Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NwYy5BEUGfLEd3s-YkPuNnmFsbY.roa
File: NwYy5BEUGfLEd3s-YkPuNnmFsbY.roa (raw, json)
Hash identifier: SjjezCF08w4/N8HgWBavvplXBztIdQ9j/MKUx4ZgkJY=
Subject key identifier: 37:06:32:E4:11:14:19:F2:C4:77:7B:3E:62:43:EE:36:79:85:B1:B6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CCCEC7C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NwYy5BEUGfLEd3s-YkPuNnmFsbY.roa
Signing time: Sat 01 Jan 2022 05:05:12 +0000
ROA not before: Sat 01 Jan 2022 05:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 2.56.56.0/22 maxlen: 24
37.46.150.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
2.58.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214756476 (0xcccec7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=370632e4111419f2c4777b3e6243ee367985b1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b8:06:bb:72:0b:d3:25:b2:1e:68:f5:59:93:
9f:2c:a9:9b:72:cf:e5:ae:e5:ee:ed:d9:a7:1b:ee:
d5:cb:85:54:34:e0:df:21:cd:43:e2:f9:2d:3e:c6:
78:04:b1:ac:51:03:c5:9f:98:ba:de:18:70:f0:82:
97:58:e4:5a:71:c8:7a:70:42:2a:5a:86:a5:e4:dd:
ae:02:0c:bd:a4:73:b5:98:72:70:91:9b:95:4c:93:
68:ab:7e:71:92:69:5c:e5:4a:93:22:6b:3a:77:41:
13:cf:a3:25:0b:90:22:a5:45:f6:cd:ef:b9:f4:3e:
30:ce:17:17:41:5a:ee:72:0f:ef:71:ff:e8:77:df:
65:2f:d4:ac:87:91:b6:6d:09:e0:5e:98:af:3c:46:
c9:ab:70:da:58:1d:e7:0f:c2:50:f6:84:5e:50:2f:
0b:8e:28:e7:f1:87:96:1d:e7:65:11:9e:87:c1:7e:
c3:ae:64:6d:b4:28:c2:b2:8e:79:6f:a6:5d:8f:99:
aa:ea:8f:3a:30:aa:dc:30:1e:ab:fd:3d:55:d6:0a:
37:7f:74:b8:49:c5:3e:b7:0b:e7:0a:12:9a:ae:58:
a7:36:88:ea:90:7d:f8:ce:19:ce:e0:de:8d:f2:40:
b0:c4:07:8c:68:6f:9f:fa:f4:a5:00:02:ae:a7:25:
70:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:06:32:E4:11:14:19:F2:C4:77:7B:3E:62:43:EE:36:79:85:B1:B6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NwYy5BEUGfLEd3s-YkPuNnmFsbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
2.58.148.0/22
37.46.150.0/24
185.239.242.0/23
Signature Algorithm: sha256WithRSAEncryption
61:f6:41:22:12:81:a4:44:95:13:1f:c1:dc:36:a5:39:f0:34:
3a:a7:66:b5:25:6e:23:91:3b:04:29:a2:ef:85:26:16:66:6c:
57:c4:73:2b:dc:b1:8c:97:8c:00:5a:d9:7b:3e:9c:99:81:85:
44:62:8a:dd:08:ad:0d:dd:e5:96:a4:3e:d4:46:79:c5:c3:39:
e8:63:3e:67:92:a0:87:77:3b:fd:76:9c:3f:b3:a4:ac:08:51:
70:2c:d7:8a:7a:8d:6a:1a:50:3a:e4:71:68:af:60:c7:e4:20:
2e:c1:dd:49:68:e3:14:39:5e:63:50:c9:eb:3f:2e:ae:2a:44:
35:1c:f0:d1:d0:4c:c2:bd:01:b7:8b:4f:8f:f9:d7:6a:76:eb:
7a:3f:d2:d0:b1:41:8b:f3:96:08:98:16:43:39:23:a3:25:2b:
d9:ce:2a:1c:c8:7f:75:67:67:10:19:2d:7a:89:d9:ef:46:8e:
73:5f:77:89:95:9d:eb:f5:06:1a:b5:a5:da:2d:3e:9e:a5:d0:
4d:96:63:49:d7:88:06:ee:e7:7d:6e:f6:f1:23:c2:0d:cb:27:
27:6e:7b:61:f9:2b:e4:28:cc:e0:42:19:80:3a:92:06:be:f1:
66:56:6c:d3:5e:26:e4:5e:1c:b7:31:f8:19:6f:3e:72:78:a7:
d9:b0:c0:c0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDMzsfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzcwNjMyZTQxMTE0
MTlmMmM0Nzc3YjNlNjI0M2VlMzY3OTg1YjFiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKC4BrtyC9Mlsh5o9VmTnyypm3LP5a7l7u3Zpxvu1cuFVDTg
3yHNQ+L5LT7GeASxrFEDxZ+Yut4YcPCCl1jkWnHIenBCKlqGpeTdrgIMvaRztZhy
cJGblUyTaKt+cZJpXOVKkyJrOndBE8+jJQuQIqVF9s3vufQ+MM4XF0Fa7nIP73H/
6HffZS/UrIeRtm0J4F6YrzxGyatw2lgd5w/CUPaEXlAvC44o5/GHlh3nZRGeh8F+
w65kbbQowrKOeW+mXY+ZquqPOjCq3DAeq/09VdYKN390uEnFPrcL5woSmq5YpzaI
6pB9+M4ZzuDejfJAsMQHjGhvn/r0pQACrqclcGsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ3BjLkERQZ8sR3ez5iQ+42eYWxtjAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L053WXk1QkVVR2ZMRWQzcy1Za1B1Tm5tRnNiWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgI4OAMEAgI6lAMEACUulgMEAbnv
8jANBgkqhkiG9w0BAQsFAAOCAQEAYfZBIhKBpESVEx/B3DalOfA0OqdmtSVuI5E7
BCmi74UmFmZsV8RzK9yxjJeMAFrZez6cmYGFRGKK3QitDd3llqQ+1EZ5xcM56GM+
Z5Kgh3c7/XacP7OkrAhRcCzXinqNahpQOuRxaK9gx+QgLsHdSWjjFDleY1DJ6z8u
ripENRzw0dBMwr0Bt4tPj/nXanbrej/S0LFBi/OWCJgWQzkjoyUr2c4qHMh/dWdn
EBkteonZ70aOc193iZWd6/UGGrWl2i0+nqXQTZZjSdeIBu7nfW728SPCDcsnJ257
Yfkr5CjM4EIZgDqSBr7xZlZs014m5F4ctzH4GW8+cnin2bDAwA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org