Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/se4pVXhafYPfJtntqTgjUApLig8.roa
File: se4pVXhafYPfJtntqTgjUApLig8.roa (raw, json)
Hash identifier: qiciD42IRjlxN1IzJ6AHz2WCicL1sGRTtaR/ZLrdqdU=
Subject key identifier: B1:EE:29:55:78:5A:7D:83:DF:26:D9:ED:A9:38:23:50:0A:4B:8A:0F
Certificate issuer: /CN=3618be04417a6bcb9f33942a631518be533ffaf4
Certificate serial: 018535BF63EE55614D7541B7B865175ACE88
Authority key identifier: 36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/se4pVXhafYPfJtntqTgjUApLig8.roa
Signing time: Wed 21 Dec 2022 17:33:33 +0000
ROA not before: Wed 21 Dec 2022 17:33:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42346
IP address blocks: 185.93.216.0/22 maxlen: 22
109.106.32.0/21 maxlen: 21
109.106.40.0/22 maxlen: 22
185.127.172.0/22 maxlen: 22
2a00:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:bf:63:ee:55:61:4d:75:41:b7:b8:65:17:5a:ce:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3618be04417a6bcb9f33942a631518be533ffaf4
Validity
Not Before: Dec 21 17:33:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1ee2955785a7d83df26d9eda93823500a4b8a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:4b:6b:07:c9:15:ea:ca:cb:66:3f:ce:8e:
31:c5:bf:3a:76:9f:e0:b1:6b:a0:00:c3:d4:d2:f1:
6b:6c:54:b7:76:33:64:51:56:5e:2c:68:94:13:75:
10:e6:6a:48:b2:4a:7e:1c:fb:24:ff:6c:31:69:e4:
e0:79:b6:c9:e2:2f:24:e3:cd:f0:46:cc:38:d7:0a:
ec:6f:7c:6b:d2:15:b8:75:82:fa:c4:46:82:cf:55:
23:60:31:4e:4f:e1:43:4e:4f:0c:41:c9:86:77:56:
37:5e:69:89:62:4a:ba:02:78:3c:9b:ab:00:1f:97:
83:f8:3b:a2:72:33:b1:69:d4:09:6f:f9:b7:a2:ba:
cf:e1:ce:b8:98:3f:11:e2:02:04:2b:eb:1f:a1:9f:
df:ef:70:84:b1:5f:9b:3b:b4:2f:31:9e:02:14:50:
7d:33:de:98:83:eb:95:5f:f6:a3:67:35:2b:a3:e2:
57:ac:34:72:0a:fb:5c:20:71:77:a3:fb:5d:d7:04:
69:ea:96:4e:d0:b6:44:16:d4:aa:9d:d3:fb:f9:41:
c8:ed:9a:9c:ec:cf:65:75:be:71:24:0f:14:7d:fc:
e3:ea:7f:4c:fc:81:79:32:dd:15:85:79:61:9a:1e:
0a:60:c0:1c:b5:d9:fa:72:ef:c9:c1:16:b9:c7:ca:
18:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EE:29:55:78:5A:7D:83:DF:26:D9:ED:A9:38:23:50:0A:4B:8A:0F
X509v3 Authority Key Identifier:
keyid:36:18:BE:04:41:7A:6B:CB:9F:33:94:2A:63:15:18:BE:53:3F:FA:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/se4pVXhafYPfJtntqTgjUApLig8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/2061d9-649a-4136-8c93-2268e97a8bc1/1/Nhi-BEF6a8ufM5QqYxUYvlM_-vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.32.0-109.106.43.255
185.93.216.0/22
185.127.172.0/22
