Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/nbeg4WaJmD-podxrxd3LQgYc3l0.roa
File: nbeg4WaJmD-podxrxd3LQgYc3l0.roa (raw, json)
Hash identifier: f/5uL80JjBELUponqG9Y9lXzEvlcvbptYmHhRV6/Qw4=
Subject key identifier: 9D:B7:A0:E1:66:89:98:3F:A9:A1:DC:6B:C5:DD:CB:42:06:1C:DE:5D
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 0FF31C21
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/nbeg4WaJmD-podxrxd3LQgYc3l0.roa
Signing time: Fri 20 May 2022 09:51:08 +0000
ROA not before: Fri 20 May 2022 09:51:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12578
IP address blocks: 185.38.56.0/22 maxlen: 22
46.109.0.0/16 maxlen: 16
195.122.28.0/24 maxlen: 24
195.122.29.0/24 maxlen: 24
81.198.0.0/16 maxlen: 16
78.84.0.0/16 maxlen: 16
195.114.32.0/19 maxlen: 19
81.198.95.0/24 maxlen: 24
194.8.16.0/21 maxlen: 21
194.8.24.0/22 maxlen: 22
195.13.201.0/24 maxlen: 24
80.232.150.13/32 maxlen: 32
80.232.195.0/24 maxlen: 24
84.237.128.0/17 maxlen: 17
195.13.128.0/17 maxlen: 17
80.232.128.0/17 maxlen: 17
80.232.150.0/24 maxlen: 24
80.232.147.0/24 maxlen: 24
95.68.0.0/17 maxlen: 17
87.246.144.0/20 maxlen: 20
195.2.96.0/19 maxlen: 19
195.122.0.0/19 maxlen: 19
87.246.160.0/19 maxlen: 19
62.85.0.0/17 maxlen: 17
195.13.228.0/24 maxlen: 24
195.13.253.0/24 maxlen: 24
195.13.249.0/24 maxlen: 24
87.110.0.0/16 maxlen: 16
91.105.0.0/17 maxlen: 17
2a02:2330::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 267590689 (0xff31c21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: May 20 09:51:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9db7a0e16689983fa9a1dc6bc5ddcb42061cde5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:82:bb:3f:fc:c6:a9:14:a2:3c:84:8c:26:
79:e8:95:9e:03:92:72:e2:83:5b:88:fa:2e:f6:03:
c6:46:0b:30:3d:c3:66:d4:ee:11:55:58:a7:42:dd:
1c:1b:22:50:9c:0a:69:a6:db:8f:9b:50:7e:bd:5b:
62:ee:91:77:fe:6e:02:c9:8b:bf:64:5c:c9:6c:37:
c2:a6:d1:ca:60:ae:f9:1d:d6:f8:6e:d5:8b:d5:f5:
bd:ae:57:35:da:26:8a:c2:23:20:8e:0d:10:76:2a:
d8:9d:b3:9a:36:e2:ff:7f:a1:21:ae:aa:86:cf:ef:
b6:93:cb:83:b6:f6:eb:1f:85:81:03:05:43:85:24:
d0:fa:b4:15:8b:47:b4:00:b3:16:ec:40:9d:02:3c:
32:a3:b7:7e:4a:c3:f1:5c:ae:33:e1:31:3d:20:a6:
d8:8c:28:90:9c:d7:1d:2c:ca:a3:44:cb:bb:72:e2:
e8:37:6f:c3:cd:87:4a:8e:e8:e6:47:a3:7e:9d:3b:
0f:f4:7e:d3:85:b7:96:51:b2:eb:bc:bc:98:09:95:
c2:59:38:0f:fd:48:73:99:ef:5c:1d:81:8d:e7:34:
27:b1:6c:74:36:0a:8a:6f:5b:5d:48:50:75:88:39:
c7:d9:6c:88:13:2b:f6:3d:5b:a9:2a:34:59:4e:ba:
c1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B7:A0:E1:66:89:98:3F:A9:A1:DC:6B:C5:DD:CB:42:06:1C:DE:5D
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/nbeg4WaJmD-podxrxd3LQgYc3l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
80.232.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
194.8.16.0-194.8.27.255
