Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/nq3nVmz2j_WE0uWH9ZlA8daslZk.roa
File: nq3nVmz2j_WE0uWH9ZlA8daslZk.roa (raw, json)
Hash identifier: GJf5CA0icJX2tcs2EAFpd6zMFuE2o2+267yjpMtA9HE=
Subject key identifier: 9E:AD:E7:56:6C:F6:8F:F5:84:D2:E5:87:F5:99:40:F1:D6:AC:95:99
Certificate issuer: /CN=83479514959397c5e3fa76e1ea495e8e1f6c319b
Certificate serial: 0183D6F61CF5232700DE745A0FCEADF05378
Authority key identifier: 83:47:95:14:95:93:97:C5:E3:FA:76:E1:EA:49:5E:8E:1F:6C:31:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/nq3nVmz2j_WE0uWH9ZlA8daslZk.roa
Signing time: Fri 14 Oct 2022 14:46:36 +0000
ROA not before: Fri 14 Oct 2022 14:46:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13030
IP address blocks: 109.202.192.0/19 maxlen: 19
185.72.64.0/22 maxlen: 22
81.6.32.0/20 maxlen: 20
185.72.67.0/24 maxlen: 24
80.253.88.0/21 maxlen: 21
141.195.80.0/20 maxlen: 20
185.137.172.0/22 maxlen: 22
193.47.153.0/24 maxlen: 24
185.246.104.0/22 maxlen: 22
185.183.192.0/22 maxlen: 22
2a07:600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:f6:1c:f5:23:27:00:de:74:5a:0f:ce:ad:f0:53:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83479514959397c5e3fa76e1ea495e8e1f6c319b
Validity
Not Before: Oct 14 14:46:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eade7566cf68ff584d2e587f59940f1d6ac9599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:c6:93:87:28:3d:f3:02:a7:97:50:8c:20:
d0:8e:71:a0:67:5c:dc:c9:02:8e:7f:ed:4f:79:de:
90:8e:5c:61:e5:f9:76:61:c9:4e:e8:df:43:66:a8:
5a:e8:fa:09:c1:c1:bf:fc:45:91:ef:fc:05:29:02:
4b:cb:3f:16:03:44:08:d3:cd:b6:97:55:c2:c2:9f:
61:4a:2a:34:82:e6:6d:69:15:a0:b5:ae:c7:0d:7c:
25:a6:5e:d9:1a:8d:fd:2f:c6:58:f1:d5:31:39:30:
c9:96:90:a6:f0:6f:c9:4f:07:8f:ba:d6:ae:d3:7b:
71:f7:ca:03:36:a0:2c:5e:23:53:2c:87:93:6b:b7:
2b:98:02:0b:a1:4a:b1:fe:01:41:19:83:82:c9:5d:
57:f8:61:6a:c9:83:fd:7c:f9:01:0c:41:41:d7:cb:
aa:92:e9:d7:17:80:3e:cd:02:38:a0:3c:42:58:ae:
16:d7:0e:79:66:ec:59:3c:c2:7e:a4:d5:f4:41:5e:
a1:26:e5:a6:d2:24:1f:f9:33:ae:5a:d4:88:94:ab:
5b:13:29:ee:0a:26:30:c2:e9:d7:52:3a:16:a2:fc:
2d:fb:92:6c:67:f2:3c:dd:d0:ed:a5:8b:d6:0a:88:
7b:c2:72:65:ea:58:d3:39:58:27:29:96:9a:f0:2e:
00:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AD:E7:56:6C:F6:8F:F5:84:D2:E5:87:F5:99:40:F1:D6:AC:95:99
X509v3 Authority Key Identifier:
keyid:83:47:95:14:95:93:97:C5:E3:FA:76:E1:EA:49:5E:8E:1F:6C:31:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/nq3nVmz2j_WE0uWH9ZlA8daslZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/g0eVFJWTl8Xj-nbh6klejh9sMZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.88.0/21
81.6.32.0/20
109.202.192.0/19
141.195.80.0/20
185.72.64.0/22
185.137.172.0/22
