Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/nI_r8M7vDrURgRDiFKdosF-7AgQ.roa
File: nI_r8M7vDrURgRDiFKdosF-7AgQ.roa (raw, json)
Hash identifier: abCPhjmv7EHOKsVPmntVQn3zTJiPfQL8Fb8D6Wd6cPA=
Subject key identifier: 9C:8F:EB:F0:CE:EF:0E:B5:11:81:10:E2:14:A7:68:B0:5F:BB:02:04
Certificate issuer: /CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Certificate serial: 13D7020F
Authority key identifier: 9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/nI_r8M7vDrURgRDiFKdosF-7AgQ.roa
Signing time: Tue 22 Feb 2022 01:10:16 +0000
ROA not before: Tue 22 Feb 2022 01:10:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29170
IP address blocks: 178.132.216.0/24 maxlen: 24
82.114.81.0/24 maxlen: 24
178.132.217.0/24 maxlen: 24
82.114.84.0/24 maxlen: 24
82.114.79.0/24 maxlen: 24
178.132.216.0/21 maxlen: 21
178.132.220.0/24 maxlen: 24
82.114.88.0/24 maxlen: 24
46.19.224.0/21 maxlen: 24
46.19.224.0/24 maxlen: 24
46.19.225.0/24 maxlen: 24
46.19.230.0/24 maxlen: 24
82.114.64.0/19 maxlen: 19
82.114.64.0/24 maxlen: 24
82.114.70.0/24 maxlen: 24
82.114.65.0/24 maxlen: 24
82.114.66.0/24 maxlen: 24
82.114.74.0/24 maxlen: 24
82.114.77.0/24 maxlen: 24
82.114.78.0/24 maxlen: 24
185.67.176.0/22 maxlen: 22
185.67.176.0/24 maxlen: 24
185.67.177.0/24 maxlen: 24
185.67.178.0/24 maxlen: 24
185.67.179.0/24 maxlen: 24
185.67.177.175/32 maxlen: 32
185.190.132.0/22 maxlen: 22
185.190.132.0/24 maxlen: 24
185.67.177.176/32 maxlen: 32
2a04:3080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 332857871 (0x13d7020f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a92d30708b9d4e8c7c28c97f8037c8027144c47
Validity
Not Before: Feb 22 01:10:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c8febf0ceef0eb5118110e214a768b05fbb0204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:58:84:8b:94:b6:24:18:9a:a6:3e:70:21:
38:43:a1:72:cb:5e:4a:2f:04:ed:49:db:cb:fc:a6:
8e:ae:bc:ab:18:fe:40:13:02:b4:c8:3b:f7:3c:16:
eb:69:bd:6f:59:5d:3a:28:35:bd:7f:a8:09:ae:6a:
be:1e:30:d6:42:49:cf:88:50:c3:cf:aa:9a:dd:ce:
b4:5c:6e:15:c8:ae:60:36:05:4b:4b:2d:a0:34:fe:
06:f0:8e:5f:f8:80:11:9f:2e:ba:c7:b0:f2:3e:f2:
54:c4:96:f1:19:76:7f:39:b5:2d:75:d7:cc:83:b9:
45:40:8d:51:f1:30:f1:e1:ac:99:56:fc:4e:2e:f2:
b4:e6:f2:52:f6:27:2c:98:3c:60:ec:cd:dc:e6:7c:
15:ff:9f:d6:c9:77:75:57:b3:38:f1:ef:ee:18:d0:
d1:b5:19:4a:09:41:8c:72:a6:5f:e3:cb:9e:85:eb:
4d:e2:2d:29:8d:d1:e7:05:2e:30:e0:cc:1b:33:50:
fe:a6:b4:51:fb:45:6e:16:7b:97:d7:58:a4:2d:93:
52:b4:f8:fe:03:4a:63:3a:96:29:4a:72:21:69:73:
4c:50:e7:d5:85:79:3f:3a:fe:e7:7a:99:e2:5c:6d:
32:38:93:c8:e0:d4:35:f0:18:55:b4:f4:df:a9:8c:
4a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8F:EB:F0:CE:EF:0E:B5:11:81:10:E2:14:A7:68:B0:5F:BB:02:04
X509v3 Authority Key Identifier:
