Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/1NNCoqIkRscsdNuKkX8ITwPoIeM.roa
File: 1NNCoqIkRscsdNuKkX8ITwPoIeM.roa (raw, json)
Hash identifier: Bf4/gWwznoTjka9EoSAYEkLbMvjLVfT6u/eki68HWHY=
Subject key identifier: D4:D3:42:A2:A2:24:46:C7:2C:74:DB:8A:91:7F:08:4F:03:E8:21:E3
Certificate issuer: /CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Certificate serial: 035F3749
Authority key identifier: 22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/1NNCoqIkRscsdNuKkX8ITwPoIeM.roa
Signing time: Sat 01 Jan 2022 05:52:17 +0000
ROA not before: Sat 01 Jan 2022 05:52:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51333
IP address blocks: 185.58.4.0/22 maxlen: 22
188.65.80.0/22 maxlen: 22
188.65.84.0/24 maxlen: 24
188.65.87.0/24 maxlen: 24
188.65.86.0/24 maxlen: 24
194.36.72.0/22 maxlen: 22
2a0c:bdc0::/29 maxlen: 29
2a02:6120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56571721 (0x35f3749)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Validity
Not Before: Jan 1 05:52:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4d342a2a22446c72c74db8a917f084f03e821e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:5c:c0:b3:a2:d2:52:20:da:10:cc:27:73:
5f:34:84:a8:e5:ab:56:09:09:cc:15:ed:dd:a9:b8:
3e:ff:43:a2:8c:f6:20:6d:81:51:38:85:b1:46:df:
36:22:71:d7:ea:12:af:9c:3f:00:6e:cd:31:03:3c:
48:ea:2f:91:b1:59:40:b3:b7:c8:ad:ce:06:96:fa:
0c:92:27:b9:1a:d8:16:70:ec:52:52:2e:b1:b4:e5:
7e:fe:2e:9b:7c:5a:17:d5:53:2b:9e:95:f0:64:be:
10:ec:eb:07:88:b2:3a:a1:1e:53:d0:7a:01:64:48:
78:9b:46:fd:38:59:7a:fe:97:50:45:c1:6f:49:31:
54:81:d9:78:c7:8c:e1:95:cf:58:86:c2:8a:e4:6b:
8e:fc:98:dc:fc:d0:0e:e6:2f:8f:4d:c0:91:36:16:
ac:9c:9c:0e:f5:8e:fd:4f:77:bc:20:da:47:33:f1:
c5:f9:f3:e5:84:77:55:d0:24:1d:45:a6:b5:e3:82:
77:3f:5d:33:f6:e8:04:5b:ad:d2:ac:64:b5:c2:7c:
81:a7:9a:5b:93:dc:a8:1e:21:dd:6a:34:82:dc:02:
46:da:52:8c:71:31:35:06:34:2f:f4:bb:45:72:46:
e8:ae:2a:52:b8:22:8f:35:33:00:61:b0:81:59:c4:
9e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D3:42:A2:A2:24:46:C7:2C:74:DB:8A:91:7F:08:4F:03:E8:21:E3
X509v3 Authority Key Identifier:
keyid:22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/1NNCoqIkRscsdNuKkX8ITwPoIeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.4.0/22
188.65.80.0-188.65.84.255
188.65.86.0/23
194.36.72.0/22
IPv6:
2a02:6120::/32
2a0c:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:65:6a:81:a1:2e:55:8f:66:07:a6:a7:c1:b4:71:09:a6:22:
56:a3:14:9f:40:eb:d4:04:5e:47:78:a5:62:d8:da:ac:24:78:
