Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/D_PIuDNGxiBLpRMNUG4QTQ_npeo.roa
File: D_PIuDNGxiBLpRMNUG4QTQ_npeo.roa (raw, json)
Hash identifier: 6SCRVD50kJtHMG8KaWU77rq8XB7dcCMLauIgS0vwBr0=
Subject key identifier: 0F:F3:C8:B8:33:46:C6:20:4B:A5:13:0D:50:6E:10:4D:0F:E7:A5:EA
Certificate issuer: /CN=78811e8e36e22280bb2f65a7d2c6034ecf86716c
Certificate serial: 0AEC86E7
Authority key identifier: 78:81:1E:8E:36:E2:22:80:BB:2F:65:A7:D2:C6:03:4E:CF:86:71:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/D_PIuDNGxiBLpRMNUG4QTQ_npeo.roa
Signing time: Wed 06 Apr 2022 13:37:04 +0000
ROA not before: Wed 06 Apr 2022 13:37:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59702
IP address blocks: 207.189.192.0/20 maxlen: 20
81.25.144.0/20 maxlen: 20
146.66.232.0/21 maxlen: 21
185.80.216.0/22 maxlen: 22
216.158.96.0/20 maxlen: 20
194.37.249.0/24 maxlen: 24
213.244.240.0/21 maxlen: 21
185.16.200.0/22 maxlen: 22
31.31.163.0/24 maxlen: 24
31.31.166.0/24 maxlen: 24
31.31.167.0/24 maxlen: 24
172.103.88.0/21 maxlen: 21
185.47.193.0/24 maxlen: 24
185.47.194.0/24 maxlen: 24
2a03:780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183273191 (0xaec86e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78811e8e36e22280bb2f65a7d2c6034ecf86716c
Validity
Not Before: Apr 6 13:37:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ff3c8b83346c6204ba5130d506e104d0fe7a5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:66:8e:51:0e:3b:69:64:12:7a:9f:dc:74:ff:
6b:b1:d6:48:9d:6d:a2:ed:ec:60:2b:f5:2e:5b:62:
46:cc:0e:b5:04:f3:ae:e3:62:b6:12:1d:8b:00:35:
0f:8d:60:cb:f3:88:d3:60:fa:05:74:26:ff:f3:d9:
cd:67:4b:d9:9f:8c:4f:1d:9d:b4:fc:61:08:6d:75:
f0:ca:6d:d1:17:b6:86:b6:a4:87:c0:f0:a7:83:90:
c4:e7:a8:f9:7e:36:c0:39:0c:6f:7b:c4:40:6c:1b:
d6:36:23:c6:19:35:db:f1:08:2f:36:b1:3b:7f:97:
8b:7d:4f:23:4d:0c:78:d2:6b:05:06:a2:74:eb:cd:
03:c0:ab:c2:de:89:ad:b7:25:e9:55:a3:70:19:44:
68:a6:02:0f:cb:74:b5:93:0e:2c:5b:66:09:07:2d:
4a:bf:a0:4f:1e:1c:44:1e:4a:a1:bb:81:d4:c0:31:
54:00:1a:50:81:15:35:1f:af:ad:50:90:60:4f:bd:
4a:0b:82:33:ed:59:2f:ac:a8:ae:01:98:3d:9f:35:
92:4a:3c:d2:e0:b5:4b:f9:95:85:bd:3e:e3:8d:b6:
ae:aa:a7:ab:6f:86:45:a1:29:92:46:48:c6:ee:51:
07:bc:1f:65:9a:45:45:23:43:b7:a8:c2:41:b2:87:
9d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F3:C8:B8:33:46:C6:20:4B:A5:13:0D:50:6E:10:4D:0F:E7:A5:EA
X509v3 Authority Key Identifier:
keyid:78:81:1E:8E:36:E2:22:80:BB:2F:65:A7:D2:C6:03:4E:CF:86:71:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/D_PIuDNGxiBLpRMNUG4QTQ_npeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/eIEejjbiIoC7L2Wn0sYDTs-GcWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.163.0/24
31.31.166.0/23
81.25.144.0/20
146.66.232.0/21
172.103.88.0/21
185.16.200.0/22
185.47.193.0-185.47.194.255
185.80.216.0/22
