Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/NhP-xIBMmSh8kbvPUl8-r0Oa3u8.roa
File: NhP-xIBMmSh8kbvPUl8-r0Oa3u8.roa (raw, json)
Hash identifier: tHHqARQgdu4pbqBjvEvL0pL3Fzw9KkS4AGSWMUoigRQ=
Subject key identifier: 36:13:FE:C4:80:4C:99:28:7C:91:BB:CF:52:5F:3E:AF:43:9A:DE:EF
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185053F7BF87CCD0F39252EDF1B6260A2FD
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/NhP-xIBMmSh8kbvPUl8-r0Oa3u8.roa
Signing time: Mon 12 Dec 2022 07:32:04 +0000
ROA not before: Mon 12 Dec 2022 07:32:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 21
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:3f:7b:f8:7c:cd:0f:39:25:2e:df:1b:62:60:a2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 07:32:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3613fec4804c99287c91bbcf525f3eaf439adeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:f5:20:ea:68:b5:11:4f:4f:12:79:7a:90:
f5:f1:97:be:4b:f9:79:ad:c7:8b:7c:a9:fc:d2:87:
62:ae:e6:ce:d0:67:1c:b7:e9:35:08:73:c7:d4:6e:
90:bd:51:77:d1:80:b9:6e:04:33:d5:c1:ab:8e:2a:
ca:ae:a2:13:99:b2:67:7c:12:95:2c:6b:0c:87:2a:
66:f6:da:c9:b1:03:aa:28:4d:2f:15:b5:58:bd:13:
93:0d:89:eb:8b:0e:48:5f:68:5b:8b:c7:d6:72:5f:
6c:72:61:c5:00:c9:b1:85:d1:0b:da:f6:45:4d:a1:
af:0f:94:a2:08:2f:ab:ca:92:81:fc:29:06:de:26:
cc:9e:fd:74:89:8c:17:eb:05:e2:1e:76:cb:37:61:
cf:7b:b0:33:09:ba:ac:72:44:7a:87:e5:44:a1:ed:
a8:06:68:20:25:6f:ab:c5:c2:f3:40:54:d1:ac:91:
aa:3e:21:ac:93:d4:d6:81:e3:ca:ba:c1:e5:e4:64:
27:8a:e4:a6:64:ad:06:5e:69:90:f0:16:8a:7f:b7:
d4:71:8c:a3:c8:33:4a:5a:35:75:97:a7:d7:99:92:
c7:e1:7e:c8:10:78:1e:04:bf:af:15:ea:79:2b:5c:
0b:d5:a7:86:b0:56:fb:ef:f6:60:00:5c:84:22:47:
0f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:13:FE:C4:80:4C:99:28:7C:91:BB:CF:52:5F:3E:AF:43:9A:DE:EF
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/NhP-xIBMmSh8kbvPUl8-r0Oa3u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.253.255
188.162.0.0/16
188.170.244.0/23
188.170.248.0-188.170.252.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:6d:d2:7b:6f:f1:b1:ed:f7:f4:99:1d:bc:44:1e:1d:21:24:
96:6b:51:fe:66:93:af:06:61:cf:73:3c:cc:a5:cd:19:d1:b6:
a5:ec:00:d4:d2:87:b7:6d:43:62:fe:ed:10:ff:2e:97:04:90:
6b:59:e8:36:ea:47:12:d3:e1:e9:f9:60:5c:5c:eb:3a:32:a3:
c2:b0:e4:f2:62:41:6b:de:6c:c8:3f:bb:53:bc:eb:eb:66:85:
f2:91:ac:f6:f1:4f:8a:ef:7e:fe:7d:f9:6f:e4:ad:32:28:c7:
bd:d8:5a:be:6c:ca:2f:fe:f3:83:7a:09:e4:b2:5d:f0:3b:3b:
71:5f:86:f0:8b:d0:6f:d1:ae:2a:09:68:42:83:72:b1:23:70:
1a:9e:4f:6d:c9:8a:b1:16:9f:d8:e0:c9:67:a0:d9:9d:9f:ef:
52:4d:41:59:7f:36:10:37:af:f8:b9:08:7b:5a:59:47:1f:14:
5f:f2:62:81:1e:53:44:0d:0d:de:0d:52:fa:ff:1d:28:93:39:
cd:b1:b8:0e:6a:ca:3a:a5:91:54:3a:ff:09:14:d5:fe:b0:17:
9f:bd:2b:06:5e:92:f5:1c:22:78:9b:df:07:2e:78:e3:7c:58:
42:10:59:21:f6:7b:00:08:03:37:1d:28:2f:31:e6:be:65:91:
d0:78:40:90
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYUFP3v4fM0POSUu3xtiYKL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDczMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjEzZmVjNDgwNGM5OTI4N2M5MWJiY2Y1MjVmM2VhZjQzOWFkZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCr1IOpotRFPTxJ5epD18Ze+S/l5
rceLfKn80odirubO0Gcct+k1CHPH1G6QvVF30YC5bgQz1cGrjirKrqITmbJnfBKV
LGsMhypm9trJsQOqKE0vFbVYvROTDYnriw5IX2hbi8fWcl9scmHFAMmxhdEL2vZF
TaGvD5SiCC+rypKB/CkG3ibMnv10iYwX6wXiHnbLN2HPe7AzCbqsckR6h+VEoe2o
BmggJW+rxcLzQFTRrJGqPiGsk9TWgePKusHl5GQniuSmZK0GXmmQ8BaKf7fUcYyj
yDNKWjV1l6fXmZLH4X7IEHgeBL+vFep5K1wL1aeGsFb77/ZgAFyEIkcPEwIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFDYT/sSATJkofJG7z1JfPq9Dmt7vMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTmhQLXhJQk1tU2g4a2J2UFVsOC1yME9hM3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTCBjgQCAAEwgYcDBAMf
rfgDBAIlHVADBAMuHcADBAOyF5AwDAMEA7Kw+AMEAbKw/AMDALyiAwQBvKr0MAwD
BAO8qvgDBAC8qvwDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kAD
BAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCAwDQYJKoZIhvcNAQEL
BQADggEBAApt0ntv8bHt9/SZHbxEHh0hJJZrUf5mk68GYc9zPMylzRnRtqXsANTS
h7dtQ2L+7RD/LpcEkGtZ6DbqRxLT4en5YFxc6zoyo8Kw5PJiQWvebMg/u1O86+tm
hfKRrPbxT4rvfv59+W/krTIox73YWr5syi/+84N6CeSyXfA7O3FfhvCL0G/RrioJ
aEKDcrEjcBqeT23JirEWn9jgyWeg2Z2f71JNQVl/NhA3r/i5CHtaWUcfFF/yYoEe
U0QNDd4NUvr/HSiTOc2xuA5qyjqlkVQ6/wkU1f6wF5+9KwZekvUcInib3wcueON8
WEIQWSH2ewAIAzcdKC8x5r5lkdB4QJA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org