Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nfBXn2AeR_j0iEUmvR7nu7-0d7k.roa
File: nfBXn2AeR_j0iEUmvR7nu7-0d7k.roa (raw, json)
Hash identifier: /durCBXzqtoHK0vYavHxq5ivTwnf8KsdRW6supTYmOU=
Subject key identifier: 9D:F0:57:9F:60:1E:47:F8:F4:88:45:26:BD:1E:E7:BB:BF:B4:77:B9
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018C1FB45932A608F139159FE29B0502AFAB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nfBXn2AeR_j0iEUmvR7nu7-0d7k.roa
Signing time: Thu 30 Nov 2023 10:09:22 +0000
ROA not before: Thu 30 Nov 2023 10:09:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.184.0/24 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.235.0/24 maxlen: 24
5.180.234.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:b4:59:32:a6:08:f1:39:15:9f:e2:9b:05:02:af:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Nov 30 10:09:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9df0579f601e47f8f4884526bd1ee7bbbfb477b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:10:6a:af:01:7e:5c:b4:c2:8f:b9:2a:5d:0e:
37:00:6c:a0:60:ed:1e:12:b2:c9:47:88:12:2b:b4:
7d:5b:4f:33:45:c5:c1:aa:b1:88:78:b0:4e:3a:1d:
be:77:eb:04:cd:ce:c4:4b:cd:d1:cf:8f:98:31:d3:
af:a4:90:5f:bc:4c:5a:93:bd:dd:18:53:76:6d:8c:
d9:14:fa:94:67:da:9d:03:00:ce:81:a0:fd:f0:03:
0f:63:6a:51:2c:51:04:37:85:84:cd:28:69:cf:16:
c5:de:57:09:99:85:39:56:50:a2:a2:66:da:e4:36:
20:98:7a:6c:6e:52:b0:18:81:b1:ae:45:1b:18:45:
59:1c:0d:60:71:51:5d:1c:a4:58:f2:4f:5b:50:e5:
a1:94:89:fc:1b:84:2a:4c:14:15:73:92:3e:b5:0e:
1a:55:aa:66:70:5d:fa:b9:4e:8d:5b:69:26:98:71:
d7:d2:03:f9:b8:fa:69:9e:89:c7:00:82:40:f6:8f:
3c:e8:e6:6b:86:d6:38:a0:f4:53:7a:ce:39:14:a3:
06:ab:e9:8f:8d:9b:41:77:11:75:6c:06:56:5d:cc:
29:b8:ab:22:fb:4c:9b:8a:7d:54:88:fe:85:d6:77:
c4:b7:ba:7b:30:20:0f:81:45:16:73:5c:4e:eb:b6:
5c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F0:57:9F:60:1E:47:F8:F4:88:45:26:BD:1E:E7:BB:BF:B4:77:B9
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nfBXn2AeR_j0iEUmvR7nu7-0d7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/24
5.180.50.0/23
5.180.80.0/24
5.180.234.0/23
5.253.39.0/24
5.253.44.0/23
5.253.47.0/24
45.8.184.0/24
45.8.188.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.1.255
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:ea:66:6c:5b:04:5d:6f:df:ce:90:1f:3b:6d:d2:52:c1:fd:
5e:5d:73:62:c8:2d:52:4c:81:93:29:08:f2:d3:fe:fb:c5:f8:
2a:bc:a5:5c:db:38:d5:1b:c0:47:85:6a:1e:d1:ac:58:3d:97:
e4:71:e8:b8:a5:a4:c0:e7:4d:e2:ae:f6:f6:7c:b9:8f:39:d2:
61:79:0a:45:25:b3:fb:24:10:4d:9e:a3:03:d6:d6:7b:9c:cd:
df:ba:63:23:43:ae:ea:a3:c4:83:57:2e:43:7e:98:d8:82:72:
84:d6:2c:ab:06:93:db:53:60:18:fe:d5:60:8f:65:dc:a6:e0:
fb:20:d5:1b:db:18:63:3e:6e:76:2d:ed:41:e1:40:94:c7:e6:
bb:3e:ef:e1:0c:7d:63:ad:7a:bf:fd:e2:5f:b2:d1:20:c9:66:
ac:cf:7b:f2:bc:c7:61:a5:db:b6:2b:ee:af:c4:b0:c2:41:f9:
85:7f:54:8e:a1:3b:31:fe:df:ea:ac:e7:cc:83:29:44:c6:a7:
1a:f2:af:0e:cd:4b:43:fc:95:61:52:ec:0e:5d:28:ad:c9:b4:
56:5b:64:1a:b2:5b:8c:c3:24:67:ce:d9:ae:44:7b:5c:18:0f:
45:47:c3:22:f0:19:20:47:dc:24:d2:de:58:b6:d1:49:86:68:
88:22:9f:6a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYwftFkypgjxORWf4psFAq+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMTMwMTAwOTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGYwNTc5ZjYwMWU0N2Y4ZjQ4ODQ1MjZiZDFlZTdiYmJmYjQ3N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRBqrwF+XLTCj7kqXQ43AGygYO0e
ErLJR4gSK7R9W08zRcXBqrGIeLBOOh2+d+sEzc7ES83Rz4+YMdOvpJBfvExak73d
GFN2bYzZFPqUZ9qdAwDOgaD98AMPY2pRLFEEN4WEzShpzxbF3lcJmYU5VlCiomba
5DYgmHpsblKwGIGxrkUbGEVZHA1gcVFdHKRY8k9bUOWhlIn8G4QqTBQVc5I+tQ4a
VapmcF36uU6NW2kmmHHX0gP5uPppnonHAIJA9o886OZrhtY4oPRTes45FKMGq+mP
jZtBdxF1bAZWXcwpuKsi+0ybin1UiP6F1nfEt7p7MCAPgUUWc1xO67ZczQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFJ3wV59gHkf49IhFJr0e57u/tHe5MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbmZCWG4yQWVSX2owaUVVbXZSN251Ny0wZDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAEF/SwDBAAF/S8DBAAt
CLgwDAMEAi0IvAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAt
CP8DBAEtCQADBAAtCQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV
0HEDBABV0HMDBABV0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAM7qZmxbBF1v
386QHztt0lLB/V5dc2LILVJMgZMpCPLT/vvF+Cq8pVzbONUbwEeFah7RrFg9l+Rx
6LilpMDnTeKu9vZ8uY850mF5CkUls/skEE2eowPW1nuczd+6YyNDruqjxINXLkN+
mNiCcoTWLKsGk9tTYBj+1WCPZdym4Psg1RvbGGM+bnYt7UHhQJTH5rs+7+EMfWOt
er/94l+y0SDJZqzPe/K8x2Gl27Yr7q/EsMJB+YV/VI6hOzH+3+qs58yDKUTGpxry
rw7NS0P8lWFS7A5dKK3JtFZbZBqyW4zDJGfO2a5Ee1wYD0VHwyLwGSBH3CTS3li2
0UmGaIgin2o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:35 2025 by rpki-client