Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/NLnv5pUuBSSHdi_bfJ12NjKgg1A.roa
File: NLnv5pUuBSSHdi_bfJ12NjKgg1A.roa (raw, json)
Hash identifier: XAi8ebkrnfsz+AL1EHLAXZl5Ysxu93R8Jby2pX6UH+0=
Subject key identifier: 34:B9:EF:E6:95:2E:05:24:87:76:2F:DB:7C:9D:76:36:32:A0:83:50
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 034307AF
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/NLnv5pUuBSSHdi_bfJ12NjKgg1A.roa
Signing time: Fri 28 Jan 2022 10:38:52 +0000
ROA not before: Fri 28 Jan 2022 10:38:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.185.84.0/24 maxlen: 24
89.185.85.0/24 maxlen: 24
92.51.8.0/24 maxlen: 24
92.51.9.0/24 maxlen: 24
92.51.10.0/24 maxlen: 24
92.51.11.0/24 maxlen: 24
92.51.22.0/24 maxlen: 24
92.51.20.0/24 maxlen: 24
92.51.23.0/24 maxlen: 24
92.51.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54724527 (0x34307af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 28 10:38:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34b9efe6952e052487762fdb7c9d763632a08350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ed:a8:f0:c1:c4:84:90:ac:be:6b:32:26:10:
62:56:ef:7a:c8:27:23:52:bc:e2:28:97:31:52:1a:
f2:24:36:8e:89:27:04:2b:b6:f9:26:03:cf:c7:88:
14:d9:76:f8:08:c1:e6:73:f6:75:be:6e:7a:1d:e7:
d2:b7:6d:78:5f:42:57:d3:57:1c:e5:69:2b:56:7b:
95:d3:ae:2b:ad:3a:c3:36:55:83:ab:01:f3:b1:e0:
2b:00:e5:9e:fa:fb:ad:64:ec:ef:e9:3f:33:b6:21:
72:52:15:0d:d9:c3:17:63:9f:5a:ba:ff:12:bc:10:
52:4d:fc:f9:c2:7c:a3:a3:2a:65:71:72:98:5f:c2:
0b:52:a9:a8:50:27:6e:ba:c9:0c:c0:ab:ed:05:45:
19:7c:16:63:11:43:bb:92:b4:24:7d:9a:48:a0:c5:
7c:04:7a:c0:13:d6:2b:ae:b1:7c:79:aa:45:92:8e:
40:8b:7a:c2:fc:3d:b9:5b:a9:ed:66:3c:c0:44:02:
8f:b4:f9:66:a8:4b:86:a7:b0:39:44:fb:b4:d2:27:
e5:37:b8:cf:64:b6:99:b6:39:39:38:ef:e4:92:5a:
2b:d9:6e:73:81:d6:fc:2f:e1:4f:79:fe:ee:35:5e:
da:c3:34:e4:9b:4e:a9:16:cb:55:dc:c0:5f:3b:62:
dc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B9:EF:E6:95:2E:05:24:87:76:2F:DB:7C:9D:76:36:32:A0:83:50
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/NLnv5pUuBSSHdi_bfJ12NjKgg1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.84.0/23
92.51.8.0/22
92.51.20.0/22
Signature Algorithm: sha256WithRSAEncryption
71:31:05:5d:91:41:84:2a:d7:3b:8a:c7:d1:f5:36:7a:03:a1:
d6:99:f6:53:96:21:f8:4f:8f:b1:d6:8c:8f:4c:58:e7:59:bc:
cf:53:b3:02:2a:28:5c:bb:6a:e2:5c:d8:ad:8e:d9:b6:b1:a4:
74:45:db:1a:d4:40:3c:aa:cf:ed:6d:19:84:fa:4f:a5:00:19:
ff:a1:bb:78:32:b7:60:96:19:26:72:0e:56:52:79:02:5d:3b:
fb:df:22:be:a6:67:c0:09:44:bf:35:8b:7e:d9:47:bf:f1:c2:
c3:ef:b4:db:7f:78:dc:db:00:18:41:46:89:ac:ed:00:b9:08:
94:0c:49:b8:63:97:79:79:37:4d:f7:36:a4:55:c5:ec:8c:13:
11:f6:0d:d9:93:4d:c1:e5:11:6a:e0:6c:03:db:46:ab:b1:87:
98:f0:44:89:f7:cc:62:99:b9:f7:c5:5d:a9:e6:85:f0:39:1e:
53:b0:ad:5b:8b:25:48:26:cd:4b:aa:52:14:04:6b:0b:0a:25:
cb:7c:6c:e1:01:b2:d2:b4:cd:86:64:43:bf:9d:3b:c1:5c:6f:
13:9a:48:e3:5a:54:7d:93:45:33:55:1b:e2:61:28:43:2b:d8:
9f:a6:d2:c3:bc:84:21:ce:5d:c8:3a:df:e3:87:1a:07:8a:ff:
b7:13:ab:aa
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA0MHrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDEy
ODEwMzg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRiOWVmZTY5NTJl
MDUyNDg3NzYyZmRiN2M5ZDc2MzYzMmEwODM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbtqPDBxISQrL5rMiYQYlbvesgnI1K84iiXMVIa8iQ2jokn
BCu2+SYDz8eIFNl2+AjB5nP2db5ueh3n0rdteF9CV9NXHOVpK1Z7ldOuK606wzZV
g6sB87HgKwDlnvr7rWTs7+k/M7YhclIVDdnDF2OfWrr/ErwQUk38+cJ8o6MqZXFy
mF/CC1KpqFAnbrrJDMCr7QVFGXwWYxFDu5K0JH2aSKDFfAR6wBPWK66xfHmqRZKO
QIt6wvw9uVup7WY8wEQCj7T5ZqhLhqewOUT7tNIn5Te4z2S2mbY5OTjv5JJaK9lu
c4HW/C/hT3n+7jVe2sM05JtOqRbLVdzAXzti3PkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ0ue/mlS4FJId2L9t8nXY2MqCDUDAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L05MbnY1cFV1QlNTSGRpX2JmSjEyTmpLZ2cxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVm5VAMEAlwzCAMEAlwzFDANBgkq
hkiG9w0BAQsFAAOCAQEAcTEFXZFBhCrXO4rH0fU2egOh1pn2U5Yh+E+PsdaMj0xY
51m8z1OzAiooXLtq4lzYrY7ZtrGkdEXbGtRAPKrP7W0ZhPpPpQAZ/6G7eDK3YJYZ
JnIOVlJ5Al07+98ivqZnwAlEvzWLftlHv/HCw++023943NsAGEFGiaztALkIlAxJ
uGOXeXk3Tfc2pFXF7IwTEfYN2ZNNweURauBsA9tGq7GHmPBEiffMYpm598VdqeaF
8DkeU7CtW4slSCbNS6pSFARrCwoly3xs4QGy0rTNhmRDv507wVxvE5pI41pUfZNF
M1Ub4mEoQyvYn6bSw7yEIc5dyDrf44caB4r/txOrqg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:14 2023 by rpki-client on console-fra.rpki-client.org