Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/nlH4GanuAUqD0DmiBJFbeSWhwIo.roa
File: nlH4GanuAUqD0DmiBJFbeSWhwIo.roa (raw, json)
Hash identifier: nzYlb6FxPzAHO8Gc3ih2C1V4CtnuV/v3iFQBJLXtTrQ=
Subject key identifier: 9E:51:F8:19:A9:EE:01:4A:83:D0:39:A2:04:91:5B:79:25:A1:C0:8A
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 19B69998
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/nlH4GanuAUqD0DmiBJFbeSWhwIo.roa
Signing time: Sat 01 Jan 2022 15:55:44 +0000
ROA not before: Sat 01 Jan 2022 15:55:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16347
IP address blocks: 212.51.160.0/19 maxlen: 24
91.103.232.0/21 maxlen: 24
128.127.128.0/20 maxlen: 24
149.255.136.0/22 maxlen: 24
149.255.136.0/21 maxlen: 24
37.58.128.0/17 maxlen: 24
193.108.197.0/24 maxlen: 24
185.67.88.0/22 maxlen: 24
178.249.160.0/21 maxlen: 24
185.42.132.0/22 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
37.18.160.0/20 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
91.217.94.0/23 maxlen: 24
62.102.224.0/19 maxlen: 24
185.65.224.0/22 maxlen: 24
94.127.8.0/21 maxlen: 24
46.20.160.0/20 maxlen: 24
213.108.64.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
2a03:4c00::/29 maxlen: 48
2a01:728::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431397272 (0x19b69998)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 15:55:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e51f819a9ee014a83d039a204915b7925a1c08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:08:c0:07:6a:68:70:43:b6:9b:60:04:ae:8b:
ef:6d:29:c7:9f:17:41:89:15:fb:03:42:14:a3:2b:
6a:04:7c:bb:8e:d0:28:27:36:df:ad:1b:ff:cd:1a:
ba:20:c4:85:f6:91:32:8d:55:9a:e0:e3:94:00:1a:
18:3d:4e:61:c8:5c:34:42:2b:5a:8f:f9:26:61:05:
a7:e0:15:e6:7b:06:61:19:ef:30:b4:86:ed:bc:92:
5a:61:f4:1a:96:6b:bf:57:f5:de:16:55:a7:0c:4e:
24:0d:11:db:d4:df:da:a6:29:8b:56:2d:46:05:b8:
9d:5b:56:f8:ee:47:6e:bc:5c:75:63:1a:a9:b9:37:
3b:57:30:5f:0b:b9:a7:91:3f:fb:f4:9e:0f:2d:8c:
5e:57:6e:84:3a:43:e4:25:94:47:ad:3b:2b:32:c4:
d8:9b:72:f0:1c:5c:e3:2a:0a:32:fe:ec:19:f0:67:
35:d9:f9:29:06:8e:3d:c5:f5:40:65:9d:d8:ac:76:
01:0c:06:b1:b6:c8:d5:ea:4c:b5:55:49:ce:a0:fe:
5c:14:0f:47:b3:05:2d:d5:81:33:2d:2d:23:7f:64:
5e:68:a1:9b:ea:57:15:80:57:4e:d7:de:f7:23:f4:
32:54:59:9e:df:31:ea:bf:c0:c0:11:76:53:54:5e:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:51:F8:19:A9:EE:01:4A:83:D0:39:A2:04:91:5B:79:25:A1:C0:8A
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/nlH4GanuAUqD0DmiBJFbeSWhwIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.160.0/20
37.58.128.0/17
46.20.160.0/20
62.102.224.0/19
91.103.232.0/21
91.217.94.0/23
94.127.8.0/21
109.237.240.0/20
128.127.128.0/20
149.255.136.0/21
178.249.160.0/21
185.42.132.0/22
185.65.224.0/22
185.67.88.0/22
193.108.197.0/24
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a01:728::/29
