Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/nXPDFo9iqxIapMBfT6A6XKcKh2o.roa
File: nXPDFo9iqxIapMBfT6A6XKcKh2o.roa (raw, json)
Hash identifier: scwX5q8GWaKg/SoaCBb+MvzAQ0RjvTsboiA/1452GEc=
Subject key identifier: 9D:73:C3:16:8F:62:AB:12:1A:A4:C0:5F:4F:A0:3A:5C:A7:0A:87:6A
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 01855942B4DCB76CB9672B22068A543F1A96
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/nXPDFo9iqxIapMBfT6A6XKcKh2o.roa
Signing time: Wed 28 Dec 2022 15:03:41 +0000
ROA not before: Wed 28 Dec 2022 15:03:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208808
IP address blocks: 94.156.26.0/23 maxlen: 23
212.73.152.0/24 maxlen: 24
31.13.210.0/24 maxlen: 24
212.73.153.0/24 maxlen: 24
87.120.203.0/24 maxlen: 24
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
92.243.94.0/23 maxlen: 23
185.201.76.0/22 maxlen: 22
78.138.42.0/23 maxlen: 23
45.140.196.0/22 maxlen: 22
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
92.243.71.0/24 maxlen: 24
87.120.80.0/23 maxlen: 23
92.243.68.0/24 maxlen: 24
213.255.244.0/23 maxlen: 23
92.243.86.0/23 maxlen: 23
78.138.18.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
2a0a:bd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:42:b4:dc:b7:6c:b9:67:2b:22:06:8a:54:3f:1a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Dec 28 15:03:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d73c3168f62ab121aa4c05f4fa03a5ca70a876a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5f:41:a7:85:f6:be:49:31:19:e8:16:11:bc:
ab:68:19:10:97:86:b6:60:51:0d:38:05:c6:e1:bf:
3f:fc:00:5f:68:91:ef:f9:9f:bf:36:12:a6:ba:ef:
40:72:c0:f6:49:b3:26:bb:f0:d0:0b:95:f1:e8:ab:
6b:ac:da:05:48:75:d3:27:18:62:05:86:80:82:88:
b6:e2:9c:ed:68:0f:ed:45:53:be:94:eb:ea:08:52:
92:9e:a9:8d:53:14:75:33:d4:4c:b3:b6:66:20:29:
4c:9c:12:b1:88:9a:a5:03:e0:7c:16:0d:3c:1a:7c:
8b:6f:be:c1:64:e1:93:4d:ae:97:d5:b1:65:cb:ec:
29:81:0f:0a:3a:fa:61:5a:1d:e9:de:ee:bc:e3:d3:
61:3d:ea:47:80:30:03:af:57:54:85:fc:af:42:6b:
9c:a3:b7:08:6b:d4:64:c4:3f:e7:c6:8e:ef:93:db:
89:5d:96:19:ed:ec:eb:94:b8:8d:a2:06:e1:16:2b:
0e:13:51:4f:cb:be:99:10:24:39:95:a9:db:70:49:
f7:97:33:6a:a6:e5:8c:46:2f:9c:82:91:28:cc:c4:
d6:84:e8:16:81:ae:d0:22:1a:a6:58:df:92:98:12:
93:a8:a2:0a:56:11:8e:7c:67:b3:8b:7d:9a:7b:91:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:73:C3:16:8F:62:AB:12:1A:A4:C0:5F:4F:A0:3A:5C:A7:0A:87:6A
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/nXPDFo9iqxIapMBfT6A6XKcKh2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
