Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/NPPW58VH0D9_pwuMya0sVVrKaj8.roa
File: NPPW58VH0D9_pwuMya0sVVrKaj8.roa (raw, json)
Hash identifier: pE1Xd0q9kMUJxsXLkC3BJlizUeVFHl4VJDZMs/+ZwGA=
Subject key identifier: 34:F3:D6:E7:C5:47:D0:3F:7F:A7:0B:8C:C9:AD:2C:55:5A:CA:6A:3F
Certificate issuer: /CN=6676dff61a8305675977e86f52eee6745d6428f4
Certificate serial: 167A5E9E
Authority key identifier: 66:76:DF:F6:1A:83:05:67:59:77:E8:6F:52:EE:E6:74:5D:64:28:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/NPPW58VH0D9_pwuMya0sVVrKaj8.roa
Signing time: Sat 01 Jan 2022 11:04:01 +0000
ROA not before: Sat 01 Jan 2022 11:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199952
IP address blocks: 185.88.52.0/22 maxlen: 24
185.29.68.0/22 maxlen: 24
185.223.240.0/22 maxlen: 24
185.110.76.0/22 maxlen: 24
185.69.8.0/22 maxlen: 24
185.227.8.0/22 maxlen: 24
45.66.64.0/22 maxlen: 22
152.89.100.0/22 maxlen: 22
2a04:41c0::/29 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 377118366 (0x167a5e9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6676dff61a8305675977e86f52eee6745d6428f4
Validity
Not Before: Jan 1 11:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34f3d6e7c547d03f7fa70b8cc9ad2c555aca6a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:41:1d:0a:e4:4e:f1:c9:a5:7d:79:35:09:fd:
04:6f:89:5f:11:a1:a7:67:61:f2:8c:18:e8:cc:0b:
2c:12:9c:d6:f8:3f:b8:d0:1b:31:ad:90:0e:83:ee:
c9:de:11:cf:50:a2:b4:a6:d5:38:3c:ca:e7:dd:f7:
00:64:ca:e7:c6:9a:86:af:51:36:15:07:63:22:a5:
07:f3:e9:5b:c2:67:80:56:3d:b3:fc:c3:0f:51:7a:
a8:cf:b1:29:aa:09:3f:99:6f:9e:38:b9:8a:d6:4a:
48:e4:91:b0:9c:dc:ba:2d:a1:b3:c5:8f:38:05:a6:
91:00:5f:e9:c7:fc:6b:74:4c:6b:18:3b:0b:04:78:
3f:ec:47:93:13:6e:f1:a9:4a:98:79:be:53:6a:f9:
6a:d4:6c:20:b5:be:29:e0:5c:26:20:17:cd:8b:4c:
82:c6:77:eb:24:4a:ce:b4:80:bb:b5:0c:78:27:00:
39:4d:96:e3:2e:9c:26:b4:f1:9e:d1:b2:d3:fa:85:
e0:a3:d1:80:cb:c2:d0:cd:0d:90:b0:3e:be:5a:b4:
89:e2:d6:1a:b9:a3:c4:8d:40:75:21:13:10:cd:1e:
55:99:3d:6e:da:5f:19:4f:be:56:0a:c7:75:10:6c:
9a:06:e8:b7:61:ec:1b:9c:8d:e5:cd:db:a5:c4:cc:
01:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F3:D6:E7:C5:47:D0:3F:7F:A7:0B:8C:C9:AD:2C:55:5A:CA:6A:3F
X509v3 Authority Key Identifier:
keyid:66:76:DF:F6:1A:83:05:67:59:77:E8:6F:52:EE:E6:74:5D:64:28:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/NPPW58VH0D9_pwuMya0sVVrKaj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.64.0/22
152.89.100.0/22
185.29.68.0/22
185.69.8.0/22
185.88.52.0/22
185.110.76.0/22
185.223.240.0/22
185.227.8.0/22
IPv6:
2a04:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:36:99:fc:6a:15:02:02:85:3a:c6:0d:7d:38:5b:df:1f:78:
