Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/NNSD_KnvXNZ5feQVPTW3KUZLybE.roa
File: NNSD_KnvXNZ5feQVPTW3KUZLybE.roa (raw, json)
Hash identifier: EanTvTfN3pKUVhoDpPz+p22H91wSR3OTucXLA7PP1vY=
Subject key identifier: 34:D4:83:FC:A9:EF:5C:D6:79:7D:E4:15:3D:35:B7:29:46:4B:C9:B1
Certificate issuer: /CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Certificate serial: 0182399418D104AC785A197E904B7C25191F
Authority key identifier: F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/NNSD_KnvXNZ5feQVPTW3KUZLybE.roa
Signing time: Tue 26 Jul 2022 08:16:23 +0000
ROA not before: Tue 26 Jul 2022 08:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47156
IP address blocks: 176.103.96.0/20 maxlen: 20
91.203.196.0/22 maxlen: 22
213.5.24.0/21 maxlen: 21
185.27.208.0/22 maxlen: 22
83.136.234.0/24 maxlen: 24
83.136.238.0/24 maxlen: 24
83.136.239.0/24 maxlen: 24
83.136.236.0/24 maxlen: 24
93.188.204.0/24 maxlen: 24
2a04:34c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:94:18:d1:04:ac:78:5a:19:7e:90:4b:7c:25:19:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d6af4de89bba8118953cceebfb39f45a8ed1bc
Validity
Not Before: Jul 26 08:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34d483fca9ef5cd6797de4153d35b729464bc9b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ac:e2:65:3d:ea:66:2f:44:48:83:9b:02:ee:
c2:6c:d7:0c:47:b6:e3:c5:8b:41:c8:6a:0f:70:05:
81:5c:28:59:db:0e:4c:c3:c4:5f:b4:48:59:48:d7:
83:76:6f:26:6e:46:12:bf:16:f6:c2:83:e9:9d:ff:
17:02:a2:0a:f4:27:8c:a7:6e:da:50:a0:9a:31:75:
ad:0d:eb:38:29:7a:da:b3:40:ac:0d:d2:43:03:81:
62:3f:5c:28:9d:d8:f3:fd:05:9a:cd:f4:c2:32:8d:
9f:12:82:59:8d:8d:12:4c:8f:91:70:37:0f:9f:8b:
22:64:c1:79:5c:89:a4:4b:bf:15:32:61:de:5c:cb:
5b:e1:7c:14:20:12:d6:4e:b4:17:e7:33:df:30:f3:
23:ee:c3:7e:e4:34:ac:01:2c:de:d3:a8:1b:18:28:
61:89:ba:7f:0d:38:0d:e4:d5:1a:f2:27:9a:c5:cd:
6b:d8:be:1d:b0:e2:4a:52:ea:74:7d:e5:8f:4d:4c:
b5:17:91:13:42:81:ac:3b:b0:61:7a:28:3a:b9:ed:
7a:8d:cd:1c:51:8b:75:83:96:fb:69:b5:20:68:f7:
e6:d7:b1:56:42:48:a9:b0:82:ec:cf:df:70:9e:98:
04:0c:d7:25:9c:4b:fd:ee:6e:23:b5:d5:f7:f8:dc:
96:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D4:83:FC:A9:EF:5C:D6:79:7D:E4:15:3D:35:B7:29:46:4B:C9:B1
X509v3 Authority Key Identifier:
keyid:F4:D6:AF:4D:E8:9B:BA:81:18:95:3C:CE:EB:FB:39:F4:5A:8E:D1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NavTeibuoEYlTzO6_s59FqO0bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/NNSD_KnvXNZ5feQVPTW3KUZLybE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dd37cf-a466-4354-a171-d8df8e4c65fe/1/9NavTeibuoEYlTzO6_s59FqO0bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.234.0/24