87.120.80.0/23
87.120.203.0/24
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
94.156.26.0/23
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
30:76:a0:cd:6c:95:f1:10:90:99:1e:c2:2f:d5:79:32:84:cb:
f4:8d:4d:fa:c7:eb:7e:67:1f:61:7b:f5:fe:20:2f:c3:0f:c6:
5d:9b:e2:b4:ce:f5:0d:d8:86:03:f1:c9:78:d5:85:24:ef:fd:
18:de:48:77:41:42:f6:90:8d:bd:4f:50:fb:92:c1:bf:a6:69:
f9:8d:4e:0e:de:ca:11:93:51:41:fc:28:48:7b:f6:fa:42:fc:
bd:cf:b3:03:57:3a:ab:69:2a:dd:43:03:3c:ae:4a:d8:5a:b0:
76:d7:5c:45:11:0e:6b:5b:45:0e:c0:d7:0d:43:05:c3:e0:d6:
10:68:c6:ad:07:0c:11:91:0b:d4:35:f8:50:83:f9:71:f1:5b:
62:14:e1:5a:31:0a:4d:7d:4c:7b:40:4c:9f:fb:de:e6:a6:21:
b9:c7:1a:55:26:c3:14:f1:e5:56:3c:2f:5a:f4:b4:79:9c:2a:
e3:d7:d4:65:12:b0:32:42:dc:9d:a8:5f:20:14:a7:be:ac:91:
22:29:14:ff:8b:fc:db:70:98:91:52:48:c0:54:15:0a:4e:88:
6a:c4:b3:b3:62:e5:35:4d:c6:ea:18:b6:b9:28:46:5f:b6:5f:
d2:00:2d:69:be:9a:c8:53:9a:1c:8a:e6:88:f7:99:e5:1c:74:
45:eb:a7:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYVZQrTct2y5ZysiBopUPxqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjIxMjI4MTUwMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDczYzMxNjhmNjJhYjEyMWFhNGMwNWY0ZmEwM2E1Y2E3MGE4NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkV9Bp4X2vkkxGegWEbyraBkQl4a2
YFENOAXG4b8//ABfaJHv+Z+/NhKmuu9AcsD2SbMmu/DQC5Xx6KtrrNoFSHXTJxhi
BYaAgoi24pztaA/tRVO+lOvqCFKSnqmNUxR1M9RMs7ZmIClMnBKxiJqlA+B8Fg08
GnyLb77BZOGTTa6X1bFly+wpgQ8KOvphWh3p3u6849NhPepHgDADr1dUhfyvQmuc
o7cIa9RkxD/nxo7vk9uJXZYZ7ezrlLiNogbhFisOE1FPy76ZECQ5lanbcEn3lzNq
puWMRi+cgpEozMTWhOgWga7QIhqmWN+SmBKTqKIKVhGOfGezi32ae5GMswIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFJ1zwxaPYqsSGqTAX0+gOlynCodqMB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvblhQREZvOWlxeElhcE1CZlQ2QTZYS2NLaDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAB8N
0gMEAi2MxAMEAU6KEjAMAwQBTooaAwQBToocAwQBTooqAwQBV3hQAwQAV3jLAwQA
XPNEAwQAXPNHAwQBXPNWAwQBXPNaAwQBXPNeAwQBXpwaAwQCuclMAwQB1EmYAwQB
1f/SAwQB1f/YAwQB1f/gAwQB1f/0MA0EAgACMAcDBQMqCr1AMA0GCSqGSIb3DQEB
CwUAA4IBAQAwdqDNbJXxEJCZHsIv1XkyhMv0jU36x+t+Zx9he/X+IC/DD8Zdm+K0
zvUN2IYD8cl41YUk7/0Y3kh3QUL2kI29T1D7ksG/pmn5jU4O3soRk1FB/ChIe/b6
Qvy9z7MDVzqraSrdQwM8rkrYWrB211xFEQ5rW0UOwNcNQwXD4NYQaMatBwwRkQvU
NfhQg/lx8VtiFOFaMQpNfUx7QEyf+97mpiG5xxpVJsMU8eVWPC9a9LR5nCrj19Rl
ErAyQtydqF8gFKe+rJEiKRT/i/zbcJiRUkjAVBUKTohqxLOzYuU1TcbqGLa5KEZf
tl/SAC1pvprIU5ociuaI95nlHHRF66cD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:54 2024 by rpki-client on console-fra.rpki-client.org