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
ae:35:12:1e:13:c5:2c:be:08:30:13:f9:ff:0f:6e:a8:e1:f9:
c1:76:48:b3:d0:e9:63:06:05:31:9c:27:8e:10:a4:ab:ce:21:
ab:c8:7a:43:3c:87:dd:59:5c:b6:14:b2:29:bf:94:ae:0e:86:
5e:8b:7f:ce:93:9c:7f:22:e5:d0:2e:ce:f4:27:dd:24:f8:74:
0c:4c:38:32:ab:65:ba:5e:03:51:4d:f2:06:62:73:84:d0:0f:
fb:f4:c0:48:f5:62:81:26:f4:ec:f6:89:30:97:1f:c9:2d:9d:
81:15:5e:5b:6c:0e:12:04:3d:7a:79:af:d5:6b:6a:ca:78:7e:
fb:4d:ef:c9:7f:80:27:19:d4:f5:e9:fb:1b:2d:b5:22:9d:ce:
ba:ff:d6:33:9b:ea:f9:af:12:9f:a9:ad:af:6c:f8:b8:28:a9:
a1:52:72:a4:19:fb:d9:f0:7d:de:98:b7:22:f4:82:9b:61:b6:
b3:be:c5:0a:b8:f2:88:78:1d:46:6b:d0:38:51:5c:ba:0f:f0:
cf:9d:5f:5c:1d:a3:74:e4:f5:8d:cd:39:6f:d4:01:3f:77:ec:
26:38:91:ee:88:e5:6e:24:1c:18:35:e6:ba:4c:6c:14:f8:61:
3f:0f:3c:05:86:88:4b:0a:99:3c:c0:dd:f3:24:e3:cf:aa:ab:
e3:84:9d:8a
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIED/McITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
M2JlMDdjYjFmZDRmMWUzYzkyMjMwM2I2NzBhODgxYjgyZTYxNDkxMB4XDTIyMDUy
MDA5NTEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRiN2EwZTE2Njg5
OTgzZmE5YTFkYzZiYzVkZGNiNDIwNjFjZGU1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKC+grs//MapFKI8hIwmeeiVngOScuKDW4j6LvYDxkYLMD3D
ZtTuEVVYp0LdHBsiUJwKaabbj5tQfr1bYu6Rd/5uAsmLv2RcyWw3wqbRymCu+R3W
+G7Vi9X1va5XNdomisIjII4NEHYq2J2zmjbi/3+hIa6qhs/vtpPLg7b26x+FgQMF
Q4Uk0Pq0FYtHtACzFuxAnQI8MqO3fkrD8VyuM+ExPSCm2IwokJzXHSzKo0TLu3Li
6Ddvw82HSo7o5kejfp07D/R+04W3llGy67y8mAmVwlk4D/1Ic5nvXB2Bjec0J7Fs
dDYKim9bXUhQdYg5x9lsiBMr9j1bqSo0WU66wQsCAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBSdt6DhZomYP6mh3GvF3ctCBhzeXTAfBgNVHSMEGDAWgBTjvgfLH9Tx48ki
MDtnCogbguYUkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzQ3NEh5eF9VOGVQSklqQTdad3FJRzRMbUZKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvOGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8x
L25iZWc0V2FKbUQtcG9keHJ4ZDNMUWdZYzNsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
OGY1ZmFlLWRhOTAtNDMxNC1iZmZjLWQ0ZWUxZDM4OWUwZC8xLzQ3NEh5eF9VOGVQ
SklqQTdad3FJRzRMbUZKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwcgQCAAEwbAMDAC5tAwQHPlUAAwMATlQDBAdQ
6IADAwBRxgMEB1TtgAMDAFduMAwDBARX9pADBAZX9oADBAdbaQADBAdfRAADBAK5
JjgwDAMEBMIIEAMEAsIIGAMEBcMCYAMEB8MNgAMEBcNyIAMEBcN6ADANBAIAAjAH
AwUDKgIjMDANBgkqhkiG9w0BAQsFAAOCAQEArjUSHhPFLL4IMBP5/w9uqOH5wXZI
s9DpYwYFMZwnjhCkq84hq8h6QzyH3VlcthSyKb+Urg6GXot/zpOcfyLl0C7O9Cfd
JPh0DEw4Mqtlul4DUU3yBmJzhNAP+/TASPVigSb07PaJMJcfyS2dgRVeW2wOEgQ9
enmv1Wtqynh++03vyX+AJxnU9en7Gy21Ip3Ouv/WM5vq+a8Sn6mtr2z4uCipoVJy
pBn72fB93pi3IvSCm2G2s77FCrjyiHgdRmvQOFFcug/wz51fXB2jdOT1jc05b9QB
P3fsJjiR7ojlbiQcGDXmukxsFPhhPw88BYaISwqZPMDd8yTjz6qr44Sdig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:51 2023 by rpki-client on console-fra.rpki-client.org