83.136.236.0/24
83.136.238.0/23
91.203.196.0/22
93.188.204.0/24
176.103.96.0/20
185.27.208.0/22
213.5.24.0/21
IPv6:
2a04:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:05:03:37:6b:0e:e9:4a:cd:d2:6a:df:97:10:68:83:a8:00:
8f:a8:6d:44:44:d1:95:c8:10:63:1a:cc:00:d2:79:ba:09:c0:
47:b6:f1:25:06:73:e6:3a:95:c6:c5:8e:18:82:d0:fa:82:b9:
c9:35:c3:a8:00:70:cf:99:86:54:e2:d8:d9:3c:23:bc:5f:78:
63:82:31:0a:b4:db:84:ef:f8:ae:75:68:cb:92:f5:29:c9:70:
25:1f:70:81:8a:0f:57:c8:9a:a6:65:33:b3:63:07:e4:72:a9:
1c:da:a6:0e:85:62:20:17:91:a3:0a:c9:b8:14:60:1c:2a:8e:
fa:df:fd:51:46:e3:e3:bc:61:d9:b8:79:2c:04:38:ff:14:cd:
82:a6:b4:61:55:19:ba:ab:35:cd:ad:c0:d0:3a:b9:a7:cb:0b:
09:74:96:95:8c:ea:b7:67:11:ac:8f:0d:b2:5a:16:3a:33:0e:
f8:0a:e5:6c:53:06:a9:c2:57:f2:f9:bb:21:2f:6a:52:f9:76:
3f:8e:66:9c:c1:15:ef:00:62:ef:d1:d3:16:9a:33:8a:d1:10:
45:87:39:b5:eb:c0:f1:e7:99:fc:1b:f6:a2:9d:93:72:38:32:
9b:70:66:cf:00:48:86:d6:9b:df:c8:cb:ee:c8:51:49:d2:76:
f9:94:24:30
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYI5lBjRBKx4Whl+kEt8JRkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDZhZjRkZTg5YmJhODExODk1M2NjZWViZmIzOWY0NWE4
ZWQxYmMwHhcNMjIwNzI2MDgxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ0ODNmY2E5ZWY1Y2Q2Nzk3ZGU0MTUzZDM1YjcyOTQ2NGJjOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqziZT3qZi9ESIObAu7CbNcMR7bj
xYtByGoPcAWBXChZ2w5Mw8RftEhZSNeDdm8mbkYSvxb2woPpnf8XAqIK9CeMp27a
UKCaMXWtDes4KXras0CsDdJDA4FiP1wondjz/QWazfTCMo2fEoJZjY0STI+RcDcP
n4siZMF5XImkS78VMmHeXMtb4XwUIBLWTrQX5zPfMPMj7sN+5DSsASze06gbGChh
ibp/DTgN5NUa8ieaxc1r2L4dsOJKUup0feWPTUy1F5ETQoGsO7Bheig6ue16jc0c
UYt1g5b7abUgaPfm17FWQkipsILsz99wnpgEDNclnEv97m4jtdX3+NyW4wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDTUg/yp71zWeX3kFT01tylGS8mxMB8GA1UdIwQY
MBaAFPTWr03om7qBGJU8zuv7OfRajtG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEt
ZDhkZjhlNGM2NWZlLzEvTk5TRF9LbnZYTlo1ZmVRVlBUVzNLVVpMeWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kZDM3Y2YtYTQ2Ni00MzU0LWExNzEtZDhkZjhlNGM2NWZl
LzEvOU5hdlRlaWJ1b0VZbFR6TzZfczU5RnFPMGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAU4jqAwQA
U4jsAwQBU4juAwQCW8vEAwQAXbzMAwQEsGdgAwQCuRvQAwQD1QUYMA0EAgACMAcD
BQMqBDTAMA0GCSqGSIb3DQEBCwUAA4IBAQA+BQM3aw7pSs3Sat+XEGiDqACPqG1E
RNGVyBBjGswA0nm6CcBHtvElBnPmOpXGxY4YgtD6grnJNcOoAHDPmYZU4tjZPCO8
X3hjgjEKtNuE7/iudWjLkvUpyXAlH3CBig9XyJqmZTOzYwfkcqkc2qYOhWIgF5Gj
Csm4FGAcKo763/1RRuPjvGHZuHksBDj/FM2CprRhVRm6qzXNrcDQOrmnywsJdJaV
jOq3ZxGsjw2yWhY6Mw74CuVsUwapwlfy+bshL2pS+XY/jmacwRXvAGLv0dMWmjOK
0RBFhzm168Dx55n8G/ainZNyODKbcGbPAEiG1pvfyMvuyFFJ0nb5lCQw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:24 2024 by rpki-client on console-ams.rpki-client.org