Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/N6j5N1uEginHKBBb-rKksxu-Jng.roa
File: N6j5N1uEginHKBBb-rKksxu-Jng.roa (raw, json)
Hash identifier: agqQJNQeWI7jdA3OuHzdRXgx8ZSzFFmE0ivnstfsad4=
Subject key identifier: 37:A8:F9:37:5B:84:82:29:C7:28:10:5B:FA:B2:A4:B3:1B:BE:26:78
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 017419
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/N6j5N1uEginHKBBb-rKksxu-Jng.roa
Signing time: Wed 29 Jun 2022 13:41:02 +0000
ROA not before: Wed 29 Jun 2022 13:41:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48707
IP address blocks: 195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95257 (0x17419)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Jun 29 13:41:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37a8f9375b848229c728105bfab2a4b31bbe2678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:63:00:32:8d:80:3a:ea:6c:22:84:35:78:0c:
e2:33:b2:6c:6d:7e:11:69:21:0a:ac:d9:6a:42:ea:
13:9e:a2:e2:7a:d4:22:78:54:f1:56:97:9d:50:44:
f3:db:2d:86:2f:1c:17:16:52:98:7d:b8:e6:9a:d4:
bf:00:12:4b:75:1f:19:db:b9:24:ec:3f:87:5e:78:
2b:8a:21:e7:81:a2:9d:b8:04:f1:70:5f:12:38:54:
dc:9e:0a:df:ee:b8:c8:40:60:64:fb:12:09:98:40:
aa:75:14:85:49:d7:41:e2:61:0f:5e:97:be:06:0e:
8d:93:3b:89:91:48:e2:9e:29:7c:c0:38:82:39:8e:
f9:1b:58:40:12:77:ae:5a:3e:e7:9b:8f:d0:62:d5:
e7:86:0b:71:eb:f6:0d:b0:88:fd:08:10:ae:aa:5b:
12:6b:a7:1b:6c:68:25:5d:d5:69:93:83:c8:57:6b:
fb:e2:b4:e4:ec:82:07:bc:37:32:df:02:c6:ba:4d:
78:ee:c5:24:f7:fc:91:ff:31:23:b0:24:94:cd:bd:
0a:7d:00:c6:62:5e:65:9b:2d:a3:d4:a9:79:91:14:
a7:bb:f0:66:e1:65:21:05:a4:a9:8e:25:b1:60:96:
07:41:52:76:5a:1f:4b:60:ff:c8:55:da:28:86:b1:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A8:F9:37:5B:84:82:29:C7:28:10:5B:FA:B2:A4:B3:1B:BE:26:78
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/N6j5N1uEginHKBBb-rKksxu-Jng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.253.212.0/22
195.2.208.0/23
Signature Algorithm: sha256WithRSAEncryption
14:3a:13:86:ca:b4:67:f4:2d:d9:be:70:f3:2b:42:1e:11:82:
c0:31:a1:57:c3:d4:91:78:17:1a:e1:af:b6:59:c9:67:a8:b7:
c1:49:db:6f:eb:01:38:cd:48:83:9c:7c:18:e1:0f:af:7d:55:
b1:d0:f5:61:82:f3:16:40:1c:44:ef:26:20:41:72:3e:42:7d:
88:e4:3a:d7:32:17:ee:86:99:76:da:e7:78:c9:bf:a9:05:a9:
ed:57:4c:5d:78:1b:ce:a7:39:aa:30:f1:13:9c:8e:dd:aa:3d:
ba:35:c2:47:6a:00:58:88:14:f9:f0:6e:4c:c4:fe:08:49:56:
21:f7:28:7a:9f:8d:73:bc:a0:57:87:bb:83:11:98:5c:bc:02:
a5:5e:d1:77:ea:20:7d:fc:ca:ef:f2:6a:cf:a3:01:8b:b7:78:
52:ce:62:ea:f8:83:26:1c:7a:3d:d1:f5:85:0f:69:c9:67:9e:
47:b5:8d:85:a8:fb:86:cf:79:f0:dd:8e:cb:31:57:f8:43:fe:
f8:ec:73:77:82:17:c2:61:72:f8:a2:50:2c:3d:94:f4:04:bd:
d4:91:0f:b4:52:5f:7c:68:d6:fd:78:c9:9b:12:a5:8d:4a:d2:
91:6c:ac:5a:06:5c:4c:13:f4:2c:ab:96:5c:42:35:e4:ab:42:
c9:e4:38:78
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIDAXQZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRj
OTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1MmQ2YWYwHhcNMjIwNjI5
MTM0MTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzN2E4ZjkzNzViODQ4
MjI5YzcyODEwNWJmYWIyYTRiMzFiYmUyNjc4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlGMAMo2AOupsIoQ1eAziM7JsbX4RaSEKrNlqQuoTnqLietQi
eFTxVpedUETz2y2GLxwXFlKYfbjmmtS/ABJLdR8Z27kk7D+HXngriiHngaKduATx
cF8SOFTcngrf7rjIQGBk+xIJmECqdRSFSddB4mEPXpe+Bg6NkzuJkUjinil8wDiC
OY75G1hAEneuWj7nm4/QYtXnhgtx6/YNsIj9CBCuqlsSa6cbbGglXdVpk4PIV2v7
4rTk7IIHvDcy3wLGuk147sUk9/yR/zEjsCSUzb0KfQDGYl5lmy2j1Kl5kRSnu/Bm
4WUhBaSpjiWxYJYHQVJ2Wh9LYP/IVdoohrE0nQIDAQABo4ICIzCCAh8wHQYDVR0O
BBYEFDeo+TdbhIIpxygQW/qypLMbviZ4MB8GA1UdIwQYMBaAFEyTApxbJjnNKbn5
3VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1LzEv
TjZqNU4xdUVnaW5IS0JCYi1yS2tzeHUtSm5nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83
YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1LzEvVEpNQ25Gc21PYzBw
dWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkG
CCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBANb5sgDBAFb5swDBAK57RwDBAK5
/dQDBAHDAtAwDQYJKoZIhvcNAQELBQADggEBABQ6E4bKtGf0Ldm+cPMrQh4RgsAx
oVfD1JF4Fxrhr7ZZyWeot8FJ22/rATjNSIOcfBjhD699VbHQ9WGC8xZAHETvJiBB
cj5CfYjkOtcyF+6GmXba53jJv6kFqe1XTF14G86nOaow8ROcjt2qPbo1wkdqAFiI
FPnwbkzE/ghJViH3KHqfjXO8oFeHu4MRmFy8AqVe0XfqIH38yu/yas+jAYu3eFLO
Yur4gyYcej3R9YUPaclnnke1jYWo+4bPefDdjssxV/hD/vjsc3eCF8JhcviiUCw9
lPQEvdSRD7RSX3xo1v14yZsSpY1K0pFsrFoGXEwT9CyrllxCNeSrQsnkOHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:12 2024 by rpki-client on console-ams.rpki-client.org