Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nxsqkBjl4pmxkKWknJaPJcmTYls.roa
File: nxsqkBjl4pmxkKWknJaPJcmTYls.roa (raw, json)
Hash identifier: YU780qbkZ/msM0W/ZK7JR+IpYasrEFOj05VIRwNWqzs=
Subject key identifier: 9F:1B:2A:90:18:E5:E2:99:B1:90:A5:A4:9C:96:8F:25:C9:93:62:5B
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F14BB619703E2B34C66CF64A2B03FAE1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nxsqkBjl4pmxkKWknJaPJcmTYls.roa
Signing time: Thu 08 Dec 2022 10:33:01 +0000
ROA not before: Thu 08 Dec 2022 10:33:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24767
IP address blocks: 109.188.0.0/16 maxlen: 24
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
109.124.64.0/18 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:4b:b6:19:70:3e:2b:34:c6:6c:f6:4a:2b:03:fa:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:33:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f1b2a9018e5e299b190a5a49c968f25c993625b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0d:61:10:d8:a5:7a:11:ee:22:04:ac:8f:71:
fd:aa:82:73:7c:7d:d7:fa:d6:06:8a:d3:f8:f2:52:
46:d8:3e:ef:f9:b7:87:d0:d9:52:5c:aa:74:26:14:
ee:0f:6d:f0:d2:49:c8:4b:51:3a:f6:97:c7:a8:6f:
48:1d:68:1d:e7:56:ec:46:f5:75:f1:0c:a4:d3:37:
12:66:e2:c5:86:d6:96:7b:28:4b:66:b0:8c:dd:a8:
f2:7e:ea:5c:42:1a:4f:48:8d:23:22:26:65:4d:37:
28:ac:1d:d1:d9:72:af:36:0d:c9:3e:2e:4a:b2:1b:
11:ea:ee:c4:f2:38:bb:97:7e:14:a0:f9:38:82:5b:
e1:78:cd:72:b6:7e:ea:dd:d6:8b:0c:12:61:b5:c0:
35:c1:99:1d:c0:bd:54:87:f1:7a:de:db:f3:e3:6c:
a1:1b:e2:61:93:42:c4:ef:c7:af:96:93:64:8e:a5:
e7:6f:0c:c9:2e:cb:04:66:58:5b:8b:0e:cf:91:38:
10:b8:7f:68:00:c0:bf:11:bf:24:4f:ec:18:2b:df:
58:a0:d4:12:e7:6a:a5:b2:b7:90:88:fe:1b:b8:18:
1e:56:3e:0c:77:74:9d:ba:eb:1d:3e:6b:03:6b:07:
be:31:e6:87:c0:3f:b5:a9:77:67:16:d3:af:14:90:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1B:2A:90:18:E5:E2:99:B1:90:A5:A4:9C:96:8F:25:C9:93:62:5B
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nxsqkBjl4pmxkKWknJaPJcmTYls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:6a:97:77:fa:f3:ad:e4:29:52:31:ad:28:5b:1a:17:8c:87:
62:b0:b9:0b:44:1a:06:90:39:38:a7:e1:21:8e:73:bf:63:89:
ec:8c:38:ca:ea:29:19:2e:e3:37:44:cc:a7:1a:2e:b9:0c:0d:
4d:d0:54:18:f6:e9:82:64:5b:fe:76:27:e4:c2:96:69:7a:5a:
c0:65:1b:65:c7:55:60:21:c6:81:33:5f:7a:dd:8b:cd:00:58:
bb:96:c5:a8:9c:1f:8f:49:d1:d3:7c:be:80:a0:09:93:43:31:
64:c0:ac:1b:16:53:8c:61:e0:8a:2a:f1:96:1b:3c:7b:04:fb:
86:25:87:4b:2b:d3:3d:48:90:2c:eb:13:85:45:d4:16:b2:d7:
4b:b4:02:88:e7:c4:1d:06:4a:68:29:0b:0b:d0:b3:79:8d:55:
b5:ce:55:d4:b4:f3:0e:84:a6:ce:41:41:ee:4a:8a:eb:80:8f:
87:e5:0c:e0:f5:89:20:bb:fc:3e:76:ba:01:6e:20:87:35:3d:
4a:9b:6d:70:cc:28:76:6c:98:ca:b9:5d:80:7f:8d:8c:68:0d:
f8:f7:bc:47:9e:db:f3:4e:e3:02:44:d2:96:39:35:b0:3d:28:
b1:b0:96:3f:69:22:5d:f4:7c:ff:a7:50:35:57:73:8f:59:3a:
8c:7f:89:4d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYTxS7YZcD4rNMZs9korA/rhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAzMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFiMmE5MDE4ZTVlMjk5YjE5MGE1YTQ5Yzk2OGYyNWM5OTM2MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ1hENilehHuIgSsj3H9qoJzfH3X
+tYGitP48lJG2D7v+beH0NlSXKp0JhTuD23w0knIS1E69pfHqG9IHWgd51bsRvV1
8Qyk0zcSZuLFhtaWeyhLZrCM3ajyfupcQhpPSI0jIiZlTTcorB3R2XKvNg3JPi5K
shsR6u7E8ji7l34UoPk4glvheM1ytn7q3daLDBJhtcA1wZkdwL1Uh/F63tvz42yh
G+Jhk0LE78evlpNkjqXnbwzJLssEZlhbiw7PkTgQuH9oAMC/Eb8kT+wYK99YoNQS
52qlsreQiP4buBgeVj4Md3SduusdPmsDawe+MeaHwD+1qXdnFtOvFJCeDwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFJ8bKpAY5eKZsZClpJyWjyXJk2JbMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbnhzcWtCamw0cG14a0tXa25KYVBKY21UWWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAZt
fEADAwBtvAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnk
AwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVg
AwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IB
AQBaapd3+vOt5ClSMa0oWxoXjIdisLkLRBoGkDk4p+EhjnO/Y4nsjDjK6ikZLuM3
RMynGi65DA1N0FQY9umCZFv+difkwpZpelrAZRtlx1VgIcaBM1963YvNAFi7lsWo
nB+PSdHTfL6AoAmTQzFkwKwbFlOMYeCKKvGWGzx7BPuGJYdLK9M9SJAs6xOFRdQW
stdLtAKI58QdBkpoKQsL0LN5jVW1zlXUtPMOhKbOQUHuSorrgI+H5Qzg9Ykgu/w+
droBbiCHNT1Km21wzCh2bJjKuV2Af42MaA3497xHntvzTuMCRNKWOTWwPSixsJY/
aSJd9Hz/p1A1V3OPWTqMf4lN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:36 2024 by rpki-client on console-ams.rpki-client.org