Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/9y15B25sBPT4pCMVugVkUXRE0Rw.roa
File: 9y15B25sBPT4pCMVugVkUXRE0Rw.roa (raw, json)
Hash identifier: laZBvWezThdK3q6p5IPBJzDlmXcMhz1K2oBoRNXfmLs=
Subject key identifier: F7:2D:79:07:6E:6C:04:F4:F8:A4:23:15:BA:05:64:51:74:44:D1:1C
Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4
Certificate serial: 018535BFF53D171FA5FB078AB76954D81888
Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/9y15B25sBPT4pCMVugVkUXRE0Rw.roa
Signing time: Wed 21 Dec 2022 17:34:10 +0000
ROA not before: Wed 21 Dec 2022 17:34:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.93.216.0/22 maxlen: 22
109.106.32.0/21 maxlen: 21
109.106.40.0/22 maxlen: 22
185.127.172.0/22 maxlen: 22
2a00:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:bf:f5:3d:17:1f:a5:fb:07:8a:b7:69:54:d8:18:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4
Validity
Not Before: Dec 21 17:34:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f72d79076e6c04f4f8a42315ba0564517444d11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:72:38:18:95:50:0f:e4:40:dd:03:48:33:a0:
ec:0a:b6:07:5f:7a:4f:4c:0a:a0:38:81:46:11:ae:
3a:ef:ef:3a:a9:62:ec:82:8a:49:8e:f7:e6:7e:5c:
c9:b3:3f:18:ea:71:bb:e9:b1:ec:a7:5c:8f:74:f3:
61:d5:62:59:ec:7d:13:ba:7d:31:a6:c5:bc:aa:a2:
b8:e4:fc:f0:04:0e:2f:02:56:e8:85:8e:bf:4e:d5:
82:2d:8b:81:04:9c:2f:01:19:12:67:ef:60:c8:4f:
4c:e8:6f:40:56:46:99:18:e1:f4:69:cc:f6:0e:f1:
90:4e:52:bd:41:47:d0:48:fe:8e:14:dd:dc:cf:61:
67:a4:85:22:35:98:8d:c4:60:b3:61:89:02:f1:04:
8e:83:29:96:38:56:c2:15:7e:68:fa:4a:83:b3:5e:
a2:c2:bd:7b:13:44:30:25:2c:8e:70:9b:90:44:1e:
65:5f:a8:3f:5b:d7:60:65:bb:bc:74:8f:53:5a:c0:
36:69:5d:4c:b2:3b:ec:c6:76:a5:13:6a:6b:4e:ba:
51:21:8c:8b:a7:c8:a1:82:64:af:bb:2f:59:3b:9d:
10:d3:dc:2e:96:fa:07:e8:09:5b:eb:47:17:ff:c5:
bf:6b:64:7f:2c:44:da:fc:65:1d:9d:e9:5d:aa:fe:
d7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2D:79:07:6E:6C:04:F4:F8:A4:23:15:BA:05:64:51:74:44:D1:1C
X509v3 Authority Key Identifier:
keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/9y15B25sBPT4pCMVugVkUXRE0Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.32.0-109.106.43.255
185.93.216.0/22
185.127.172.0/22
IPv6:
2a00:5480::/29
Signature Algorithm: sha256WithRSAEncryption
72:40:35:22:89:0c:1a:a4:b8:9a:13:04:58:6c:28:c9:bb:bb:
b0:35:74:4c:46:5e:66:7f:fc:21:ba:cb:bb:6a:33:50:7f:45:
69:b4:f4:01:1a:b3:d3:d1:d0:22:e7:2f:8f:32:47:6f:7f:cd:
67:c6:5c:e0:f9:5b:13:d5:24:19:31:55:37:63:59:f7:1f:ef:
e8:8a:57:42:3d:b4:8e:f6:96:86:16:23:46:0f:3e:52:c4:a0:
77:0e:2b:67:82:2b:99:3f:dd:ae:33:1e:92:78:59:5b:6f:0a:
59:c0:b5:0f:05:4e:ca:22:55:81:ac:d4:be:85:24:a8:3d:ed:
87:ed:f2:44:0b:10:ba:39:96:2c:36:c5:1a:cb:7c:c3:6a:c8:
ce:df:98:f4:d2:d5:99:18:c9:65:20:3b:83:ee:f8:2b:64:51:
bb:88:ff:e3:4e:d8:8a:eb:cb:e4:97:db:73:3f:1a:92:b8:a9:
c9:3e:8c:64:d1:fa:86:32:ea:5f:bb:d6:d8:6f:a4:62:58:a0:
ef:62:a9:dc:09:b3:60:14:f0:f6:de:4b:93:41:d6:55:f5:d9:
40:f1:ed:e2:70:11:ac:1f:4a:d8:08:b9:83:4d:55:6e:7c:ac:
36:53:3d:b4:44:1b:b4:5c:8a:3d:6a:c3:4e:77:52:92:6b:5d:
aa:52:a5:07
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYU1v/U9Fx+l+weKt2lU2BiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz
ZmZhZjQwHhcNMjIxMjIxMTczNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJkNzkwNzZlNmMwNGY0ZjhhNDIzMTViYTA1NjQ1MTc0NDRkMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknI4GJVQD+RA3QNIM6DsCrYHX3pP
TAqgOIFGEa467+86qWLsgopJjvfmflzJsz8Y6nG76bHsp1yPdPNh1WJZ7H0Tun0x
psW8qqK45PzwBA4vAlbohY6/TtWCLYuBBJwvARkSZ+9gyE9M6G9AVkaZGOH0acz2
DvGQTlK9QUfQSP6OFN3cz2FnpIUiNZiNxGCzYYkC8QSOgymWOFbCFX5o+kqDs16i
wr17E0QwJSyOcJuQRB5lX6g/W9dgZbu8dI9TWsA2aV1MsjvsxnalE2prTrpRIYyL
p8ihgmSvuy9ZO50Q09wulvoH6Alb60cX/8W/a2R/LETa/GUdneldqv7XGQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPcteQdubAT0+KQjFboFZFF0RNEcMB8GA1UdIwQY
MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt
MjI2OGU5N2E4YmMxLzEvOXkxNUIyNXNCUFQ0cENNVnVnVmtVWFJFMFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx
LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAVtaiAD
BAJtaigDBAK5XdgDBAK5f6wwDQQCAAIwBwMFAyoAVIAwDQYJKoZIhvcNAQELBQAD
ggEBAHJANSKJDBqkuJoTBFhsKMm7u7A1dExGXmZ//CG6y7tqM1B/RWm09AEas9PR
0CLnL48yR29/zWfGXOD5WxPVJBkxVTdjWfcf7+iKV0I9tI72loYWI0YPPlLEoHcO
K2eCK5k/3a4zHpJ4WVtvClnAtQ8FTsoiVYGs1L6FJKg97Yft8kQLELo5liw2xRrL
fMNqyM7fmPTS1ZkYyWUgO4Pu+CtkUbuI/+NO2Irry+SX23M/GpK4qck+jGTR+oYy
6l+71thvpGJYoO9iqdwJs2AU8PbeS5NB1lX12UDx7eJwEawfStgIuYNNVW58rDZT
PbREG7Rcij1qw053UpJrXapSpQc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org