194.37.249.0/24
207.189.192.0/20
213.244.240.0/21
216.158.96.0/20
IPv6:
2a03:780::/32
Signature Algorithm: sha256WithRSAEncryption
5c:de:f4:7c:85:a4:a6:d0:37:59:97:a7:cf:30:65:01:3b:9b:
01:e1:e5:b8:e6:ac:f1:1e:5d:ce:0e:d5:eb:7b:59:2d:45:8f:
2a:82:13:79:57:e2:0e:de:e9:be:2c:09:74:8f:07:a9:73:42:
19:53:b0:66:9f:73:e9:23:f0:7c:b0:3b:58:48:3e:cd:cb:89:
c2:02:da:8e:b6:c4:6a:81:6d:4a:2d:97:d3:fa:09:1a:1d:c6:
6b:95:06:f2:43:45:20:b4:5d:66:16:02:68:ed:78:34:f5:db:
ba:6f:76:1c:69:9e:9c:e8:27:f0:b5:e6:04:7f:3d:f3:99:93:
e8:cf:31:1b:0d:45:01:4b:07:15:fd:aa:e7:c7:2f:d7:8d:d6:
ae:d7:33:bf:c7:c7:69:31:d2:17:1e:64:41:d3:cb:b3:e6:4d:
97:e6:3f:b7:36:34:9f:71:a6:03:95:47:11:7a:c9:14:a2:62:
f9:a2:05:c4:1c:7b:02:bf:59:c3:0e:0f:d1:8d:b4:36:72:9d:
49:59:5d:82:34:f2:65:4d:49:15:87:e9:3a:df:c9:cd:21:ca:
84:a0:2f:8d:34:66:22:fb:0e:cf:da:ae:25:8b:df:5c:bb:a7:
90:25:96:12:83:c9:38:8e:a4:cc:f9:63:57:3b:be:65:7d:a8:
8d:3b:36:14
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIECuyG5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODgxMWU4ZTM2ZTIyMjgwYmIyZjY1YTdkMmM2MDM0ZWNmODY3MTZjMB4XDTIyMDQw
NjEzMzcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZmM2M4YjgzMzQ2
YzYyMDRiYTUxMzBkNTA2ZTEwNGQwZmU3YTVlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZmjlEOO2lkEnqf3HT/a7HWSJ1tou3sYCv1LltiRswOtQTz
ruNithIdiwA1D41gy/OI02D6BXQm//PZzWdL2Z+MTx2dtPxhCG118Mpt0Re2hrak
h8Dwp4OQxOeo+X42wDkMb3vEQGwb1jYjxhk12/EILzaxO3+Xi31PI00MeNJrBQai
dOvNA8Crwt6Jrbcl6VWjcBlEaKYCD8t0tZMOLFtmCQctSr+gTx4cRB5KobuB1MAx
VAAaUIEVNR+vrVCQYE+9SguCM+1ZL6yorgGYPZ81kko80uC1S/mVhb0+4422rqqn
q2+GRaEpkkZIxu5RB7wfZZpFRSNDt6jCQbKHnaUCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQP88i4M0bGIEulEw1QbhBND+el6jAfBgNVHSMEGDAWgBR4gR6ONuIigLsv
ZafSxgNOz4ZxbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VJRWVqamJpSW9DN0wyV24wc1lEVHMtR2NXdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvMTcxMjUxLTZhNzUtNGU5ZS1hY2YwLTgyNWU1YTA2MWRmOS8x
L0RfUEl1RE5HeGlCTHBSTU5VRzRRVFFfbnBlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
MTcxMjUxLTZhNzUtNGU5ZS1hY2YwLTgyNWU1YTA2MWRmOS8xL2VJRWVqamJpSW9D
N0wyV24wc1lEVHMtR2NXdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwVgQCAAEwUAMEAB8fowMEAR8fpgMEBFEZkAMEA5JC
6AMEA6xnWAMEArkQyDAMAwQAuS/BAwQAuS/CAwQCuVDYAwQAwiX5AwQEz73AAwQD
1fTwAwQE2J5gMA0EAgACMAcDBQAqAweAMA0GCSqGSIb3DQEBCwUAA4IBAQBc3vR8
haSm0DdZl6fPMGUBO5sB4eW45qzxHl3ODtXre1ktRY8qghN5V+IO3um+LAl0jwep
c0IZU7Bmn3PpI/B8sDtYSD7Ny4nCAtqOtsRqgW1KLZfT+gkaHcZrlQbyQ0UgtF1m
FgJo7Xg09du6b3YcaZ6c6CfwteYEfz3zmZPozzEbDUUBSwcV/arnxy/Xjdau1zO/
x8dpMdIXHmRB08uz5k2X5j+3NjSfcaYDlUcReskUomL5ogXEHHsCv1nDDg/RjbQ2
cp1JWV2CNPJlTUkVh+k638nNIcqEoC+NNGYi+w7P2q4li99cu6eQJZYSg8k4jqTM
+WNXO75lfaiNOzYU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:00 2024 by rpki-client on console-fra.rpki-client.org