bf:7a:0f:ef:91:fc:5a:b1:8e:63:6a:dc:2a:82:b8:f5:e3:53:
d9:7e:5d:3b:b3:dc:85:e1:b9:5b:bc:6d:79:54:75:30:c0:bb:
03:fd:dc:ad:38:72:45:b5:26:97:3c:a8:c1:1c:ba:ea:e7:8b:
6d:db:4f:9f:eb:ad:a5:dd:eb:f4:88:f9:c4:94:7b:07:7c:70:
46:c5:7a:0f:37:1a:3f:b1:df:c4:d0:26:06:36:f9:d5:b1:72:
b8:e5:71:e0:96:29:b3:af:8e:e9:59:c1:38:e0:87:c1:ae:fd:
52:53:5c:e2:dc:74:2f:ed:12:b3:6b:31:c3:e1:35:32:2f:e3:
a7:24:d2:bb:75:4e:5a:51:dd:f6:4b:35:e4:e4:a1:55:db:91:
d8:ef:63:6c:d2:65:88:9e:a0:06:e0:1d:24:b4:ff:7f:d4:cb:
40:82:b6:44:88:af:56:dd:35:1d:72:a8:e2:29:9e:2f:02:b5:
e8:3d:08:86:c7:0b:7d:94:db:4e:a5:3e:56:43:2a:c5:b3:92:
dd:81:a8:1c:f0:ca:7e:6c:37:34:dd:66:61:54:f0:fb:23:cd:
8d:bd:01:28:1f:29:28:44:e9:c5:0d:9a:ac:86:6c:3f:47:91:
17:a6:61:55
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEFnpenjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Njc2ZGZmNjFhODMwNTY3NTk3N2U4NmY1MmVlZTY3NDVkNjQyOGY0MB4XDTIyMDEw
MTExMDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRmM2Q2ZTdjNTQ3
ZDAzZjdmYTcwYjhjYzlhZDJjNTU1YWNhNmEzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRBHQrkTvHJpX15NQn9BG+JXxGhp2dh8owY6MwLLBKc1vg/
uNAbMa2QDoPuyd4Rz1CitKbVODzK5933AGTK58aahq9RNhUHYyKlB/PpW8JngFY9
s/zDD1F6qM+xKaoJP5lvnji5itZKSOSRsJzcui2hs8WPOAWmkQBf6cf8a3RMaxg7
CwR4P+xHkxNu8alKmHm+U2r5atRsILW+KeBcJiAXzYtMgsZ36yRKzrSAu7UMeCcA
OU2W4y6cJrTxntGy0/qF4KPRgMvC0M0NkLA+vlq0ieLWGrmjxI1AdSETEM0eVZk9
btpfGU++VgrHdRBsmgbot2HsG5yN5c3bpcTMAVsCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQ089bnxUfQP3+nC4zJrSxVWspqPzAfBgNVHSMEGDAWgBRmdt/2GoMFZ1l3
6G9S7uZ0XWQo9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1puYmY5aHFEQldkWmQtaHZVdTdtZEYxa0tQUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNmNiMjNlLTdjNjUtNDZiMy05YjZkLTdjNjYzNWRhODkyZC8x
L05QUFc1OFZIMEQ5X3B3dU15YTBzVlZyS2FqOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NmNiMjNlLTdjNjUtNDZiMy05YjZkLTdjNjYzNWRhODkyZC8xL1puYmY5aHFEQldk
WmQtaHZVdTdtZEYxa0tQUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAi1CQAMEAphZZAMEArkdRAMEArlF
CAMEArlYNAMEArluTAMEArnf8AMEArnjCDANBAIAAjAHAwUDKgRBwDANBgkqhkiG
9w0BAQsFAAOCAQEASzaZ/GoVAgKFOsYNfThb3x94v3oP75H8WrGOY2rcKoK49eNT
2X5dO7PcheG5W7xteVR1MMC7A/3crThyRbUmlzyowRy66ueLbdtPn+utpd3r9Ij5
xJR7B3xwRsV6DzcaP7HfxNAmBjb51bFyuOVx4JYps6+O6VnBOOCHwa79UlNc4tx0
L+0Ss2sxw+E1Mi/jpyTSu3VOWlHd9ks15OShVduR2O9jbNJliJ6gBuAdJLT/f9TL
QIK2RIivVt01HXKo4imeLwK16D0IhscLfZTbTqU+VkMqxbOS3YGoHPDKfmw3NN1m
YVTw+yPNjb0BKB8pKETpxQ2arIZsP0eRF6ZhVQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:30 2023 by rpki-client on console-fra.rpki-client.org