgycHVLx8vdZdqvvg3PdvVVEqP/N2s
PbIpdWRLLPjGQ1cMg1s6F3B+zhRa//o1eZA+jexy948B1mtLptJ7p6T8q7PT+Uiy
NaQ43riLMYfs5k1z0LVJTCNawiSoJuiY5JrNGcdPWVkHduAScA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org