Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/nDNglYN4vZRP-rVmT1OuTGqRNas.roa
File: nDNglYN4vZRP-rVmT1OuTGqRNas.roa (raw, json)
Hash identifier: cb1ByWY4+ZblAyUHllan4DEskynAQui06sJCA8phKr8=
Subject key identifier: 9C:33:60:95:83:78:BD:94:4F:FA:B5:66:4F:53:AE:4C:6A:91:35:AB
Certificate issuer: /CN=fc44297e9271c6edf064915f6180ae12690dda8b
Certificate serial: 097BCDB7
Authority key identifier: FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/nDNglYN4vZRP-rVmT1OuTGqRNas.roa
Signing time: Sat 01 Jan 2022 13:05:06 +0000
ROA not before: Sat 01 Jan 2022 13:05:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5504
IP address blocks: 194.30.136.0/22 maxlen: 22
194.30.135.0/24 maxlen: 24
194.30.134.0/24 maxlen: 24
213.169.128.0/21 maxlen: 24
194.30.140.0/23 maxlen: 23
194.30.144.0/23 maxlen: 23
194.30.143.0/24 maxlen: 24
194.30.146.0/23 maxlen: 23
194.30.148.0/22 maxlen: 22
194.30.152.0/23 maxlen: 23
213.169.136.0/22 maxlen: 24
213.169.144.0/22 maxlen: 22
194.30.154.0/23 maxlen: 23
194.30.156.0/23 maxlen: 23
213.169.158.0/23 maxlen: 23
194.30.132.0/23 maxlen: 23
194.30.131.0/24 maxlen: 24
194.30.130.0/24 maxlen: 24
194.30.128.0/23 maxlen: 23
82.114.32.0/19 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159108535 (0x97bcdb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc44297e9271c6edf064915f6180ae12690dda8b
Validity
Not Before: Jan 1 13:05:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c3360958378bd944ffab5664f53ae4c6a9135ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d0:9d:58:08:75:ca:30:b3:e2:ad:f6:32:92:
74:b6:88:11:c9:4a:8f:57:8e:11:b9:28:bb:8a:e8:
17:65:77:9f:d2:21:ad:5e:9a:fc:25:7c:31:41:11:
64:aa:2a:c2:69:58:8d:22:9e:9b:bf:a1:f2:45:8f:
fe:14:a8:3f:06:b2:8d:76:b3:2a:7c:36:5f:59:33:
8b:9c:63:46:d3:ec:6e:50:dd:a8:ca:65:f2:fe:21:
76:c7:9c:1d:7b:39:82:46:b3:e8:d0:e9:3a:bf:c5:
58:62:68:93:70:19:d4:4d:d9:b8:03:04:3f:a1:22:
47:d8:6f:30:92:bc:72:38:3e:db:66:28:26:f6:51:
ff:89:f8:6c:29:d8:d7:23:f2:c8:f1:49:e0:e9:08:
f1:31:1d:1c:df:0b:a4:e1:8c:c8:84:60:ac:33:94:
6d:2e:bf:a0:de:ba:dc:ec:04:d1:56:39:d2:00:54:
da:f6:e9:7b:36:73:ac:7b:35:a4:aa:c7:50:fd:85:
9d:ce:3c:9b:07:9e:3b:56:13:71:90:27:b6:e8:cf:
38:b8:11:a8:b0:5a:5f:70:7e:ee:43:83:52:06:22:
b3:b6:92:12:07:06:27:2e:1f:45:0c:8b:a0:fb:b9:
d6:d5:33:f0:f1:2c:b5:68:aa:75:22:b9:33:d5:7e:
d3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:33:60:95:83:78:BD:94:4F:FA:B5:66:4F:53:AE:4C:6A:91:35:AB
X509v3 Authority Key Identifier:
keyid:FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/nDNglYN4vZRP-rVmT1OuTGqRNas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.114.32.0/19
194.30.128.0-194.30.141.255
194.30.143.0-194.30.157.255
213.169.128.0-213.169.139.255
