Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/NPVlKfLnFt_d28Z513EO-pNh58g.roa
File: NPVlKfLnFt_d28Z513EO-pNh58g.roa (raw, json)
Hash identifier: BEATrbSJXtYrjU+v79hT8F88K2bRnSnDsIXbo+bLYRg=
Subject key identifier: 34:F5:65:29:F2:E7:16:DF:DD:DB:C6:79:D7:71:0E:FA:93:61:E7:C8
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 01838D5394A3D31A10B16A7970467FDFD716
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/NPVlKfLnFt_d28Z513EO-pNh58g.roa
Signing time: Fri 30 Sep 2022 07:36:48 +0000
ROA not before: Fri 30 Sep 2022 07:36:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.189.0/24 maxlen: 24
5.181.188.0/22 maxlen: 22
95.214.52.0/22 maxlen: 23
185.16.36.0/22 maxlen: 23
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:53:94:a3:d3:1a:10:b1:6a:79:70:46:7f:df:d7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Sep 30 07:36:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34f56529f2e716dfdddbc679d7710efa9361e7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:81:9a:4c:c2:d1:44:cf:06:9d:a8:10:b5:72:
78:75:59:b5:93:8a:87:0f:79:77:1a:ca:91:81:9d:
3b:79:48:fb:b0:00:ff:da:a7:98:90:be:ed:f3:0c:
bc:e6:53:6a:07:0b:0d:c9:71:e6:8b:2e:ed:a3:05:
8e:89:65:7f:fb:b4:8c:5b:7e:89:68:7d:5c:74:90:
10:12:25:75:24:be:34:b7:bd:d2:87:d6:36:d6:a1:
a8:75:a1:20:02:78:d1:37:b5:40:8c:af:f6:5c:b7:
42:85:15:ee:c5:d6:c4:1a:aa:09:5f:42:6d:7f:fe:
51:06:18:19:af:19:c0:a3:e7:6e:ae:d0:3a:c5:c1:
89:83:07:de:39:0b:2f:da:6c:9c:c4:ab:49:dc:3d:
b9:4f:80:25:75:7e:c2:5b:6f:18:5f:36:c9:11:e5:
b3:e8:89:16:92:6b:9b:4f:d6:64:0d:39:28:02:07:
6e:4b:78:f4:e8:31:24:84:26:c6:57:4d:57:af:b0:
5d:24:c9:2c:c3:2f:9d:d6:5e:0c:6b:b2:b0:71:d0:
f8:3e:fb:b3:4a:5a:57:8e:2a:20:27:f9:5e:99:ca:
71:2f:da:05:1e:b9:4e:95:72:39:ca:c0:2e:94:91:
37:cf:e8:86:5a:a5:47:08:66:a7:87:86:36:7b:fa:
55:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F5:65:29:F2:E7:16:DF:DD:DB:C6:79:D7:71:0E:FA:93:61:E7:C8
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/NPVlKfLnFt_d28Z513EO-pNh58g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
185.16.36.0/22
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
68:99:b8:0f:ed:bb:47:9f:d1:7e:fa:58:85:ac:df:21:6b:70:
da:09:ef:dc:0e:5a:98:0e:c9:73:ee:06:39:8a:bb:12:82:ee:
46:c1:c3:dd:3e:26:22:a4:5a:95:c0:39:72:15:ae:3d:3b:56:
4e:ff:6e:49:64:ee:89:3e:19:60:b1:cd:a3:44:6a:92:af:cd:
ed:89:56:75:a3:03:75:de:15:4c:b4:d6:a3:8b:cf:46:d1:58:
98:fb:24:d2:49:57:64:d4:d7:be:e5:aa:de:dc:b5:8d:6f:c9:
10:a6:26:83:98:ed:16:98:11:16:57:21:af:7d:58:a9:9f:6e:
57:95:dd:6b:e6:16:8f:40:54:b8:c5:8d:ed:29:4e:6e:4b:a4:
30:80:4d:97:fd:77:b2:c5:ea:24:b0:c3:1f:50:8b:d0:fc:95:
59:76:6d:41:4c:af:df:25:ef:c6:a3:c9:a2:a7:ab:d8:39:e4:
ce:9c:19:13:84:9e:54:90:cf:e4:0b:5f:dc:38:b4:c0:9a:26:
c4:9a:82:8b:4d:f4:5b:3b:2e:52:67:e5:cd:8d:0b:13:3f:50:
92:87:0e:1d:8c:d4:94:c2:aa:d6:6e:31:0b:4d:09:80:45:8b:
7a:ee:71:45:12:01:e0:d7:4e:bf:11:16:ad:a4:23:00:85:37:
85:d4:d2:21
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYONU5Sj0xoQsWp5cEZ/39cWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjIwOTMwMDczNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY1NjUyOWYyZTcxNmRmZGRkYmM2NzlkNzcxMGVmYTkzNjFlN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIGaTMLRRM8GnagQtXJ4dVm1k4qH
D3l3GsqRgZ07eUj7sAD/2qeYkL7t8wy85lNqBwsNyXHmiy7towWOiWV/+7SMW36J
aH1cdJAQEiV1JL40t73Sh9Y21qGodaEgAnjRN7VAjK/2XLdChRXuxdbEGqoJX0Jt
f/5RBhgZrxnAo+durtA6xcGJgwfeOQsv2mycxKtJ3D25T4AldX7CW28YXzbJEeWz
6IkWkmubT9ZkDTkoAgduS3j06DEkhCbGV01Xr7BdJMkswy+d1l4Ma7KwcdD4Pvuz
SlpXjiogJ/lemcpxL9oFHrlOlXI5ysAulJE3z+iGWqVHCGanh4Y2e/pVkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDT1ZSny5xbf3dvGeddxDvqTYefIMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvTlBWbEtmTG5GdF9kMjhaNTEzRU8tcE5oNThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbW8AwQC
X9Y0AwQCuRAkMA0EAgACMAcDBQAqA8/AMA0GCSqGSIb3DQEBCwUAA4IBAQBombgP
7btHn9F++liFrN8ha3DaCe/cDlqYDslz7gY5irsSgu5GwcPdPiYipFqVwDlyFa49
O1ZO/25JZO6JPhlgsc2jRGqSr83tiVZ1owN13hVMtNaji89G0ViY+yTSSVdk1Ne+
5are3LWNb8kQpiaDmO0WmBEWVyGvfVipn25Xld1r5haPQFS4xY3tKU5uS6QwgE2X
/XeyxeoksMMfUIvQ/JVZdm1BTK/fJe/Go8mip6vYOeTOnBkThJ5UkM/kC1/cOLTA
mibEmoKLTfRbOy5SZ+XNjQsTP1CShw4djNSUwqrWbjELTQmARYt67nFFEgHg106/
ERatpCMAhTeF1NIh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:03 2024 by rpki-client on console-ams.rpki-client.org