Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/NlrmHtOYginkLQzPC7MvQefQfik.roa
File: NlrmHtOYginkLQzPC7MvQefQfik.roa (raw, json)
Hash identifier: qrYcqG9mb56Ac98GEHj0QI9ycMt2CBA6QPoeTrZdROs=
Subject key identifier: 36:5A:E6:1E:D3:98:82:29:E4:2D:0C:CF:0B:B3:2F:41:E7:D0:7E:29
Certificate issuer: /CN=c1ae636549f56d84858ff96c8b1630e8cb8a48af
Certificate serial: 07208FEE
Authority key identifier: C1:AE:63:65:49:F5:6D:84:85:8F:F9:6C:8B:16:30:E8:CB:8A:48:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/NlrmHtOYginkLQzPC7MvQefQfik.roa
Signing time: Sat 01 Jan 2022 08:54:24 +0000
ROA not before: Sat 01 Jan 2022 08:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42176
IP address blocks: 92.42.81.0/24 maxlen: 24
92.42.84.0/23 maxlen: 23
92.42.84.0/24 maxlen: 24
92.42.80.0/24 maxlen: 24
92.42.80.0/22 maxlen: 22
92.42.83.0/24 maxlen: 24
92.42.82.0/24 maxlen: 24
92.42.85.0/24 maxlen: 24
92.42.87.0/24 maxlen: 24
92.42.86.0/24 maxlen: 24
2a10:8e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119574510 (0x7208fee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ae636549f56d84858ff96c8b1630e8cb8a48af
Validity
Not Before: Jan 1 08:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=365ae61ed3988229e42d0ccf0bb32f41e7d07e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:09:98:e1:c4:b8:30:54:12:5e:0d:1d:f6:88:
cb:60:dd:85:16:4d:53:9b:e5:5b:c7:ef:22:9a:61:
72:b2:1e:82:cf:12:ac:02:ce:e8:55:69:8b:19:d4:
f9:0c:d5:3d:cb:e1:a1:d0:3a:6b:73:5a:36:46:68:
b9:da:ab:96:3d:fb:f4:f9:4b:be:d4:e2:bb:8a:c8:
d5:2f:92:50:e2:d5:66:1f:eb:1c:98:c7:a1:9b:29:
43:6f:ed:49:ec:0c:ee:94:8d:94:de:54:db:f1:14:
2a:ec:0c:9e:dd:e5:80:90:4c:8a:29:8d:d2:75:c9:
8b:f8:6e:04:ce:6e:ce:53:c8:a1:e8:be:c3:3b:b8:
5c:a1:e7:3c:8a:36:bc:64:96:c1:8e:18:72:19:eb:
c2:fc:63:74:2f:18:e2:a7:ad:e4:27:c4:55:2a:e4:
24:48:61:fa:e3:54:ae:11:45:b1:18:bf:2f:c1:6e:
07:2c:bc:45:14:b4:b5:5b:a9:57:b7:5b:9d:66:f3:
3d:64:d2:0c:69:0e:d1:16:01:72:39:28:75:b3:3b:
d0:5e:9b:19:87:65:9f:3f:ad:be:98:9f:cc:32:77:
92:ad:2e:bd:8b:17:97:8b:7a:24:82:5f:5d:8e:55:
0c:8a:da:1c:ee:d1:c6:cd:72:cf:58:ee:9d:c5:3b:
be:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5A:E6:1E:D3:98:82:29:E4:2D:0C:CF:0B:B3:2F:41:E7:D0:7E:29
X509v3 Authority Key Identifier:
keyid:C1:AE:63:65:49:F5:6D:84:85:8F:F9:6C:8B:16:30:E8:CB:8A:48:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/NlrmHtOYginkLQzPC7MvQefQfik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/wa5jZUn1bYSFj_lsixYw6MuKSK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.80.0/21
IPv6:
