Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/1-nkbba6UVCNpz6MElNFbvoIu090.roa
File: 1-nkbba6UVCNpz6MElNFbvoIu090.roa (raw, json)
Hash identifier: DvQxmvfilAtwdgM3Z/E7xappy8mGcSFlTMtgtpWGeBE=
Subject key identifier: FA:79:1B:6D:AE:94:54:23:69:CF:A3:04:94:D1:5B:BE:82:2E:D3:DD
Certificate issuer: /CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Certificate serial: 0D2F874F
Authority key identifier: FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/1-nkbba6UVCNpz6MElNFbvoIu090.roa
Signing time: Sat 01 Jan 2022 13:56:19 +0000
ROA not before: Sat 01 Jan 2022 13:56:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29081
IP address blocks: 5.253.216.0/22 maxlen: 22
62.212.160.0/19 maxlen: 19
185.225.88.0/22 maxlen: 22
185.108.200.0/22 maxlen: 22
45.90.68.0/22 maxlen: 22
2a00:1f30::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221218639 (0xd2f874f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Validity
Not Before: Jan 1 13:56:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa791b6dae94542369cfa30494d15bbe822ed3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4a:b6:05:cb:31:87:9c:ec:c2:f1:41:ed:35:
01:4a:28:6f:36:7c:59:4a:ef:6f:48:68:dd:d3:d4:
f4:0c:4a:3c:0d:a0:6c:b3:92:2a:8a:1e:87:78:a4:
ab:d5:76:9f:74:44:59:d5:0b:9e:90:69:e6:d4:89:
7c:82:9e:ce:b0:48:84:1b:7d:e1:15:ac:bb:e9:fd:
5a:b8:c6:74:5c:e7:16:25:c9:29:7b:c2:82:57:56:
2b:20:1b:fa:13:4d:a0:49:b7:01:dc:75:4a:09:87:
bf:76:d5:0f:23:23:fb:31:1a:9a:72:70:76:84:95:
de:72:d4:c2:aa:55:1b:25:7f:50:8f:9f:9e:48:dd:
f8:06:77:75:24:0a:17:79:e9:07:b6:92:92:95:d1:
0d:da:ea:e4:c3:a3:81:30:4c:4e:37:0f:2f:11:94:
3a:d1:ae:a3:1e:a8:de:8c:58:c7:0f:01:eb:31:63:
e5:2c:91:17:36:70:e8:f1:2d:ec:35:99:ea:55:ca:
ae:ad:49:79:7f:af:45:70:cc:97:2e:03:42:54:94:
a2:38:b6:84:2c:8e:40:1a:9a:7e:6b:ae:41:91:56:
ab:c0:22:7f:59:38:87:b1:15:e3:8f:04:32:6c:d1:
fe:1c:a5:25:1d:61:5a:5d:87:21:b3:a7:60:9d:12:
2e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:79:1B:6D:AE:94:54:23:69:CF:A3:04:94:D1:5B:BE:82:2E:D3:DD
X509v3 Authority Key Identifier:
keyid:FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/1-nkbba6UVCNpz6MElNFbvoIu090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.216.0/22
45.90.68.0/22
62.212.160.0/19
185.108.200.0/22
185.225.88.0/22
IPv6:
2a00:1f30::/29
Signature Algorithm: sha256WithRSAEncryption
2d:8e:a6:6f:38:68:e4:57:17:22:98:99:b8:aa:15:b5:c6:2f:
aa:4e:f6:d2:c5:f7:77:e9:df:cd:70:f3:02:8c:e4:25:10:90:
8a:1c:a9:4b:c3:0f:d1:1b:c7:da:13:81:2d:63:fb:c3:d4:64:
57:1c:c5:5f:29:da:df:80:c1:1c:d8:66:f1:9e:eb:16:9c:eb:
9a:77:f8:eb:52:16:e0:d1:9f:5e:20:5d:73:ee:0d:ed:f9:13:
4f:6d:1e:65:7c:3e:78:5d:2e:8e:81:44:52:89:0b:a9:e5:68:
9e:d0:be:d4:fd:69:df:5c:7d:e2:b2:e6:c8:32:ec:0c:ea:87:
86:33:6c:41:3f:b3:a1:1a:7a:09:76:7f:64:54:16:51:60:83:
a2:2e:13:43:14:1e:37:d8:21:0e:8c:fd:21:52:7f:a3:f1:a2:
52:dc:0e:f6:20:7b:b3:6a:16:be:35:ca:3b:9b:7a:be:56:19:
96:79:c0:98:75:d0:64:2c:88:b9:73:f3:99:4e:ba:5d:bc:a2:
06:d0:96:91:fd:61:64:88:41:0d:fa:d1:72:8f:fa:b8:44:71:
bb:1d:64:f8:c4:58:e5:27:58:ad:28:6f:57:7d:2c:c7:11:60:
f0:54:48:f1:ee:a7:2f:2b:e0:75:dc:fb:8d:97:46:6c:0f:1d:
d6:71:35:37
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEDS+HTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZGNiZjdhMmE0M2IxODBkNzIyYjM3NjMxZTg3OWFmYTFiOWE1ZWRiMB4XDTIyMDEw
MTEzNTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE3OTFiNmRhZTk0
NTQyMzY5Y2ZhMzA0OTRkMTViYmU4MjJlZDNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5KtgXLMYec7MLxQe01AUoobzZ8WUrvb0ho3dPU9AxKPA2g
bLOSKooeh3ikq9V2n3REWdULnpBp5tSJfIKezrBIhBt94RWsu+n9WrjGdFznFiXJ
KXvCgldWKyAb+hNNoEm3Adx1SgmHv3bVDyMj+zEamnJwdoSV3nLUwqpVGyV/UI+f
nkjd+AZ3dSQKF3npB7aSkpXRDdrq5MOjgTBMTjcPLxGUOtGuox6o3oxYxw8B6zFj
5SyRFzZw6PEt7DWZ6lXKrq1JeX+vRXDMly4DQlSUoji2hCyOQBqafmuuQZFWq8Ai
f1k4h7EV448EMmzR/hylJR1hWl2HIbOnYJ0SLo8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBT6eRttrpRUI2nPowSU0Vu+gi7T3TAfBgNVHSMEGDAWgBT9y/eipDsYDXIr
N2Meh5r6G5pe2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19jdjNvcVE3R0ExeUt6ZGpIb2VhLWh1YVh0cy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvZjlhOTNjLTBkNjktNDRlYy04NDQ1LWY1OGE1Yjg4YzczZS8x
LzEtbmtiYmE2VVZDTnB6Nk1FbE5GYnZvSXUwOTAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ez
L2Y5YTkzYy0wZDY5LTQ0ZWMtODQ0NS1mNThhNWI4OGM3M2UvMS9fY3Yzb3FRN0dB
MXlLemRqSG9lYS1odWFYdHMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
RgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAIF/dgDBAItWkQDBAU+1KADBAK5
bMgDBAK54VgwDQQCAAIwBwMFAyoAHzAwDQYJKoZIhvcNAQELBQADggEBAC2Opm84
aORXFyKYmbiqFbXGL6pO9tLF93fp381w8wKM5CUQkIocqUvDD9Ebx9oTgS1j+8PU
ZFccxV8p2t+AwRzYZvGe6xac65p3+OtSFuDRn14gXXPuDe35E09tHmV8PnhdLo6B
RFKJC6nlaJ7QvtT9ad9cfeKy5sgy7Azqh4YzbEE/s6Eaegl2f2RUFlFgg6IuE0MU
HjfYIQ6M/SFSf6PxolLcDvYge7NqFr41yjuber5WGZZ5wJh10GQsiLlz85lOul28
ogbQlpH9YWSIQQ360XKP+rhEcbsdZPjEWOUnWK0ob1d9LMcRYPBUSPHupy8r4HXc
+42XRmwPHdZxNTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org