keyid:9A:92:D3:07:08:B9:D4:E8:C7:C2:8C:97:F8:03:7C:80:27:14:4C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpLTBwi51OjHwoyX-AN8gCcUTEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/nI_r8M7vDrURgRDiFKdosF-7AgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/c937be-f5b1-43c6-9587-4e06621bd98a/1/mpLTBwi51OjHwoyX-AN8gCcUTEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.224.0/21
82.114.64.0/19
178.132.216.0/21
185.67.176.0/22
185.190.132.0/22
IPv6:
2a04:3080::/29
Signature Algorithm: sha256WithRSAEncryption
70:3b:83:7f:3b:43:4e:af:e2:dd:26:42:5a:fd:38:aa:0b:0c:
7e:b0:28:c7:a7:fc:e9:72:1b:56:57:a8:99:a3:a9:ce:1b:c6:
12:27:f6:5e:59:60:e5:d0:f6:9c:1b:17:a2:18:7c:74:bb:ce:
4b:16:36:89:32:4b:46:10:b9:ef:b7:0e:95:b0:da:d3:e0:f4:
15:1c:4d:37:49:43:5b:fc:cc:16:58:0d:54:5a:06:08:97:f4:
a5:a0:5a:b0:a5:22:5e:c4:1e:c6:59:2f:1b:41:8f:a3:8e:19:
96:1f:5f:96:cf:74:b3:0f:f5:55:bc:8d:a1:0b:46:e1:69:c2:
7f:72:00:7d:17:73:77:a0:e4:06:2f:9d:1b:7c:25:ec:d6:65:
87:01:08:23:29:c5:3e:f0:50:ed:e9:e9:38:58:a0:ba:76:99:
58:2c:cf:b4:91:55:77:39:40:d7:0b:b2:57:2b:83:53:e3:0e:
45:6c:67:1b:6f:db:fb:4e:45:11:e9:f2:85:3c:44:af:f2:3c:
ff:07:8d:0e:71:a1:c8:34:75:3f:f9:7e:af:dc:2a:f4:44:85:
10:ca:3f:5c:d1:0a:28:68:a7:cb:4e:81:46:c7:f1:b5:1a:8f:
01:7a:01:75:c5:5e:2c:6c:d3:f2:54:f8:a9:d5:1f:5f:6a:ec:
3f:60:f7:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEE9cCDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTkyZDMwNzA4YjlkNGU4YzdjMjhjOTdmODAzN2M4MDI3MTQ0YzQ3MB4XDTIyMDIy
MjAxMTAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWM4ZmViZjBjZWVm
MGViNTExODExMGUyMTRhNzY4YjA1ZmJiMDIwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLMWISLlLYkGJqmPnAhOEOhcsteSi8E7Unby/ymjq68qxj+
QBMCtMg79zwW62m9b1ldOig1vX+oCa5qvh4w1kJJz4hQw8+qmt3OtFxuFciuYDYF
S0stoDT+BvCOX/iAEZ8uusew8j7yVMSW8Rl2fzm1LXXXzIO5RUCNUfEw8eGsmVb8
Ti7ytObyUvYnLJg8YOzN3OZ8Ff+f1sl3dVezOPHv7hjQ0bUZSglBjHKmX+PLnoXr
TeItKY3R5wUuMODMGzNQ/qa0UftFbhZ7l9dYpC2TUrT4/gNKYzqWKUpyIWlzTFDn
1YV5Pzr+53qZ4lxtMjiTyODUNfAYVbT036mMSgECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBScj+vwzu8OtRGBEOIUp2iwX7sCBDAfBgNVHSMEGDAWgBSaktMHCLnU6MfC
jJf4A3yAJxRMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21wTFRCd2k1MU9qSHdveVgtQU44Z0NjVVRFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvYzkzN2JlLWY1YjEtNDNjNi05NTg3LTRlMDY2MjFiZDk4YS8x
L25JX3I4TTd2RHJVUmdSRGlGS2Rvc0YtN0FnUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
YzkzN2JlLWY1YjEtNDNjNi05NTg3LTRlMDY2MjFiZDk4YS8xL21wTFRCd2k1MU9q
SHdveVgtQU44Z0NjVVRFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy4T4AMEBVJyQAMEA7KE2AMEArlD
sAMEArm+hDANBAIAAjAHAwUDKgQwgDANBgkqhkiG9w0BAQsFAAOCAQEAcDuDfztD
Tq/i3SZCWv04qgsMfrAox6f86XIbVleomaOpzhvGEif2Xllg5dD2nBsXohh8dLvO
SxY2iTJLRhC577cOlbDa0+D0FRxNN0lDW/zMFlgNVFoGCJf0paBasKUiXsQexlkv
G0GPo44Zlh9fls90sw/1VbyNoQtG4WnCf3IAfRdzd6DkBi+dG3wl7NZlhwEIIynF
PvBQ7enpOFigunaZWCzPtJFVdzlA1wuyVyuDU+MORWxnG2/b+05FEenyhTxEr/I8
/weNDnGhyDR1P/l+r9wq9ESFEMo/XNEKKGiny06BRsfxtRqPAXoBdcVeLGzT8lT4
qdUfX2rsP2D3Dg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:21 2023 by rpki-client on console-ams.rpki-client.org