2a03:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
4e:0f:5e:eb:aa:93:5a:1b:ad:1d:86:40:fc:05:7b:e5:49:a2:
cd:7b:e5:62:c5:53:01:98:d6:2c:e9:a4:87:03:de:b3:13:d3:
ef:61:06:69:31:ae:48:38:1d:ae:62:e2:04:5d:b1:7f:1b:f7:
ec:f8:3b:62:1a:e3:0d:56:bd:ec:77:bc:48:0a:97:b3:6f:6e:
5c:34:4d:ea:d8:9e:50:a8:a3:45:b3:0b:29:e3:52:02:64:bd:
c1:75:b5:c3:22:e6:20:47:ea:96:1b:31:cb:d0:25:48:e2:fe:
e1:08:09:37:9b:36:d5:d3:19:18:61:0a:50:0b:a0:13:88:88:
ee:f2:80:e2:9b:ba:69:12:05:05:20:67:48:b8:01:31:98:53:
c4:f8:2e:5a:6d:df:cd:2c:7b:a7:7d:29:c9:08:d1:1c:64:b8:
84:92:fe:01:5e:c8:ec:17:05:28:b3:34:71:51:bf:b3:10:f9:
d1:cc:f1:43:12:71:17:ed:74:86:4c:c7:91:8c:dd:e3:b1:17:
8f:fd:18:e9:fe:12:21:aa:01:eb:f3:bc:65:45:cd:e9:e8:fb:
de:7d:f4:92:ec:1f:b0:7c:76:99:13:9a:b9:b2:8d:00:13:90:
43:e4:7f:ba:76:c2:f1:54:c7:f3:b0:13:81:63:c3:3f:71:6b:
0b:4e:36:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIEGbaZmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWJmMzk0ZTJmMWIyNTFjODhkOTg4YTg3MTYxMDg0NTgwNzg2ZWY1MB4XDTIyMDEw
MTE1NTU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU1MWY4MTlhOWVl
MDE0YTgzZDAzOWEyMDQ5MTViNzkyNWExYzA4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIIwAdqaHBDtptgBK6L720px58XQYkV+wNCFKMragR8u47Q
KCc2360b/80auiDEhfaRMo1VmuDjlAAaGD1OYchcNEIrWo/5JmEFp+AV5nsGYRnv
MLSG7bySWmH0GpZrv1f13hZVpwxOJA0R29Tf2qYpi1YtRgW4nVtW+O5HbrxcdWMa
qbk3O1cwXwu5p5E/+/SeDy2MXlduhDpD5CWUR607KzLE2Jty8Bxc4yoKMv7sGfBn
Ndn5KQaOPcX1QGWd2Kx2AQwGsbbI1epMtVVJzqD+XBQPR7MFLdWBMy0tI39kXmih
m+pXFYBXTtfe9yP0MlRZnt8x6r/AwBF2U1Re/ScCAwEAAaOCAp4wggKaMB0GA1Ud
DgQWBBSeUfgZqe4BSoPQOaIEkVt5JaHAijAfBgNVHSMEGDAWgBSuvzlOLxslHIjZ
iKhxYQhFgHhu9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JyODVUaThiSlJ5STJZaW9jV0VJUllCNGJ2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzkvNDA0OThlLWQxYzAtNDg0Yy1hYmNiLTYxZTdmNDBkNWRkNi8x
L25sSDRHYW51QVVxRDBEbWlCSkZiZVNXaHdJby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkv
NDA0OThlLWQxYzAtNDg0Yy1hYmNiLTYxZTdmNDBkNWRkNi8xL3JyODVUaThiSlJ5
STJZaW9jV0VJUllCNGJ2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
swYIKwYBBQUHAQcBAf8EgaMwgaAwgYcEAgABMIGAAwQEJRKgAwQHJTqAAwQELhSg
AwQFPmbgAwQDW2foAwQBW9leAwQDXn8IAwQEbe3wAwQEgH+AAwQDlf+IAwQDsvmg
AwQCuSqEAwQCuUHgAwQCuUNYAwQAwWzFAwQF1DOgAwQD1WxAAwQA1ZemAwQB1Zeo
MAwDBADVl6sDBATVl6AwFAQCAAIwDgMFAyoBBygDBQMqA0wAMA0GCSqGSIb3DQEB
CwUAA4IBAQBOD17rqpNaG60dhkD8BXvlSaLNe+VixVMBmNYs6aSHA96zE9PvYQZp
Ma5IOB2uYuIEXbF/G/fs+DtiGuMNVr3sd7xICpezb25cNE3q2J5QqKNFswsp41IC
ZL3BdbXDIuYgR+qWGzHL0CVI4v7hCAk3mzbV0xkYYQpQC6ATiIju8oDim7ppEgUF
IGdIuAExmFPE+C5abd/NLHunfSnJCNEcZLiEkv4BXsjsFwUoszRxUb+zEPnRzPFD
EnEX7XSGTMeRjN3jsReP/Rjp/hIhqgHr87xlRc3p6PveffSS7B+wfHaZE5q5so0A
E5BD5H+6dsLxVMfzsBOBY8M/cWsLTjZ6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:47 2023 by rpki-client on console-ams.rpki-client.org