Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/nfEgnKKEGjG_8GP4flYI2jLj4mM.roa
File: nfEgnKKEGjG_8GP4flYI2jLj4mM.roa (raw, json)
Hash identifier: djDW1B2wATMjAKq8fkCK7sDChdwiTfnXVldavWSA4dw=
Subject key identifier: 9D:F1:20:9C:A2:84:1A:31:BF:F0:63:F8:7E:56:08:DA:32:E3:E2:63
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 3667AB6F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/nfEgnKKEGjG_8GP4flYI2jLj4mM.roa
Signing time: Sat 01 Jan 2022 13:57:27 +0000
ROA not before: Sat 01 Jan 2022 13:57:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61971
IP address blocks: 93.119.104.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
89.33.192.0/22 maxlen: 22
89.33.192.0/24 maxlen: 24
89.33.193.0/24 maxlen: 24
89.33.194.0/24 maxlen: 24
89.33.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912763759 (0x3667ab6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9df1209ca2841a31bff063f87e5608da32e3e263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:73:35:ae:e4:28:ac:3f:ab:55:07:eb:39:dd:
5c:94:3f:31:79:75:01:05:f1:53:e3:df:be:e9:5f:
6b:c3:c8:88:03:14:db:e4:01:ab:cb:02:a7:e8:53:
1a:9a:4d:4f:fd:d6:f2:25:2b:9d:dd:41:44:d3:f7:
82:be:33:ef:8e:73:7f:49:75:f2:c5:13:56:0e:67:
52:af:a3:6a:2a:66:2f:64:9a:94:e9:6a:8d:a9:41:
b0:96:1c:d0:f3:9d:ef:df:3f:28:21:ff:93:be:d4:
6f:56:86:66:4b:6f:3a:71:47:32:f1:6b:b5:4b:89:
d2:b2:fc:24:52:87:a7:25:b4:11:bb:b3:7b:45:8c:
90:d5:03:d2:7f:cf:09:8f:07:b9:5c:5b:d9:12:db:
74:2d:b1:c6:4b:f7:e6:9b:53:e3:53:5b:02:67:37:
a4:98:04:90:36:dc:30:65:60:b0:66:2c:1e:3c:1e:
cb:c4:a4:94:37:e6:2f:ab:bb:38:41:1e:46:67:a6:
b5:fd:f0:28:22:52:19:94:7e:ed:90:5d:ef:f1:72:
79:be:7b:af:19:b9:e8:d8:a9:1f:66:30:82:02:0f:
8d:e6:92:47:b3:c2:20:72:5b:71:e2:4b:b2:81:08:
50:7f:15:92:73:4e:6b:ae:81:93:2a:5b:51:cd:b7:
97:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F1:20:9C:A2:84:1A:31:BF:F0:63:F8:7E:56:08:DA:32:E3:E2:63
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/nfEgnKKEGjG_8GP4flYI2jLj4mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/22
93.119.104.0/23
93.119.107.0/24
188.240.210.0/24
188.240.221.0/24
Signature Algorithm: sha256WithRSAEncryption
53:21:a0:fd:d1:6d:51:c5:9c:f3:54:83:b2:b8:8c:ee:3b:fc:
c9:a9:bf:19:c9:ef:49:12:8f:94:18:2e:5e:9e:57:5e:28:49:
b3:9c:db:cc:b7:4e:66:03:30:90:95:ef:e7:26:0f:1b:16:bc:
0f:74:30:56:a6:87:b8:db:9d:8a:00:37:05:5f:e7:26:07:e0:
ea:6a:e2:b8:2b:c3:ba:6b:0b:84:91:f6:b7:ca:9e:89:05:1c:
4b:3e:c9:11:8c:d2:8d:b7:56:80:0e:43:fe:8b:03:46:62:1d:
5b:d1:a9:6c:cc:de:f1:01:d2:01:06:f3:db:67:8e:ab:37:12:
81:63:da:a9:a0:cd:bc:99:88:48:8e:fb:62:d4:bc:38:a3:74:
42:9e:62:97:45:d3:51:46:1c:d2:a7:8b:d2:42:cd:cb:8f:66:
ff:b1:58:8a:9c:86:ed:14:7e:99:1d:e3:e6:c8:95:04:ba:ea:
d3:c3:57:fd:cd:d2:7e:58:e7:98:f8:71:aa:4d:65:e1:d6:f3:
8d:36:17:c9:b2:db:a1:ab:92:04:c2:5d:42:5f:fd:6d:f3:27:
be:95:ea:dc:ca:af:5a:a0:90:14:38:96:30:00:0e:dd:fd:23:
79:16:55:ff:52:5e:c9:42:5e:5a:de:46:cd:96:51:19:ef:7f:
0b:80:1d:83
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIENmerbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRmMTIwOWNhMjg0
MWEzMWJmZjA2M2Y4N2U1NjA4ZGEzMmUzZTI2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9zNa7kKKw/q1UH6zndXJQ/MXl1AQXxU+Pfvulfa8PIiAMU
2+QBq8sCp+hTGppNT/3W8iUrnd1BRNP3gr4z745zf0l18sUTVg5nUq+jaipmL2Sa
lOlqjalBsJYc0POd798/KCH/k77Ub1aGZktvOnFHMvFrtUuJ0rL8JFKHpyW0Ebuz
e0WMkNUD0n/PCY8HuVxb2RLbdC2xxkv35ptT41NbAmc3pJgEkDbcMGVgsGYsHjwe
y8SklDfmL6u7OEEeRmemtf3wKCJSGZR+7ZBd7/Fyeb57rxm56NipH2YwggIPjeaS
R7PCIHJbceJLsoEIUH8VknNOa66BkypbUc23l/0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSd8SCcooQaMb/wY/h+VgjaMuPiYzAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
L25mRWduS0tFR2pHXzhHUDRmbFlJMmpMajRtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlkhwAMEAV13aAMEAF13awMEALzw
0gMEALzw3TANBgkqhkiG9w0BAQsFAAOCAQEAUyGg/dFtUcWc81SDsriM7jv8yam/
GcnvSRKPlBguXp5XXihJs5zbzLdOZgMwkJXv5yYPGxa8D3QwVqaHuNudigA3BV/n
Jgfg6mriuCvDumsLhJH2t8qeiQUcSz7JEYzSjbdWgA5D/osDRmIdW9GpbMze8QHS
AQbz22eOqzcSgWPaqaDNvJmISI77YtS8OKN0Qp5il0XTUUYc0qeL0kLNy49m/7FY
ipyG7RR+mR3j5siVBLrq08NX/c3SfljnmPhxqk1l4dbzjTYXybLboauSBMJdQl/9
bfMnvpXq3MqvWqCQFDiWMAAO3f0jeRZV/1JeyUJeWt5GzZZRGe9/C4Adgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org