2a10:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
aa:7e:83:24:d2:c8:b3:83:c4:b7:1c:53:ac:ea:c6:fa:47:30:
01:66:12:85:02:05:ce:48:ec:0a:20:8a:e2:77:7f:f6:61:5f:
24:56:d4:71:af:7c:4f:21:9c:d0:07:df:9a:4b:7d:0f:49:c6:
f7:5b:41:2b:24:ce:d8:cf:b4:c1:e9:8e:5f:47:fd:c3:cb:13:
19:73:88:f2:c9:31:a6:33:ba:98:c1:a1:8a:58:05:89:79:a1:
16:e1:8b:49:cc:02:ce:d9:ca:c4:f2:c4:7c:79:0e:a7:2e:e3:
bc:42:48:49:6e:5f:39:88:66:cb:6b:e5:15:67:a0:76:d5:63:
f1:69:d5:3b:14:83:30:c4:f1:fa:f0:a0:06:58:05:91:63:81:
cd:7c:c6:ea:69:80:28:38:af:b3:a2:7d:f3:19:9a:01:48:b0:
0e:20:32:ee:82:3f:6b:72:bf:14:6e:47:5c:35:bb:04:10:29:
1c:b7:52:27:33:be:9d:d7:ef:fc:b3:83:0e:9b:ec:f2:46:07:
1d:43:54:e3:d2:1e:dc:fa:e5:d0:a4:f8:e1:2b:f7:f7:74:47:
c1:83:e9:ed:67:f1:6f:f7:31:e5:6d:0d:44:cb:61:80:ee:92:
32:e3:16:ef:83:8d:08:01:70:ea:84:91:b6:97:cf:50:48:a8:
8c:9b:6c:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEByCP7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWFlNjM2NTQ5ZjU2ZDg0ODU4ZmY5NmM4YjE2MzBlOGNiOGE0OGFmMB4XDTIyMDEw
MTA4NTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY1YWU2MWVkMzk4
ODIyOWU0MmQwY2NmMGJiMzJmNDFlN2QwN2UyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwJmOHEuDBUEl4NHfaIy2DdhRZNU5vlW8fvIpphcrIegs8S
rALO6FVpixnU+QzVPcvhodA6a3NaNkZoudqrlj379PlLvtTiu4rI1S+SUOLVZh/r
HJjHoZspQ2/tSewM7pSNlN5U2/EUKuwMnt3lgJBMiimN0nXJi/huBM5uzlPIoei+
wzu4XKHnPIo2vGSWwY4YchnrwvxjdC8Y4qet5CfEVSrkJEhh+uNUrhFFsRi/L8Fu
Byy8RRS0tVupV7dbnWbzPWTSDGkO0RYBcjkodbM70F6bGYdlnz+tvpifzDJ3kq0u
vYsXl4t6JIJfXY5VDIraHO7Rxs1yz1juncU7vhUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ2WuYe05iCKeQtDM8Lsy9B59B+KTAfBgNVHSMEGDAWgBTBrmNlSfVthIWP
+WyLFjDoy4pIrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dhNWpaVW4xYllTRmpfbHNpeFl3Nk11S1NLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNGI5MDhkLWY0M2EtNDg4Mi1hNjZmLWIyMTY4NDRhYzFlNC8x
L05scm1IdE9ZZ2lua0xRelBDN012UWVmUWZpay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NGI5MDhkLWY0M2EtNDg4Mi1hNjZmLWIyMTY4NDRhYzFlNC8xL3dhNWpaVW4xYllT
RmpfbHNpeFl3Nk11S1NLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1wqUDANBAIAAjAHAwUDKhCOQDAN
BgkqhkiG9w0BAQsFAAOCAQEAqn6DJNLIs4PEtxxTrOrG+kcwAWYShQIFzkjsCiCK
4nd/9mFfJFbUca98TyGc0Affmkt9D0nG91tBKyTO2M+0wemOX0f9w8sTGXOI8skx
pjO6mMGhilgFiXmhFuGLScwCztnKxPLEfHkOpy7jvEJISW5fOYhmy2vlFWegdtVj
8WnVOxSDMMTx+vCgBlgFkWOBzXzG6mmAKDivs6J98xmaAUiwDiAy7oI/a3K/FG5H
XDW7BBApHLdSJzO+ndfv/LODDpvs8kYHHUNU49Ie3Prl0KT44Sv393RHwYPp7Wfx
b/cx5W0NRMthgO6SMuMW74ONCAFw6oSRtpfPUEiojJtsiw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:22 2024 by rpki-client on console-fra.rpki-client.org