213.169.144.0/22
213.169.158.0/23
Signature Algorithm: sha256WithRSAEncryption
50:81:b4:12:7c:54:69:0f:cf:0b:1e:ea:0f:33:a6:c3:c8:89:
87:44:d2:33:08:de:1f:3e:4c:48:e5:c6:a4:b9:d8:86:90:c6:
6d:76:11:86:3d:79:9b:bd:4c:19:3c:19:c8:cd:27:24:4d:47:
c1:d6:be:cc:33:12:c8:7a:44:46:60:71:99:8a:24:35:e3:99:
4a:b2:38:28:a7:35:62:65:5f:5f:1b:e3:8b:ef:88:99:88:d4:
3c:4c:15:51:c0:11:44:fc:34:8f:18:70:fa:51:fc:7c:47:ff:
9b:7f:87:39:4e:00:b4:71:15:5e:77:69:f1:4f:54:6d:f6:87:
2b:2c:06:04:fb:89:73:51:e1:1d:48:6a:6c:0f:d1:06:ae:64:
8b:7c:52:20:1c:cf:37:cd:22:5c:60:d2:d8:69:c8:7e:de:38:
2d:0e:b3:b1:73:1f:84:aa:8f:7f:d8:15:06:84:78:45:92:f1:
46:13:50:c5:a4:31:87:2f:b3:6d:54:33:fd:e9:bd:19:1f:5a:
3e:04:d9:97:b1:24:51:56:25:30:ca:b4:9c:e9:ee:34:c2:1b:
bc:df:79:4a:6b:66:36:fa:c1:df:0b:3d:dd:24:fe:9d:99:1e:
4e:c2:32:a5:ef:ba:a5:30:20:e4:0c:ef:85:c9:66:d0:a1:51:
4f:d2:4f:e6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIECXvNtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzQ0Mjk3ZTkyNzFjNmVkZjA2NDkxNWY2MTgwYWUxMjY5MGRkYThiMB4XDTIyMDEw
MTEzMDUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMzMzYwOTU4Mzc4
YmQ5NDRmZmFiNTY2NGY1M2FlNGM2YTkxMzVhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnQnVgIdcows+Kt9jKSdLaIEclKj1eOEbkou4roF2V3n9Ih
rV6a/CV8MUERZKoqwmlYjSKem7+h8kWP/hSoPwayjXazKnw2X1kzi5xjRtPsblDd
qMpl8v4hdsecHXs5gkaz6NDpOr/FWGJok3AZ1E3ZuAMEP6EiR9hvMJK8cjg+22Yo
JvZR/4n4bCnY1yPyyPFJ4OkI8TEdHN8LpOGMyIRgrDOUbS6/oN663OwE0VY50gBU
2vbpezZzrHs1pKrHUP2Fnc48mweeO1YTcZAntujPOLgRqLBaX3B+7kODUgYis7aS
EgcGJy4fRQyLoPu51tUz8PEstWiqdSK5M9V+07kCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBScM2CVg3i9lE/6tWZPU65MapE1qzAfBgNVHSMEGDAWgBT8RCl+knHG7fBk
kV9hgK4SaQ3aizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19FUXBmcEp4eHUzd1pKRmZZWUN1RW1rTjJvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvN2NiMTc5LWFkMmMtNDgyNC1hMWU1LWFlMDdmMzJlNDEwMi8x
L25ETmdsWU40dlpSUC1yVm1UMU91VEdxUk5hcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
N2NiMTc5LWFkMmMtNDgyNC1hMWU1LWFlMDdmMzJlNDEwMi8xL19FUXBmcEp4eHUz
d1pKRmZZWUN1RW1rTjJvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEBVJyIDAMAwQHwh6AAwQBwh6MMAwD
BADCHo8DBAHCHpwwDAMEB9WpgAMEAtWpiAMEAtWpkAMEAdWpnjANBgkqhkiG9w0B
AQsFAAOCAQEAUIG0EnxUaQ/PCx7qDzOmw8iJh0TSMwjeHz5MSOXGpLnYhpDGbXYR
hj15m71MGTwZyM0nJE1Hwda+zDMSyHpERmBxmYokNeOZSrI4KKc1YmVfXxvji++I
mYjUPEwVUcARRPw0jxhw+lH8fEf/m3+HOU4AtHEVXndp8U9UbfaHKywGBPuJc1Hh
HUhqbA/RBq5ki3xSIBzPN80iXGDS2GnIft44LQ6zsXMfhKqPf9gVBoR4RZLxRhNQ
xaQxhy+zbVQz/em9GR9aPgTZl7EkUVYlMMq0nOnuNMIbvN95SmtmNvrB3ws93ST+
nZkeTsIype+6pTAg5Azvhclm0KFRT9JP5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:54 2024 by rpki-client on console-ams.rpki-client.org