IPv6:
2a00:5480::/29
Signature Algorithm: sha256WithRSAEncryption
8c:d8:e3:6c:ee:0f:4c:9e:8e:4d:5e:57:e7:67:94:c8:a6:f7:
dc:be:54:d5:a3:b4:87:de:b1:9c:69:be:9f:8a:9a:9f:71:68:
05:ee:87:dd:c3:2b:2a:b0:2b:ee:21:13:93:a3:72:7b:c2:f9:
a0:83:51:3a:c0:a3:81:24:79:60:6f:d5:61:6f:dd:c9:6e:2b:
f0:83:fb:18:dd:4b:57:29:c7:61:6e:1d:9b:17:77:d0:7b:62:
e5:01:e5:55:60:80:ea:4f:33:d6:77:31:0b:1d:4f:63:ff:39:
a7:8e:d2:27:94:44:29:18:56:2b:f5:4a:2d:1a:bc:0c:2f:95:
fc:4b:2a:e3:2d:1c:a5:be:34:45:ad:12:b2:74:07:6a:ff:f6:
56:67:69:86:bf:16:c4:35:30:5f:ac:f6:4a:f5:1f:d6:10:dd:
19:7b:41:d1:41:78:28:e1:c9:4e:77:06:6f:93:d1:4a:45:b5:
0d:3f:b2:c3:f3:10:eb:fd:ab:9d:17:09:8f:5a:95:f8:63:18:
22:e5:85:04:65:ba:cd:46:a9:74:c6:c7:32:90:92:b5:48:bf:
d3:6c:f8:87:eb:d8:1d:16:71:75:55:bb:ad:1e:3c:23:4a:1c:
d6:aa:40:de:b3:ab:94:7e:10:d1:68:a6:0e:8a:cc:72:96:e8:
4c:19:f7:4b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYU1v2PuVWFNdUG3uGUXWs6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MThiZTA0NDE3YTZiY2I5ZjMzOTQyYTYzMTUxOGJlNTMz
ZmZhZjQwHhcNMjIxMjIxMTczMzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWVlMjk1NTc4NWE3ZDgzZGYyNmQ5ZWRhOTM4MjM1MDBhNGI4YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnm9LawfJFerKy2Y/zo4xxb86dp/g
sWugAMPU0vFrbFS3djNkUVZeLGiUE3UQ5mpIskp+HPsk/2wxaeTgebbJ4i8k483w
Rsw41wrsb3xr0hW4dYL6xEaCz1UjYDFOT+FDTk8MQcmGd1Y3XmmJYkq6Ang8m6sA
H5eD+DuicjOxadQJb/m3orrP4c64mD8R4gIEK+sfoZ/f73CEsV+bO7QvMZ4CFFB9
M96Yg+uVX/ajZzUro+JXrDRyCvtcIHF3o/td1wRp6pZO0LZEFtSqndP7+UHI7Zqc
7M9ldb5xJA8Uffzj6n9M/IF5Mt0VhXlhmh4KYMActdn6cu/JwRa5x8oYSwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLHuKVV4Wn2D3ybZ7ak4I1AKS4oPMB8GA1UdIwQY
MBaAFDYYvgRBemvLnzOUKmMVGL5TP/r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMt
MjI2OGU5N2E4YmMxLzEvc2U0cFZYaGFmWVBmSnRudHFUZ2pVQXBMaWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMDYxZDktNjQ5YS00MTM2LThjOTMtMjI2OGU5N2E4YmMx
LzEvTmhpLUJFRjZhOHVmTTVRcVl4VVl2bE1fLXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAVtaiAD
BAJtaigDBAK5XdgDBAK5f6wwDQQCAAIwBwMFAyoAVIAwDQYJKoZIhvcNAQELBQAD
ggEBAIzY42zuD0yejk1eV+dnlMim99y+VNWjtIfesZxpvp+Kmp9xaAXuh93DKyqw
K+4hE5OjcnvC+aCDUTrAo4EkeWBv1WFv3cluK/CD+xjdS1cpx2FuHZsXd9B7YuUB
5VVggOpPM9Z3MQsdT2P/OaeO0ieURCkYViv1Si0avAwvlfxLKuMtHKW+NEWtErJ0
B2r/9lZnaYa/FsQ1MF+s9kr1H9YQ3Rl7QdFBeCjhyU53Bm+T0UpFtQ0/ssPzEOv9
q50XCY9alfhjGCLlhQRlus1GqXTGxzKQkrVIv9Ns+Ifr2B0WcXVVu60ePCNKHNaq
QN6zq5R+ENFopg6KzHKW6EwZ90s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org