Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nTicIQGY2Wt_QQqsapxHNbyWSx8.roa
File: nTicIQGY2Wt_QQqsapxHNbyWSx8.roa (raw, json)
Hash identifier: pIi2a0prOD6ySpncchTbnr3QYt2uwAtG3wwgAOb/usk=
Subject key identifier: 9D:38:9C:21:01:98:D9:6B:7F:41:0A:AC:6A:9C:47:35:BC:96:4B:1F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0182441995737A5B32AE76203BF259892BD9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nTicIQGY2Wt_QQqsapxHNbyWSx8.roa
Signing time: Thu 28 Jul 2022 09:18:23 +0000
ROA not before: Thu 28 Jul 2022 09:18:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206092
IP address blocks: 45.130.83.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
45.67.96.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:44:19:95:73:7a:5b:32:ae:76:20:3b:f2:59:89:2b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 28 09:18:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d389c210198d96b7f410aac6a9c4735bc964b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f6:33:80:dc:b5:c3:c7:4b:64:e3:9d:18:16:
da:50:cf:24:a0:d0:df:18:d9:63:ee:08:76:2d:d4:
75:e0:49:e2:8e:62:1a:71:79:a4:7e:5e:f6:af:aa:
2f:a0:58:96:22:44:85:b7:3b:ec:4f:33:ad:81:56:
c0:f0:aa:61:c8:53:84:59:cd:36:53:8d:2d:c0:3b:
0e:2e:ce:6f:ab:4f:51:70:ab:b2:9b:7f:6c:3a:9e:
67:80:e7:1d:4b:ca:eb:f3:4b:5e:48:87:be:bc:1c:
a9:09:4c:8e:b2:f5:ae:d2:1c:fd:89:8b:50:c3:8d:
7d:54:21:85:35:4d:b1:43:eb:98:98:21:f4:21:33:
44:96:c1:eb:3b:97:8b:7e:03:d1:cb:94:1b:17:e0:
0c:d5:e2:d8:31:cd:0c:92:17:1f:62:a3:39:f1:ce:
a3:48:85:cf:27:97:d8:fc:41:6e:ca:6c:57:c4:ce:
fb:a2:7f:33:65:fc:fd:7b:e0:cb:28:99:71:17:9e:
8f:01:5d:de:74:b1:d2:a3:f0:37:c7:9a:d9:61:d2:
b3:db:e5:ba:c7:9a:75:3e:82:3d:6e:bb:f6:4d:7d:
cb:88:b0:c5:65:80:aa:14:01:a1:ef:86:72:11:6d:
66:a6:55:1f:7a:38:76:ca:33:33:37:45:f6:fe:4a:
4c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:38:9C:21:01:98:D9:6B:7F:41:0A:AC:6A:9C:47:35:BC:96:4B:1F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nTicIQGY2Wt_QQqsapxHNbyWSx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.81.0/24
45.130.83.0/24
45.135.186.0/23
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:51:e7:86:f8:e2:84:41:85:3a:e0:e6:83:b5:9f:5b:e0:c5:
03:85:17:7f:3e:dc:d1:ab:b8:66:9c:40:57:5c:fd:ee:b0:e1:
ab:4f:37:92:08:ab:21:a1:7d:97:ee:22:24:96:78:fd:46:8c:
95:12:9c:d2:b4:88:13:67:54:a1:d9:8f:93:b8:b1:1d:fc:3e:
c5:62:82:20:c0:34:cc:92:f1:cb:eb:49:0b:68:05:0d:83:1f:
75:b7:f1:49:f2:80:be:2f:76:93:a8:6f:c1:9c:74:73:26:36:
0a:97:46:f0:3a:0c:23:b4:1b:85:fe:7f:de:36:5e:b9:4a:33:
16:75:c7:f4:d6:12:a5:bf:bb:53:25:be:4e:ac:63:63:e9:6b:
d9:64:97:b3:1c:b8:15:00:82:99:8e:43:4c:da:0f:a4:46:c4:
1d:3f:00:4e:ae:fd:10:95:09:a7:02:bf:6c:18:08:34:a3:1b:
d6:7b:26:3b:9a:e1:ad:5a:56:e8:3c:87:39:9b:89:a7:48:67:
1b:0d:c1:a0:51:4c:d9:b7:3f:d5:d0:7e:37:41:67:a7:e7:e0:
f1:e2:79:ce:c8:47:f4:93:06:48:7e:c6:65:b7:15:87:52:42:
9f:fb:fb:23:0e:02:92:aa:86:6b:d2:67:69:67:43:1a:ab:33:
09:5f:d2:2d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYJEGZVzelsyrnYgO/JZiSvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzI4MDkxODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM4OWMyMTAxOThkOTZiN2Y0MTBhYWM2YTljNDczNWJjOTY0YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fYzgNy1w8dLZOOdGBbaUM8koNDf
GNlj7gh2LdR14EnijmIacXmkfl72r6ovoFiWIkSFtzvsTzOtgVbA8KphyFOEWc02
U40twDsOLs5vq09RcKuym39sOp5ngOcdS8rr80teSIe+vBypCUyOsvWu0hz9iYtQ
w419VCGFNU2xQ+uYmCH0ITNElsHrO5eLfgPRy5QbF+AM1eLYMc0MkhcfYqM58c6j
SIXPJ5fY/EFuymxXxM77on8zZfz9e+DLKJlxF56PAV3edLHSo/A3x5rZYdKz2+W6
x5p1PoI9brv2TX3LiLDFZYCqFAGh74ZyEW1mplUfejh2yjMzN0X2/kpMswIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ04nCEBmNlrf0EKrGqcRzW8lksfMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvblRpY0lRR1kyV3RfUVFxc2FweEhOYnlXU3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALUNgAwQA
LYJRAwQALYJTAwQBLYe6AwQAWS8PAwQAucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQA
y59RMA0GCSqGSIb3DQEBCwUAA4IBAQCLUeeG+OKEQYU64OaDtZ9b4MUDhRd/PtzR
q7hmnEBXXP3usOGrTzeSCKshoX2X7iIklnj9RoyVEpzStIgTZ1Sh2Y+TuLEd/D7F
YoIgwDTMkvHL60kLaAUNgx91t/FJ8oC+L3aTqG/BnHRzJjYKl0bwOgwjtBuF/n/e
Nl65SjMWdcf01hKlv7tTJb5OrGNj6WvZZJezHLgVAIKZjkNM2g+kRsQdPwBOrv0Q
lQmnAr9sGAg0oxvWeyY7muGtWlboPIc5m4mnSGcbDcGgUUzZtz/V0H43QWen5+Dx
4nnOyEf0kwZIfsZltxWHUkKf+/sjDgKSqoZr0mdpZ0MaqzMJX9It
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org