Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/oEMG6dVBhd6ib7T7Bbs31sdfoGI.roa
File: oEMG6dVBhd6ib7T7Bbs31sdfoGI.roa (raw, json)
Hash identifier: PJ0sVW8Cu20SfiE4GO7KvItReuPG1zekNlomWRBJ694=
Subject key identifier: A0:43:06:E9:D5:41:85:DE:A2:6F:B4:FB:05:BB:37:D6:C7:5F:A0:62
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 07B2BB60
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/oEMG6dVBhd6ib7T7Bbs31sdfoGI.roa
Signing time: Sat 01 Jan 2022 11:58:51 +0000
ROA not before: Sat 01 Jan 2022 11:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.9.248.0/22 maxlen: 22
130.93.0.0/17 maxlen: 17
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
130.93.128.0/18 maxlen: 22
185.122.160.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
2a02:ec00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129153888 (0x7b2bb60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Jan 1 11:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a04306e9d54185dea26fb4fb05bb37d6c75fa062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1e:c9:f0:37:ab:2e:c5:b9:27:73:9c:92:70:
d0:ce:9a:f2:d7:8a:b2:b3:18:ec:f0:dc:a7:f2:10:
a5:7c:b7:8d:8e:c6:70:9f:23:43:24:df:a1:26:78:
da:b4:83:15:41:fc:fe:2e:d2:1f:34:de:52:6b:c1:
71:7b:8c:9c:8c:75:81:da:ec:dc:80:72:c3:dd:36:
76:d5:c4:56:49:f4:cd:67:dc:93:9c:57:84:27:89:
72:f6:43:9d:26:fa:84:16:39:5a:43:a5:7e:57:8b:
3e:92:5a:cd:66:19:10:c9:52:18:59:62:59:17:77:
00:22:3d:a1:5d:98:5f:1c:d4:63:91:e5:12:8b:a0:
44:39:a5:88:0a:71:9c:f4:aa:70:d7:3f:ff:26:d1:
ed:66:c2:89:4b:35:40:0a:5f:67:89:5a:31:ea:83:
02:71:17:08:cb:81:a2:ac:af:0d:5c:98:9e:11:fb:
01:38:21:61:fd:18:83:df:59:54:45:09:88:18:fe:
1c:14:94:f7:47:61:6d:f2:02:22:c4:3a:5f:1e:7e:
86:a1:c4:57:1c:16:da:7d:a8:75:93:03:45:0f:4d:
71:9b:a6:d5:31:68:e4:a3:16:aa:6a:dc:18:f2:42:
b7:85:4e:73:a0:c5:19:c0:a0:a3:f1:dc:28:15:f1:
87:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:43:06:E9:D5:41:85:DE:A2:6F:B4:FB:05:BB:37:D6:C7:5F:A0:62
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/oEMG6dVBhd6ib7T7Bbs31sdfoGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
193.84.89.0/24
IPv6:
2a02:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:17:87:54:21:5c:b0:6a:c1:81:35:71:44:1e:70:ae:3b:4c:
fc:df:75:1d:68:45:be:28:7b:0a:af:3a:05:2e:04:a3:54:76:
b5:b6:33:fd:ca:61:5f:e4:90:97:ce:50:e4:ce:b3:cb:57:31:
7f:25:52:50:64:36:22:79:a1:ae:29:3a:54:08:47:77:9b:34:
3a:5d:42:79:d9:d9:8c:63:fb:aa:b9:75:b7:6b:78:47:87:04:
b3:db:fc:8d:13:38:7b:e3:9f:cf:c9:66:cc:60:c4:ae:5f:b0:
c0:8d:0e:bb:a1:5d:46:ae:97:95:5f:5d:3e:77:39:a1:8b:94:
e2:d1:58:fc:cb:53:f5:4c:01:b7:a3:96:e0:57:d5:6e:2a:5e:
bb:5a:d6:02:f4:1d:3f:af:ae:17:cc:2e:b1:cf:f7:e9:12:a2:
fb:78:60:fe:fc:08:1b:32:92:7e:34:9c:85:96:39:61:62:04:
20:83:a1:81:91:bc:3e:b5:64:cb:fd:c3:72:c6:46:d3:f0:07:
9e:c0:da:a8:39:1a:d8:11:a4:a6:42:87:22:eb:50:ed:ff:3f:
11:d7:25:0c:db:70:8c:c7:23:73:87:07:31:c5:3d:b2:54:80:
8f:59:1a:58:ad:55:60:0f:f0:75:9b:ce:94:85:15:d0:83:f9:
ed:a8:8c:e0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEB7K7YDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDVmYjNmZWIxNWMwM2M0ZDM0ZDlmZjQ0NGQ5YWQ3ZTMwMDY3MjA4MB4XDTIyMDEw
MTExNTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA0MzA2ZTlkNTQx
ODVkZWEyNmZiNGZiMDViYjM3ZDZjNzVmYTA2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALceyfA3qy7FuSdznJJw0M6a8teKsrMY7PDcp/IQpXy3jY7G
cJ8jQyTfoSZ42rSDFUH8/i7SHzTeUmvBcXuMnIx1gdrs3IByw902dtXEVkn0zWfc
k5xXhCeJcvZDnSb6hBY5WkOlfleLPpJazWYZEMlSGFliWRd3ACI9oV2YXxzUY5Hl
EougRDmliApxnPSqcNc//ybR7WbCiUs1QApfZ4laMeqDAnEXCMuBoqyvDVyYnhH7
ATghYf0Yg99ZVEUJiBj+HBSU90dhbfICIsQ6Xx5+hqHEVxwW2n2odZMDRQ9NcZum
1TFo5KMWqmrcGPJCt4VOc6DFGcCgo/HcKBXxhwsCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSgQwbp1UGF3qJvtPsFuzfWx1+gYjAfBgNVHSMEGDAWgBQ0X7P+sVwDxNNN
n/RE2a1+MAZyCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05GLXpfckZjQThUVFRaXzBSTm10ZmpBR2NnZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvYTQ0MmM1LWQxNGYtNDI5Zi1hNTE1LWJjNTRiMTIxMWI2MC8x
L29FTUc2ZFZCaGQ2aWI3VDdCYnMzMXNkZm9HSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
YTQ0MmM1LWQxNGYtNDI5Zi1hNTE1LWJjNTRiMTIxMWI2MC8xL05GLXpfckZjQThU
VFRaXzBSTm10ZmpBR2NnZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wPQQCAAEwNzALAwMAgl0DBAaCXYADBAK5CfgDBAK5
DAADBAK5eLADBAK5eqADBAK5hYADBAK5iUgDBADBVFkwDQQCAAIwBwMFAyoC7AAw
DQYJKoZIhvcNAQELBQADggEBAFsXh1QhXLBqwYE1cUQecK47TPzfdR1oRb4oewqv
OgUuBKNUdrW2M/3KYV/kkJfOUOTOs8tXMX8lUlBkNiJ5oa4pOlQIR3ebNDpdQnnZ
2Yxj+6q5dbdreEeHBLPb/I0TOHvjn8/JZsxgxK5fsMCNDruhXUaul5VfXT53OaGL
lOLRWPzLU/VMAbejluBX1W4qXrta1gL0HT+vrhfMLrHP9+kSovt4YP78CBsykn40
nIWWOWFiBCCDoYGRvD61ZMv9w3LGRtPwB57A2qg5GtgRpKZChyLrUO3/PxHXJQzb
cIzHI3OHBzHFPbJUgI9ZGlitVWAP8HWbzpSFFdCD+e2ojOA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org