Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nwclM-9ieIOH-QvTmbJxkmXhS1Q.roa
File: nwclM-9ieIOH-QvTmbJxkmXhS1Q.roa (raw, json)
Hash identifier: kfazJHLicY5Sg6sCuZuI00Do0KeC2Z636rkyIfMCSa0=
Subject key identifier: 9F:07:25:33:EF:62:78:83:87:F9:0B:D3:99:B2:71:92:65:E1:4B:54
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01850617141B6DE970E7117D929921D2980F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nwclM-9ieIOH-QvTmbJxkmXhS1Q.roa
Signing time: Mon 12 Dec 2022 11:27:33 +0000
ROA not before: Mon 12 Dec 2022 11:27:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 19
212.44.64.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:14:1b:6d:e9:70:e7:11:7d:92:99:21:d2:98:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f072533ef62788387f90bd399b2719265e14b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:90:93:5e:ca:57:59:ea:6c:3e:67:54:83:7f:
61:e0:4d:aa:12:a5:69:3e:ee:3a:b4:b8:23:75:7c:
a9:67:c2:e1:bb:49:c0:b4:50:4a:dc:18:0d:cb:46:
89:86:27:7c:b7:04:1f:b6:35:7a:92:20:2b:3d:4c:
d3:00:8e:de:b4:2b:a8:84:45:13:66:a4:48:b1:44:
d5:06:2c:a6:f1:a6:e2:91:63:8c:ff:bf:fb:5f:f9:
e2:18:78:6f:24:4a:18:4d:09:31:0f:d5:50:ff:44:
95:73:08:31:44:f7:cf:8a:08:81:3a:06:1f:22:6e:
74:68:77:23:d4:ca:bb:cd:a7:b7:c5:29:35:94:e3:
bd:a7:31:01:07:68:c8:c3:51:a5:4d:8b:f3:f0:97:
5f:8d:a0:2f:ea:78:2d:5f:c1:55:8a:6e:a1:21:18:
f0:55:98:fe:2b:2d:7e:3b:cb:5a:77:39:82:14:d4:
8a:58:a2:c3:1a:ab:fe:e0:bc:06:09:f9:c3:8f:8a:
a3:92:3b:30:2b:fa:95:8a:7a:18:c3:6a:fc:94:2e:
b8:76:6e:b8:76:b6:10:7f:12:c1:a9:7c:1b:9d:e5:
19:04:d8:62:26:8f:e8:95:6b:1a:3f:24:56:e7:a9:
48:40:e9:29:08:62:14:b6:62:0e:55:22:37:25:25:
e6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:07:25:33:EF:62:78:83:87:F9:0B:D3:99:B2:71:92:65:E1:4B:54
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nwclM-9ieIOH-QvTmbJxkmXhS1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
195.5.128.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
38:83:f8:c2:68:45:c1:7d:95:f5:a5:e5:17:64:46:cd:90:f2:
be:f4:52:7a:2b:78:90:a6:b8:c6:87:bd:72:3b:ca:8b:50:4d:
77:11:af:dc:95:8d:7d:6a:f1:4f:2c:ac:a5:0c:4e:a4:7d:49:
bd:7e:ba:c9:7a:43:64:48:85:28:f9:eb:cf:00:f4:0b:9f:70:
bb:a9:b9:b7:b9:01:ec:24:7d:56:a6:0c:68:3d:a2:4b:20:b1:
16:24:0e:4c:48:6d:38:f2:74:a3:ad:ab:0f:ba:2f:1f:b1:1a:
df:9d:e8:42:c3:ce:8c:7d:9d:84:89:4b:f6:9c:5a:43:58:d6:
18:c1:31:91:eb:ef:3d:45:ba:03:2b:70:9c:f2:9d:71:b2:00:
50:72:cd:67:71:61:60:6f:d9:1c:83:46:bb:5f:5f:09:a7:e8:
5e:b1:ce:08:4e:8f:b8:69:4f:3a:01:93:4b:1a:a6:7d:31:1f:
b8:16:b5:db:11:97:cd:dc:d0:36:4b:7d:1b:a5:3e:d8:79:e0:
b6:53:9b:b0:80:f1:a3:11:a3:87:f3:ba:b6:6a:d4:53:7a:d5:
6d:47:1b:77:88:4f:79:04:24:b2:a8:1e:6d:5c:7a:6d:d7:78:
f7:dd:f0:98:7f:e1:51:a3:6f:3a:73:c2:33:f5:c5:c1:52:12:
83:85:f8:55
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYUGFxQbbelw5xF9kpkh0pgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA3MjUzM2VmNjI3ODgzODdmOTBiZDM5OWIyNzE5MjY1ZTE0YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpCTXspXWepsPmdUg39h4E2qEqVp
Pu46tLgjdXypZ8Lhu0nAtFBK3BgNy0aJhid8twQftjV6kiArPUzTAI7etCuohEUT
ZqRIsUTVBiym8abikWOM/7/7X/niGHhvJEoYTQkxD9VQ/0SVcwgxRPfPigiBOgYf
Im50aHcj1Mq7zae3xSk1lOO9pzEBB2jIw1GlTYvz8JdfjaAv6ngtX8FVim6hIRjw
VZj+Ky1+O8tadzmCFNSKWKLDGqv+4LwGCfnDj4qjkjswK/qVinoYw2r8lC64dm64
drYQfxLBqXwbneUZBNhiJo/olWsaPyRW56lIQOkpCGIUtmIOVSI3JSXmgQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFJ8HJTPvYniDh/kL05mycZJl4UtUMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbndjbE0tOWllSU9ILVF2VG1iSnhrbVhoUzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBqAQCAAEwgaEDBAYu
L8ADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdUzAAwDAME
AlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEB12ZgAMEA14Z
+AMEB1+JAAMEBm18QAMEBcMFgAMEBcOQ4AMEBdQOoAMEBdQsQAMEBdR3oAMEBdWs
AAMEBdW2oAMEBdnDQDANBgkqhkiG9w0BAQsFAAOCAQEAOIP4wmhFwX2V9aXlF2RG
zZDyvvRSeit4kKa4xoe9cjvKi1BNdxGv3JWNfWrxTyyspQxOpH1JvX66yXpDZEiF
KPnrzwD0C59wu6m5t7kB7CR9VqYMaD2iSyCxFiQOTEhtOPJ0o62rD7ovH7Ea353o
QsPOjH2dhIlL9pxaQ1jWGMExkevvPUW6AytwnPKdcbIAUHLNZ3FhYG/ZHINGu19f
CafoXrHOCE6PuGlPOgGTSxqmfTEfuBa12xGXzdzQNkt9G6U+2HngtlObsIDxoxGj
h/O6tmrUU3rVbUcbd4hPeQQksqgebVx6bdd4993wmH/hUaNvOnPCM/XFwVISg4X4
VQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:30 2025 by rpki-client