Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/nM7BtPwgGPHh4gFTN3a7DujfZRY.roa
File: nM7BtPwgGPHh4gFTN3a7DujfZRY.roa (raw, json)
Hash identifier: G75UZTWh+qG8hUe7k9B5bxBmK7I/6xTbsCdcB1AyfNM=
Subject key identifier: 9C:CE:C1:B4:FC:20:18:F1:E1:E2:01:53:37:76:BB:0E:E8:DF:65:16
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0184C4033E5A4AAE3282D5600466A546F20F
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/nM7BtPwgGPHh4gFTN3a7DujfZRY.roa
Signing time: Tue 29 Nov 2022 15:30:57 +0000
ROA not before: Tue 29 Nov 2022 15:30:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20880
IP address blocks: 158.181.68.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
62.117.16.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
5.28.64.0/19 maxlen: 19
5.28.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
5.28.96.0/19 maxlen: 19
185.9.224.0/22 maxlen: 22
62.117.0.192/28 maxlen: 28
86.56.64.0/18 maxlen: 18
37.120.64.0/18 maxlen: 18
62.117.0.128/26 maxlen: 26
62.117.0.0/19 maxlen: 19
62.117.0.0/20 maxlen: 24
37.120.0.0/17 maxlen: 17
37.120.0.0/18 maxlen: 18
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
2a02:2450::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:03:3e:5a:4a:ae:32:82:d5:60:04:66:a5:46:f2:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Nov 29 15:30:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ccec1b4fc2018f1e1e201533776bb0ee8df6516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:94:db:ef:f8:26:18:0e:8d:bd:ac:7d:a8:d8:
d9:9f:55:48:b5:0e:78:95:93:0f:5f:9e:08:49:43:
9e:7f:02:58:58:45:20:45:4d:b3:be:1c:c6:a4:e8:
4d:20:93:c0:6c:df:e9:95:87:50:6b:83:d9:ff:6c:
2b:25:99:19:f9:f6:76:e9:ce:ab:cf:3c:20:8c:94:
27:3e:0e:b2:f6:33:6c:52:f0:8e:55:e8:e4:2c:8d:
72:86:27:4e:27:53:c5:28:2f:3d:a8:3c:51:3c:1e:
ff:8a:c0:a8:e2:d7:c7:d0:f1:71:90:55:a8:19:19:
09:b1:d6:19:b5:f6:a8:7b:be:d7:cb:eb:f4:d5:f8:
48:79:58:5b:65:d0:3f:75:41:36:42:fa:79:db:95:
20:cc:f2:9c:87:6c:ff:7d:4d:6c:34:59:96:30:39:
c8:5a:8d:ee:6d:b6:28:a7:1b:3d:06:0f:02:ce:19:
59:0a:af:47:e8:93:45:5f:5c:0a:7c:b8:c9:28:81:
07:25:c5:1f:e0:74:53:0f:38:d6:1d:46:ce:3a:c3:
2c:0e:19:0f:bf:ad:c0:88:be:93:6c:2d:e4:a7:29:
41:21:f9:f6:38:38:f2:72:8d:f8:70:99:62:08:e8:
5b:d7:fd:e7:b6:a9:8e:6b:e3:bc:3d:27:32:f2:db:
ee:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CE:C1:B4:FC:20:18:F1:E1:E2:01:53:37:76:BB:0E:E8:DF:65:16
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/nM7BtPwgGPHh4gFTN3a7DujfZRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
2d:8f:c4:5d:5d:31:4e:bf:fd:f5:84:4d:a7:38:dd:b0:66:50:
a2:aa:f8:92:9e:9e:20:38:1f:d5:54:11:e8:15:30:6c:e0:1f:
06:c1:72:92:3d:9a:7c:0a:08:95:3c:3d:ec:06:4c:9b:14:16:
30:a0:d3:ad:e5:a0:1d:93:bd:ad:72:54:a1:a5:21:b2:a3:5b:
d6:cd:36:79:0d:cb:2a:ee:e0:51:83:44:e3:1a:08:b4:be:27:
59:69:ef:dc:81:55:84:03:e9:be:65:c8:ae:3e:72:7f:3d:c5:
16:41:8c:a4:24:f9:52:eb:df:36:82:c2:71:1f:a2:e0:72:29:
90:3b:6e:98:c5:d7:99:fc:cc:48:ea:ef:c4:18:39:bc:16:32:
f8:1c:fd:7a:1c:31:31:ef:7a:06:e3:92:f3:55:77:97:a7:76:
eb:2e:c6:69:46:ca:8f:b1:28:69:11:3a:5f:ed:34:fd:32:94:
88:6a:d9:e4:9b:6a:e1:39:b5:f5:32:93:e5:86:b1:7b:ea:da:
e7:0b:ce:e7:a3:90:52:47:52:09:29:ef:76:a3:47:e4:3f:21:
83:06:bc:c0:db:63:2e:e9:4d:1b:21:9a:cc:a5:16:0d:6f:60:
f1:cd:c4:52:c8:92:8a:e9:20:ca:51:c9:33:50:4e:66:ce:30:
4c:ae:d6:2b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYTEAz5aSq4ygtVgBGalRvIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjIxMTI5MTUzMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NlYzFiNGZjMjAxOGYxZTFlMjAxNTMzNzc2YmIwZWU4ZGY2NTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpTb7/gmGA6Nvax9qNjZn1VItQ54
lZMPX54ISUOefwJYWEUgRU2zvhzGpOhNIJPAbN/plYdQa4PZ/2wrJZkZ+fZ26c6r
zzwgjJQnPg6y9jNsUvCOVejkLI1yhidOJ1PFKC89qDxRPB7/isCo4tfH0PFxkFWo
GRkJsdYZtfaoe77Xy+v01fhIeVhbZdA/dUE2Qvp525UgzPKch2z/fU1sNFmWMDnI
Wo3ubbYopxs9Bg8CzhlZCq9H6JNFX1wKfLjJKIEHJcUf4HRTDzjWHUbOOsMsDhkP
v63AiL6TbC3kpylBIfn2ODjyco34cJliCOhb1/3ntqmOa+O8PScy8tvu4QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJzOwbT8IBjx4eIBUzd2uw7o32UWMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvbk03QnRQd2dHUEhoNGdGVE4zYTdEdWpmWlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGBRxAAwQH
JXgAAwQFPnUAAwQFUncAAwQHVjgAAwQFWRCAAwQFnrVAAwQCuQngMA0EAgACMAcD
BQMqAiRQMA0GCSqGSIb3DQEBCwUAA4IBAQAtj8RdXTFOv/31hE2nON2wZlCiqviS
np4gOB/VVBHoFTBs4B8GwXKSPZp8CgiVPD3sBkybFBYwoNOt5aAdk72tclShpSGy
o1vWzTZ5Dcsq7uBRg0TjGgi0vidZae/cgVWEA+m+ZciuPnJ/PcUWQYykJPlS6982
gsJxH6LgcimQO26YxdeZ/MxI6u/EGDm8FjL4HP16HDEx73oG45LzVXeXp3brLsZp
RsqPsShpETpf7TT9MpSIatnkm2rhObX1MpPlhrF76trnC87no5BSR1IJKe92o0fk
PyGDBrzA22Mu6U0bIZrMpRYNb2DxzcRSyJKK6SDKUckzUE5mzjBMrtYr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:06 2024 by rpki-client on console-ams.rpki-client.org