Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/NrVhSZUbZ1b0LgnSIgFAYXFPk7A.roa
File: NrVhSZUbZ1b0LgnSIgFAYXFPk7A.roa (raw, json)
Hash identifier: nz0DOV4hsxZS+jli3n0y1MEq+lrfgurBmENOj99nmww=
Subject key identifier: 36:B5:61:49:95:1B:67:56:F4:2E:09:D2:22:01:40:61:71:4F:93:B0
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 367C8AC8
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/NrVhSZUbZ1b0LgnSIgFAYXFPk7A.roa
Signing time: Sat 01 Jan 2022 15:06:33 +0000
ROA not before: Sat 01 Jan 2022 15:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50613
IP address blocks: 82.221.96.0/19 maxlen: 19
82.221.105.0/24 maxlen: 24
82.221.104.0/24 maxlen: 24
82.221.100.0/23 maxlen: 23
193.107.84.0/22 maxlen: 22
82.221.111.0/24 maxlen: 24
82.221.113.0/24 maxlen: 24
82.221.128.0/19 maxlen: 19
82.221.139.0/24 maxlen: 24
82.221.146.0/24 maxlen: 24
2a02:f48:2000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 914131656 (0x367c8ac8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 1 15:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36b56149951b6756f42e09d222014061714f93b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:17:68:29:49:fb:a7:8b:ae:96:c6:30:e1:
d2:78:81:d9:38:ba:0c:e1:f0:82:35:42:0c:28:2a:
97:c8:98:0c:07:c6:0b:9b:c2:8d:5e:52:87:02:26:
e9:79:fa:9b:18:b8:5d:27:c2:ff:a0:97:6a:05:0f:
b9:ae:5a:8e:5f:22:4a:97:84:d0:bd:6a:2f:3e:59:
ab:44:59:55:ed:75:b8:c2:aa:05:7a:88:08:f3:26:
d1:5b:03:62:89:1a:94:48:64:b0:56:56:28:fa:57:
32:21:f2:5c:a9:23:c7:38:38:71:ad:e1:17:3a:c0:
ad:bd:ab:34:8b:fd:12:c7:59:a3:45:af:b0:8b:94:
7b:11:f4:a0:03:8b:40:bd:10:43:e3:9f:7f:1f:90:
8b:aa:9c:23:99:9b:ba:9b:80:07:ab:af:b4:4b:b8:
cc:c6:fa:a9:78:a1:23:1c:b5:5d:90:21:18:64:e7:
45:63:2b:3c:da:93:f8:b8:ab:b1:09:31:e4:35:a0:
1a:f5:3b:c8:40:21:0e:0e:61:ef:07:09:4e:6d:37:
98:4b:c7:20:e9:c7:83:e2:bb:29:8f:6e:15:30:62:
95:83:93:a2:6e:0a:ec:66:5e:9b:fd:52:fe:9a:47:
ab:87:2b:d6:38:5a:af:e3:f5:85:65:79:01:da:8f:
9f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B5:61:49:95:1B:67:56:F4:2E:09:D2:22:01:40:61:71:4F:93:B0
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/NrVhSZUbZ1b0LgnSIgFAYXFPk7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.96.0-82.221.159.255
193.107.84.0/22
IPv6:
2a02:f48:2000::/40
Signature Algorithm: sha256WithRSAEncryption
36:af:ed:87:ea:84:d1:87:19:eb:4b:73:8d:e5:bc:48:1e:5c:
e7:cf:95:3e:a7:4e:95:0c:b2:a7:4e:16:92:8b:e3:c7:bf:67:
35:b4:a6:e9:86:37:9a:ea:10:22:9f:a0:9f:f2:52:4a:fb:4e:
d1:0a:84:8d:f7:c2:82:b9:4a:c1:e2:db:d3:86:ed:67:1a:b4:
b7:20:12:38:e2:44:01:6e:1e:52:9d:8e:eb:d1:ec:4d:35:d9:
40:b4:1e:12:80:11:ee:41:38:56:89:dc:38:f1:69:34:5f:5b:
3e:c3:70:d5:31:98:06:05:db:87:91:77:27:0b:5b:4a:44:f8:
fe:6e:13:c5:d1:d6:40:d8:be:5b:32:33:2c:1e:53:39:a4:52:
da:a1:2b:e6:4a:04:13:dc:5e:2e:b8:cc:38:62:1b:96:f3:95:
c5:40:45:21:1d:36:e9:cf:46:12:c5:0b:20:04:93:47:8c:59:
7d:8b:95:82:da:d5:12:84:a4:28:54:80:7d:94:e8:37:49:38:
7c:16:97:7e:b9:dd:1c:04:42:52:e8:9a:d2:1e:c2:97:58:76:
9b:15:65:15:db:ca:ad:00:f3:f6:62:e1:7d:90:21:56:d9:32:
bc:14:e5:1c:70:44:d3:bb:3c:74:e5:03:8d:9c:1a:22:a2:b4:
b8:a5:01:ff
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIENnyKyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDgwMjVjN2RlMDQwMGUwZjNjODhkNGExMjJhMzE3ZTMyYzVlMjFjMB4XDTIyMDEw
MTE1MDYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZiNTYxNDk5NTFi
Njc1NmY0MmUwOWQyMjIwMTQwNjE3MTRmOTNiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0KF2gpSfuni66WxjDh0niB2Ti6DOHwgjVCDCgql8iYDAfG
C5vCjV5ShwIm6Xn6mxi4XSfC/6CXagUPua5ajl8iSpeE0L1qLz5Zq0RZVe11uMKq
BXqICPMm0VsDYokalEhksFZWKPpXMiHyXKkjxzg4ca3hFzrArb2rNIv9EsdZo0Wv
sIuUexH0oAOLQL0QQ+Offx+Qi6qcI5mbupuAB6uvtEu4zMb6qXihIxy1XZAhGGTn
RWMrPNqT+LirsQkx5DWgGvU7yEAhDg5h7wcJTm03mEvHIOnHg+K7KY9uFTBilYOT
om4K7GZem/1S/ppHq4cr1jhar+P1hWV5AdqPn9kCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ2tWFJlRtnVvQuCdIiAUBhcU+TsDAfBgNVHSMEGDAWgBRAgCXH3gQA4PPI
jUoSKjF+MsXiHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJQWx4OTRFQU9EenlJMUtFaW94ZmpMRjRody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8x
L05yVmhTWlViWjFiMExnblNJZ0ZBWVhGUGs3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8xL1FJQWx4OTRFQU9E
enlJMUtFaW94ZmpMRjRody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwGgQCAAEwFDAMAwQFUt1gAwQFUt2AAwQCwWtUMA4E
AgACMAgDBgAqAg9IIDANBgkqhkiG9w0BAQsFAAOCAQEANq/th+qE0YcZ60tzjeW8
SB5c58+VPqdOlQyyp04Wkovjx79nNbSm6YY3muoQIp+gn/JSSvtO0QqEjffCgrlK
weLb04btZxq0tyASOOJEAW4eUp2O69HsTTXZQLQeEoAR7kE4VoncOPFpNF9bPsNw
1TGYBgXbh5F3JwtbSkT4/m4TxdHWQNi+WzIzLB5TOaRS2qEr5koEE9xeLrjMOGIb
lvOVxUBFIR026c9GEsULIASTR4xZfYuVgtrVEoSkKFSAfZToN0k4fBaXfrndHARC
Uuia0h7Cl1h2mxVlFdvKrQDz9mLhfZAhVtkyvBTlHHBE07s8dOUDjZwaIqK0uKUB
/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:36 2024 by rpki-client on console-fra.rpki-client.org