Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nMvuhWCbRtzJub-mm9CSjGYrStQ.roa
File: nMvuhWCbRtzJub-mm9CSjGYrStQ.roa (raw, json)
Hash identifier: 0ZhjyxIF5PYBZqqSHy333dfYqIUKvES3FgIdD9mbFvU=
Subject key identifier: 9C:CB:EE:85:60:9B:46:DC:C9:B9:BF:A6:9B:D0:92:8C:66:2B:4A:D4
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018211E18EC2809EE9F67ED5A8973DCAD3AD
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nMvuhWCbRtzJub-mm9CSjGYrStQ.roa
Signing time: Mon 18 Jul 2022 15:16:10 +0000
ROA not before: Mon 18 Jul 2022 15:16:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 185.125.200.0/22 maxlen: 24
95.140.152.0/21 maxlen: 21
80.90.184.0/21 maxlen: 21
80.90.180.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:11:e1:8e:c2:80:9e:e9:f6:7e:d5:a8:97:3d:ca:d3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jul 18 15:16:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ccbee85609b46dcc9b9bfa69bd0928c662b4ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:80:90:b7:77:b9:ff:4f:82:4a:3e:fb:98:89:
c3:83:38:d6:8b:85:41:3c:d1:5d:bc:50:f7:ac:4f:
e3:a2:6e:b9:77:b2:7c:5e:33:a2:d0:27:1f:60:03:
e2:d3:5d:9a:ca:b7:d9:ab:89:24:1d:92:73:dc:f0:
01:b7:48:aa:b5:59:3f:14:f8:3c:c5:99:f1:a6:de:
01:cc:b1:3e:38:39:ab:b7:ac:49:7d:ce:73:ec:75:
70:97:37:64:04:6c:58:bd:fc:53:c5:47:1d:fd:27:
56:e6:ac:f6:91:89:ff:a5:e7:b7:e7:b0:98:c8:84:
7c:00:91:14:06:3a:c2:a4:cd:c8:8d:33:f6:57:64:
21:66:2a:c3:36:0f:8f:1f:ba:ca:c2:e9:36:5e:ce:
3f:ca:04:3d:c4:bb:41:45:c8:80:57:6c:96:75:c8:
9d:ee:d6:84:ab:1c:f6:68:4d:a1:4d:d8:96:30:6f:
0f:b5:73:0e:6e:ab:82:f0:b7:b8:96:29:fb:f9:22:
a3:d1:9e:6e:bc:29:ec:f9:6c:82:7f:8f:a4:8f:e8:
81:ff:1b:76:48:87:24:a8:4b:da:c5:5e:10:9d:cd:
4f:9a:4c:3f:98:68:18:3d:41:6d:e4:25:fe:36:aa:
23:de:7e:be:76:e9:9d:4d:2d:d9:5f:17:a1:a6:01:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CB:EE:85:60:9B:46:DC:C9:B9:BF:A6:9B:D0:92:8C:66:2B:4A:D4
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/nMvuhWCbRtzJub-mm9CSjGYrStQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.180.0-80.90.191.255
95.140.152.0/21
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:8e:68:06:83:54:03:eb:bc:39:77:92:bb:42:64:26:e8:76:
b7:85:17:09:cc:8b:89:66:5c:ac:e8:54:d1:c2:d7:91:d5:9c:
09:dd:46:de:75:70:1c:b6:15:a0:c9:03:0a:30:b1:15:a5:2a:
1b:c3:66:58:12:6b:b3:43:2a:6c:69:39:07:d5:2c:f4:92:4f:
8e:e2:3d:65:02:f0:84:dd:0f:4e:6d:ed:f6:8b:55:9f:96:2a:
f9:4e:a8:d6:9a:8d:9d:de:c3:06:70:e3:36:87:59:1e:cc:be:
cc:14:4a:00:dc:5a:86:c1:6b:de:f0:60:cb:d0:f9:9c:e5:2b:
9e:73:6a:87:2a:c2:e1:c7:f2:c1:46:dc:09:60:76:8b:54:03:
50:17:d1:52:d1:58:bd:7c:ed:df:cf:22:f7:ea:0f:17:57:36:
07:7c:12:2b:d6:71:6f:3c:59:d1:38:68:31:97:37:6c:ec:f8:
82:53:00:28:dc:1f:8c:9b:68:13:76:3d:a7:e0:43:57:ee:32:
4d:ae:82:aa:f2:68:9f:e2:7a:50:ea:fb:ef:e1:e2:68:36:b5:
37:ab:08:dc:e9:b6:c5:e0:9d:67:79:bb:31:69:3b:02:8d:6d:
0c:e7:db:07:5d:58:8d:d7:17:a9:b4:d1:a2:ce:b2:1e:9b:c7:
a0:bb:e0:bb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYIR4Y7CgJ7p9n7VqJc9ytOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjIwNzE4MTUxNjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NiZWU4NTYwOWI0NmRjYzliOWJmYTY5YmQwOTI4YzY2MmI0YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4CQt3e5/0+CSj77mInDgzjWi4VB
PNFdvFD3rE/jom65d7J8XjOi0CcfYAPi012ayrfZq4kkHZJz3PABt0iqtVk/FPg8
xZnxpt4BzLE+ODmrt6xJfc5z7HVwlzdkBGxYvfxTxUcd/SdW5qz2kYn/pee357CY
yIR8AJEUBjrCpM3IjTP2V2QhZirDNg+PH7rKwuk2Xs4/ygQ9xLtBRciAV2yWdcid
7taEqxz2aE2hTdiWMG8PtXMObquC8Le4lin7+SKj0Z5uvCns+WyCf4+kj+iB/xt2
SIckqEvaxV4Qnc1Pmkw/mGgYPUFt5CX+Nqoj3n6+dumdTS3ZXxehpgHh/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJzL7oVgm0bcybm/ppvQkoxmK0rUMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvbk12dWhXQ2JSdHpKdWItbW05Q1NqR1lyU3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAJQWrQD
BAZQWoADBANfjJgDBAK5fcgwDQYJKoZIhvcNAQELBQADggEBALiOaAaDVAPrvDl3
krtCZCbodreFFwnMi4lmXKzoVNHC15HVnAndRt51cBy2FaDJAwowsRWlKhvDZlgS
a7NDKmxpOQfVLPSST47iPWUC8ITdD05t7faLVZ+WKvlOqNaajZ3ewwZw4zaHWR7M
vswUSgDcWobBa97wYMvQ+ZzlK55zaocqwuHH8sFG3AlgdotUA1AX0VLRWL187d/P
IvfqDxdXNgd8EivWcW88WdE4aDGXN2zs+IJTACjcH4ybaBN2PafgQ1fuMk2ugqry
aJ/ielDq++/h4mg2tTerCNzptsXgnWd5uzFpOwKNbQzn2wddWI3XF6m00aLOsh6b
x6C74Ls=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:41 2023 by rpki-client on console-fra.rpki-client.org