06:cb:19:e8:d1:1e:a4:0e:fc:8a:c7:38:02:d6:b3:96:08:d6:
41:f2:24:86:f8:9f:a6:f5:6d:2b:1a:d3:7c:aa:34:33:e4:9d:
d9:b7:c9:c2:3d:8d:8c:dc:83:30:86:a9:9b:e9:ce:32:23:4a:
32:5d:b2:dc:1d:1e:0c:d2:52:06:38:91:29:44:07:00:c7:34:
6e:df:73:42:54:a5:50:a1:64:c3:ec:f4:ac:c9:9a:f2:16:27:
6a:8a:2b:0d:a8:16:a3:bc:3d:c5:4e:c5:b2:01:63:53:b4:19:
5f:a2:33:7c:d3:4c:0d:45:80:60:41:e9:59:6e:f2:5f:60:1f:
4c:0c:4b:ed:2c:22:43:c3:e0:44:71:5c:08:ca:c2:de:40:22:
95:39:3a:c0:87:65:3f:9b:ed:57:81:08:56:1a:68:a4:0f:ef:
5f:cd:7c:d1:b6:5f:a6:db:b2:b9:a7:ba:e5:0e:a8:34:ae:fb:
1e:56:49:5f:99:c6:df:ec:52:8e:6b:a0:68:1c:dd:a7:c0:41:
43:d7:84:d3:03:b2:d8:bb:ed:1e:3a:b2:fb:0e:b7:6c:91:25:
78:01:1a:ad
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEA183STANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmQ1NGRmODliOGZkOTIxZGFkYTNmMGRhYTI5ZWZmZjVjY2UwYTc5MB4XDTIyMDEw
MTA1NTIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRkMzQyYTJhMjI0
NDZjNzJjNzRkYjhhOTE3ZjA4NGYwM2U4MjFlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKo3XMCzotJSINoQzCdzXzSEqOWrVgkJzBXt3am4Pv9Dooz2
IG2BUTiFsUbfNiJx1+oSr5w/AG7NMQM8SOovkbFZQLO3yK3OBpb6DJInuRrYFnDs
UlIusbTlfv4um3xaF9VTK56V8GS+EOzrB4iyOqEeU9B6AWRIeJtG/ThZev6XUEXB
b0kxVIHZeMeM4ZXPWIbCiuRrjvyY3PzQDuYvj03AkTYWrJycDvWO/U93vCDaRzPx
xfnz5YR3VdAkHUWmteOCdz9dM/boBFut0qxktcJ8gaeaW5PcqB4h3Wo0gtwCRtpS
jHExNQY0L/S7RXJG6K4qUrgijzUzAGGwgVnEnqUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTU00KioiRGxyx024qRfwhPA+gh4zAfBgNVHSMEGDAWgBQi1U34m4/ZIdra
Pw2qKe//XM4KeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l0Vk4tSnVQMlNIYTJqOE5xaW52XzF6T0Nuay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvYjVjZjBiLWVjMzEtNDcwNS04ZjY4LTZmMWZlY2U4N2M4OS8x
LzFOTkNvcUlrUnNjc2ROdUtrWDhJVHdQb0llTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
YjVjZjBiLWVjMzEtNDcwNS04ZjY4LTZmMWZlY2U4N2M4OS8xL0l0Vk4tSnVQMlNI
YTJqOE5xaW52XzF6T0Nuay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJgQCAAEwIAMEArk6BDAMAwQEvEFQAwQAvEFUAwQB
vEFWAwQCwiRIMBQEAgACMA4DBQAqAmEgAwUDKgy9wDANBgkqhkiG9w0BAQsFAAOC
AQEADWVqgaEuVY9mB6anwbRxCaYiVqMUn0Dr1AReR3ilYtjarCR4BssZ6NEepA78
isc4AtazlgjWQfIkhvifpvVtKxrTfKo0M+Sd2bfJwj2NjNyDMIapm+nOMiNKMl2y
3B0eDNJSBjiRKUQHAMc0bt9zQlSlUKFkw+z0rMma8hYnaoorDagWo7w9xU7FsgFj
U7QZX6IzfNNMDUWAYEHpWW7yX2AfTAxL7SwiQ8PgRHFcCMrC3kAilTk6wIdlP5vt
V4EIVhpopA/vX8180bZfptuyuae65Q6oNK77HlZJX5nG3+xSjmugaBzdp8BBQ9eE
0wOy2LvtHjqy+w63bJEleAEarQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:25 2025 by rpki-client