Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/NnTVWZ4C__2ag0FfFl0lM5ETgbE.roa
File: NnTVWZ4C__2ag0FfFl0lM5ETgbE.roa (raw, json)
Hash identifier: KOeckS/xbQluNQ3rfRKmR31BqgtdpAxntgnHrj4GsrM=
Subject key identifier: 36:74:D5:59:9E:02:FF:FD:9A:83:41:5F:16:5D:25:33:91:13:81:B1
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183155DFBEA6CC51A62BC4CF11878076FC6
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/NnTVWZ4C__2ag0FfFl0lM5ETgbE.roa
Signing time: Wed 07 Sep 2022 00:33:44 +0000
ROA not before: Wed 07 Sep 2022 00:33:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:15:5d:fb:ea:6c:c5:1a:62:bc:4c:f1:18:78:07:6f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 7 00:33:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3674d5599e02fffd9a83415f165d2533911381b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:f3:30:2c:32:94:70:09:9d:15:4e:ca:01:
da:cd:3b:f8:be:1e:b8:bc:b8:7b:93:29:bf:05:44:
42:bf:dd:e7:98:19:05:2f:3e:81:e5:6f:68:a1:a6:
c7:e4:5f:49:a2:d2:1c:82:d5:07:a8:8d:bb:d1:d5:
b7:af:ea:c5:58:6d:9a:d3:43:7a:28:3d:b1:90:57:
b1:ce:4b:fa:0b:7f:1d:c5:44:85:6b:56:34:8b:69:
f9:51:1c:53:58:30:5a:59:bc:48:57:c8:16:bb:fe:
f6:50:8a:0f:84:d1:66:12:77:98:4c:63:3e:29:09:
91:14:9a:9a:f4:93:a2:1a:5b:31:44:e9:04:a0:4b:
76:5e:6f:8c:ec:38:3e:a3:28:a2:24:01:f4:0f:d5:
ef:81:b8:c3:3e:8f:a6:12:4a:8c:e0:91:d5:1f:95:
60:ae:72:4d:c9:03:4c:ce:29:f8:87:c8:c0:20:7a:
bc:66:07:e4:1c:c2:a8:0c:4c:23:b7:30:1e:98:a2:
70:c8:55:5c:8c:21:b5:94:81:db:90:42:95:3f:f9:
f3:93:e8:b3:3a:e1:09:06:e0:9a:97:31:0d:54:30:
39:cd:1f:f1:53:15:56:82:aa:70:66:3a:43:ac:a4:
8a:c9:6b:9b:7f:9a:49:57:05:b6:62:8e:26:7d:eb:
4f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:74:D5:59:9E:02:FF:FD:9A:83:41:5F:16:5D:25:33:91:13:81:B1
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/NnTVWZ4C__2ag0FfFl0lM5ETgbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.0.0/23
185.126.239.0/24
185.213.23.0/24
IPv6:
2a11:840:7::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:cd:58:98:a2:64:71:ce:4d:69:d6:46:f0:a8:eb:4e:3a:bf:
dd:ca:84:22:87:a3:fd:4e:b4:07:3a:7a:d7:57:bf:4f:04:d6:
59:0b:cc:19:a9:71:2f:75:68:8c:ef:6e:04:75:2b:ba:d0:55:
29:4d:33:1e:d2:e8:2b:b2:0d:95:c2:51:b4:e4:3d:98:32:83:
d6:a3:cf:58:c1:26:8c:8f:27:60:d2:a3:d5:85:2c:e0:1e:82:
b0:e0:81:3d:6c:59:28:ec:6e:77:fd:32:fb:90:d7:4d:83:9c:
71:22:14:70:d8:63:1f:9a:f9:c3:dd:6e:b3:32:6f:54:97:2d:
7e:17:01:ca:30:91:e7:de:89:44:e3:63:e9:09:bb:f9:34:f9:
35:77:77:6d:88:88:0c:c2:59:bb:1e:94:0d:0c:1d:bf:90:b0:
c3:bd:a1:6f:31:d0:a3:9a:77:c7:5b:2c:40:44:4b:98:17:fa:
b9:bf:f8:a5:53:82:dd:c1:5e:89:eb:01:0b:14:d7:ea:77:1e:
ef:b8:d6:65:6a:24:70:50:e2:ef:7b:7f:f1:e5:16:e3:f8:04:
77:67:2c:16:ee:ab:54:94:40:07:de:11:88:e8:48:c8:14:32:
f9:c1:67:b6:d7:bd:36:75:ce:8d:da:b3:14:55:0e:5b:ef:ee:
6d:34:71:64
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYMVXfvqbMUaYrxM8Rh4B2/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA3MDAzMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc0ZDU1OTllMDJmZmZkOWE4MzQxNWYxNjVkMjUzMzkxMTM4MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhXzMCwylHAJnRVOygHazTv4vh64
vLh7kym/BURCv93nmBkFLz6B5W9ooabH5F9JotIcgtUHqI270dW3r+rFWG2a00N6
KD2xkFexzkv6C38dxUSFa1Y0i2n5URxTWDBaWbxIV8gWu/72UIoPhNFmEneYTGM+
KQmRFJqa9JOiGlsxROkEoEt2Xm+M7Dg+oyiiJAH0D9XvgbjDPo+mEkqM4JHVH5Vg
rnJNyQNMzin4h8jAIHq8ZgfkHMKoDEwjtzAemKJwyFVcjCG1lIHbkEKVP/nzk+iz
OuEJBuCalzENVDA5zR/xUxVWgqpwZjpDrKSKyWubf5pJVwW2Yo4mfetPLQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFDZ01VmeAv/9moNBXxZdJTORE4GxMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTm5UVldaNENfXzJhZzBGZkZsMGxNNUVUZ2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjAYBAIAATASAwQBk04AAwQA
uX7vAwQAudUXMEIEAgACMDwwEgMHACoRCEAABwMHACoRCEAACDASAwcEKhEIQAAQ
AwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhAABgwDQYJKoZIhvcNAQELBQADggEB
AHXNWJiiZHHOTWnWRvCo6046v93KhCKHo/1OtAc6etdXv08E1lkLzBmpcS91aIzv
bgR1K7rQVSlNMx7S6CuyDZXCUbTkPZgyg9ajz1jBJoyPJ2DSo9WFLOAegrDggT1s
WSjsbnf9MvuQ102DnHEiFHDYYx+a+cPdbrMyb1SXLX4XAcowkefeiUTjY+kJu/k0
+TV3d22IiAzCWbselA0MHb+QsMO9oW8x0KOad8dbLEBES5gX+rm/+KVTgt3BXonr
AQsU1+p3Hu+41mVqJHBQ4u97f/HlFuP4BHdnLBbuq1SUQAfeEYjoSMgUMvnBZ7bX
vTZ1zo3asxRVDlvv7m00cWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org