185.183.192.0/22
185.246.104.0/22
193.47.153.0/24
IPv6:
2a07:600::/29
Signature Algorithm: sha256WithRSAEncryption
24:b9:a6:30:53:49:48:7e:20:9c:a8:9e:8a:12:bb:7d:45:5b:
76:8c:d3:3f:13:2f:37:90:4a:59:4f:2e:de:91:67:f9:bd:47:
ab:b1:ca:31:47:4b:c8:a6:cc:fa:72:55:a8:cd:ba:cd:4d:9c:
eb:ca:62:3d:29:bf:0a:71:27:5f:e7:73:da:19:44:b9:bf:70:
e9:1b:26:ae:d6:4c:3e:8d:d1:01:e6:bf:a0:56:7b:af:80:09:
1d:b0:d6:08:3a:48:50:f2:a7:e3:67:d6:05:e3:e6:fd:22:e7:
38:f6:6c:50:e2:38:1f:cf:37:cb:21:0b:c2:ad:a2:f1:83:e0:
66:8e:39:a5:1f:97:ce:50:e7:4c:84:63:86:25:56:18:2f:24:
f4:57:8e:fc:3b:5e:a6:cc:db:0b:65:41:62:9e:c9:4a:39:cd:
ab:50:65:d2:63:ab:67:c0:72:7b:df:55:b1:4f:cc:76:c7:0d:
31:a0:ab:3c:58:ef:bc:aa:01:73:e8:a2:7c:a0:cc:af:15:49:
b5:3c:4c:39:b1:bf:81:52:56:72:b0:b1:33:88:fd:a7:c5:1d:
5d:da:d2:7c:52:26:9a:72:49:fb:b1:64:07:cc:66:bb:97:f0:
5a:13:27:48:fd:50:60:cb:48:fd:ee:ad:b6:8e:e9:78:d4:8c:
17:9e:69:93
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYPW9hz1IycA3nRaD86t8FN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNDc5NTE0OTU5Mzk3YzVlM2ZhNzZlMWVhNDk1ZThlMWY2
YzMxOWIwHhcNMjIxMDE0MTQ0NjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFkZTc1NjZjZjY4ZmY1ODRkMmU1ODdmNTk5NDBmMWQ2YWM5NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0zGk4coPfMCp5dQjCDQjnGgZ1zc
yQKOf+1Ped6Qjlxh5fl2YclO6N9DZqha6PoJwcG//EWR7/wFKQJLyz8WA0QI0822
l1XCwp9hSio0guZtaRWgta7HDXwlpl7ZGo39L8ZY8dUxOTDJlpCm8G/JTwePutau
03tx98oDNqAsXiNTLIeTa7crmAILoUqx/gFBGYOCyV1X+GFqyYP9fPkBDEFB18uq
kunXF4A+zQI4oDxCWK4W1w55ZuxZPMJ+pNX0QV6hJuWm0iQf+TOuWtSIlKtbEynu
CiYwwunXUjoWovwt+5JsZ/I83dDtpYvWCoh7wnJl6ljTOVgnKZaa8C4AaQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJ6t51Zs9o/1hNLlh/WZQPHWrJWZMB8GA1UdIwQY
MBaAFINHlRSVk5fF4/p24epJXo4fbDGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzBlVkZKV1RsOFhqLW5iaDZrbGVqaDlzTVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9lMDkxODEtMjY0My00MTRjLThmYmUt
MWU1ZTQzMGRkNzExLzEvbnEzblZtejJqX1dFMHVXSDlabEE4ZGFzbFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9lMDkxODEtMjY0My00MTRjLThmYmUtMWU1ZTQzMGRkNzEx
LzEvZzBlVkZKV1RsOFhqLW5iaDZrbGVqaDlzTVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDUP1YAwQE
UQYgAwQFbcrAAwQEjcNQAwQCuUhAAwQCuYmsAwQCubfAAwQCufZoAwQAwS+ZMA0E
AgACMAcDBQMqBwYAMA0GCSqGSIb3DQEBCwUAA4IBAQAkuaYwU0lIfiCcqJ6KErt9
RVt2jNM/Ey83kEpZTy7ekWf5vUerscoxR0vIpsz6clWozbrNTZzrymI9Kb8KcSdf
53PaGUS5v3DpGyau1kw+jdEB5r+gVnuvgAkdsNYIOkhQ8qfjZ9YF4+b9Iuc49mxQ
4jgfzzfLIQvCraLxg+BmjjmlH5fOUOdMhGOGJVYYLyT0V478O16mzNsLZUFinslK
Oc2rUGXSY6tnwHJ731WxT8x2xw0xoKs8WO+8qgFz6KJ8oMyvFUm1PEw5sb+BUlZy
sLEziP2nxR1d2tJ8Uiaackn7sWQHzGa7l/BaEydI/VBgy0j97q22jul41IwXnmmT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:45:06 2025 by rpki-client