Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/NHm8WSvKp7pP0wqY-qlIqD9ZTHc.roa
File: NHm8WSvKp7pP0wqY-qlIqD9ZTHc.roa (raw, json)
Hash identifier: +aJNrOFOTY3a8N5Bragwrf27tMC5OKBOMBDsUQL1/2U=
Subject key identifier: 34:79:BC:59:2B:CA:A7:BA:4F:D3:0A:98:FA:A9:48:A8:3F:59:4C:77
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 17F3EE25
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/NHm8WSvKp7pP0wqY-qlIqD9ZTHc.roa
Signing time: Sat 01 Jan 2022 04:00:00 +0000
ROA not before: Sat 01 Jan 2022 04:00:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44309
IP address blocks: 94.236.164.0/24 maxlen: 24
94.236.165.0/24 maxlen: 24
94.236.166.0/24 maxlen: 24
94.236.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401862181 (0x17f3ee25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 04:00:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3479bc592bcaa7ba4fd30a98faa948a83f594c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8c:5c:62:48:9a:df:c5:5e:c2:28:44:3c:34:
d9:3e:3d:e9:e4:59:c2:77:e8:8a:44:77:0f:35:75:
66:bd:81:d2:47:13:99:49:ec:08:9c:d4:66:8c:b0:
39:98:d0:92:1f:0b:cd:3d:07:30:08:35:3f:64:6b:
ca:09:32:6a:17:54:56:1b:9d:8f:4b:e2:9f:a2:98:
78:6b:78:59:25:53:03:33:54:f4:b0:ff:63:2f:3e:
97:9b:4e:8c:05:41:4b:52:70:b8:a6:1c:a1:3e:3c:
14:a1:ff:02:52:2a:e4:1c:4f:08:b3:1f:d5:0b:15:
9a:b6:86:30:50:e9:35:19:66:26:b8:6f:ea:44:16:
49:2a:93:b4:6b:2a:73:b3:95:c5:d2:b8:d1:b7:7b:
b9:d0:a1:10:9c:d2:df:c6:4a:b4:76:21:5d:6a:99:
46:06:25:c1:af:1c:f4:ed:3c:72:23:cc:e1:49:a5:
5c:f6:45:41:c1:f9:da:57:37:6c:1b:9c:5a:c1:7f:
e6:bb:04:38:fa:c2:7c:5f:6d:7c:5b:d1:02:3f:65:
dd:ff:fe:4e:95:0b:d3:e3:3b:df:cf:25:cc:a9:3f:
d2:de:07:4a:ee:fb:7b:76:ea:89:75:7d:38:3c:2f:
9a:e6:9b:9a:b7:eb:37:dc:23:1d:c9:5e:bb:6d:6c:
6b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:79:BC:59:2B:CA:A7:BA:4F:D3:0A:98:FA:A9:48:A8:3F:59:4C:77
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/NHm8WSvKp7pP0wqY-qlIqD9ZTHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.236.164.0/22
Signature Algorithm: sha256WithRSAEncryption
94:71:68:a9:5f:42:ad:00:b7:f5:76:09:37:c4:7f:12:57:b1:
e0:75:11:6b:9d:74:1d:b8:ec:cc:4a:10:f9:e5:95:93:b5:97:
26:ca:58:f3:e6:f1:31:c9:4f:31:df:1d:cd:60:0b:7e:7b:06:
1b:56:52:d2:79:8b:d3:f1:ca:59:d0:44:fe:5a:64:71:4b:32:
9d:1a:ea:e7:a3:89:47:5e:77:e0:d7:d2:03:3c:58:88:c5:c3:
0d:89:67:2f:af:9f:0f:a4:16:53:6c:8b:73:69:bf:68:ea:06:
7c:2a:df:36:e5:14:36:c1:aa:4c:2f:63:d6:00:51:84:eb:0e:
87:76:2f:7c:10:35:f3:7c:c8:84:e4:cf:c8:7e:31:e3:70:d0:
18:03:46:56:7e:8c:4d:f3:d8:ec:36:bc:f4:8a:c9:4a:47:c3:
d9:c8:98:22:17:db:f8:19:ad:05:10:23:fc:89:92:2b:21:7c:
e3:f9:ba:a4:2b:88:3b:ce:78:d0:bb:56:b9:e9:41:a9:6c:d0:
be:9a:23:5e:4e:07:24:56:ac:c1:16:8d:70:da:2c:72:3c:59:
70:f2:c4:ae:99:71:f3:0b:e5:54:7b:af:6e:cb:75:9b:8d:4b:
99:43:43:d9:25:44:41:26:4f:d8:45:90:ec:4f:aa:ab:d5:36:
a0:94:1a:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF/PuJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ3OWJjNTkyYmNh
YTdiYTRmZDMwYTk4ZmFhOTQ4YTgzZjU5NGM3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOMXGJImt/FXsIoRDw02T496eRZwnfoikR3DzV1Zr2B0kcT
mUnsCJzUZoywOZjQkh8LzT0HMAg1P2RrygkyahdUVhudj0vin6KYeGt4WSVTAzNU
9LD/Yy8+l5tOjAVBS1JwuKYcoT48FKH/AlIq5BxPCLMf1QsVmraGMFDpNRlmJrhv
6kQWSSqTtGsqc7OVxdK40bd7udChEJzS38ZKtHYhXWqZRgYlwa8c9O08ciPM4Uml
XPZFQcH52lc3bBucWsF/5rsEOPrCfF9tfFvRAj9l3f/+TpUL0+M7388lzKk/0t4H
Su77e3bqiXV9ODwvmuabmrfrN9wjHcleu21sayECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0ebxZK8qnuk/TCpj6qUioP1lMdzAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L05IbThXU3ZLcDdwUDB3cVktcWxJcUQ5WlRIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl7spDANBgkqhkiG9w0BAQsFAAOC
AQEAlHFoqV9CrQC39XYJN8R/Elex4HURa510HbjszEoQ+eWVk7WXJspY8+bxMclP
Md8dzWALfnsGG1ZS0nmL0/HKWdBE/lpkcUsynRrq56OJR1534NfSAzxYiMXDDYln
L6+fD6QWU2yLc2m/aOoGfCrfNuUUNsGqTC9j1gBRhOsOh3YvfBA183zIhOTPyH4x
43DQGANGVn6MTfPY7Da89IrJSkfD2ciYIhfb+BmtBRAj/ImSKyF84/m6pCuIO854
0LtWuelBqWzQvpojXk4HJFaswRaNcNoscjxZcPLErplx8wvlVHuvbst1m41LmUND
2SVEQSZP2EWQ7E+qq9U2oJQa5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org