Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NlxD2NnsCSYi9f1rpV96HRDghgg.roa
File: NlxD2NnsCSYi9f1rpV96HRDghgg.roa (raw, json)
Hash identifier: URAW/xIDA32muNbpAnFbbQyQeSE6ztdZV7NXw3NtACM=
Subject key identifier: 36:5C:43:D8:D9:EC:09:26:22:F5:FD:6B:A5:5F:7A:1D:10:E0:86:08
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19D70934
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NlxD2NnsCSYi9f1rpV96HRDghgg.roa
Signing time: Sun 24 Apr 2022 09:16:43 +0000
ROA not before: Sun 24 Apr 2022 09:16:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64021
IP address blocks: 45.158.35.0/24 maxlen: 24
194.145.143.0/24 maxlen: 24
194.145.142.0/24 maxlen: 24
128.0.117.0/24 maxlen: 24
128.0.119.0/24 maxlen: 24
194.145.196.0/24 maxlen: 24
194.145.197.0/24 maxlen: 24
45.134.1.0/24 maxlen: 32
194.49.109.0/24 maxlen: 24
194.49.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433522996 (0x19d70934)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 24 09:16:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=365c43d8d9ec092622f5fd6ba55f7a1d10e08608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:28:41:ae:f5:ac:e7:73:eb:27:61:74:c4:eb:
7c:6e:f0:0a:6d:2f:34:70:00:bf:05:9d:26:7e:af:
39:a9:e0:d8:78:a0:de:04:31:8c:a6:be:2b:d8:ff:
d4:f8:fc:23:d4:d9:9f:97:a6:ae:b0:5c:47:ff:b4:
fd:74:e6:9e:9a:c4:53:99:ff:5d:d3:94:36:25:7c:
ee:58:02:7c:64:51:dc:64:79:df:98:d7:cc:f6:d1:
81:79:28:dc:51:6d:d5:ea:f3:67:ed:ef:ca:c9:7d:
4a:7e:69:9f:eb:28:d8:d6:ca:ad:97:74:fe:58:21:
cf:52:98:86:71:51:20:07:ea:6c:09:74:12:03:23:
8e:f5:a3:6e:86:2f:fc:84:8c:9a:1a:6e:79:95:5d:
8f:89:be:88:4e:ce:8c:6d:4f:03:d9:7e:91:c3:d5:
6e:60:aa:2d:38:34:70:e0:65:bf:bd:50:8a:ef:40:
9c:5b:46:05:4a:ae:e0:f3:28:3c:85:7d:81:1b:ad:
3b:0e:d0:9c:32:6b:d6:19:20:24:59:de:e9:ce:32:
ee:c9:06:cc:f0:6c:a6:4a:8e:50:cf:b9:b1:29:6c:
5e:c9:b2:b9:80:51:15:a9:e2:e0:fa:3e:62:f8:8f:
8d:7e:ed:ea:ca:48:ce:f7:01:3c:32:71:bf:a2:7e:
f8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5C:43:D8:D9:EC:09:26:22:F5:FD:6B:A5:5F:7A:1D:10:E0:86:08
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NlxD2NnsCSYi9f1rpV96HRDghgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.1.0/24
45.158.35.0/24
128.0.117.0/24
128.0.119.0/24
194.49.109.0/24
194.49.112.0/24
194.145.142.0/23
194.145.196.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:fa:5d:26:38:3f:c7:20:7f:09:3a:42:e3:70:55:28:a5:4b:
b5:3f:4f:65:9b:6b:ed:bf:0f:40:63:65:ba:a1:f2:2a:8a:25:
52:14:94:36:ec:35:dc:d3:15:b0:78:9a:6e:dc:f4:95:2d:e8:
ae:cc:cd:47:96:6a:f5:95:ca:b2:11:25:90:d7:f7:4d:42:1d:
30:82:81:61:74:a2:d4:2c:8c:67:5e:c2:7d:e0:4e:b4:8d:20:
47:c3:c8:72:9c:16:5c:7d:c3:9e:d9:db:85:e9:7b:1f:e8:fc:
eb:82:4e:6a:13:78:a1:7d:67:0b:75:3f:e0:ab:16:07:da:82:
21:30:5b:8e:24:68:04:7e:2c:d2:bf:fb:93:60:e5:6c:d6:0f:
ff:e4:5a:b3:6a:c6:f2:96:25:5b:b3:b0:d1:b0:bb:cd:19:a6:
7f:5f:32:1b:73:69:dd:03:9b:e2:6b:a7:1c:7a:65:28:f7:58:
81:3f:a7:6b:fb:73:f2:d8:82:7b:31:6e:fd:b5:9c:81:c5:6f:
fd:f3:82:e4:27:4a:e5:ff:ad:b8:13:06:4c:dd:2e:ab:08:a6:
35:38:a2:b1:e6:15:c0:b8:1c:fb:3a:93:c9:65:19:8a:23:15:
4f:5b:7a:d7:19:e4:e8:92:e9:0f:29:32:e8:83:82:5e:57:48:
69:a5:23:d7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEGdcJNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQy
NDA5MTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY1YzQzZDhkOWVj
MDkyNjIyZjVmZDZiYTU1ZjdhMWQxMGUwODYwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIoQa71rOdz6ydhdMTrfG7wCm0vNHAAvwWdJn6vOang2Hig
3gQxjKa+K9j/1Pj8I9TZn5emrrBcR/+0/XTmnprEU5n/XdOUNiV87lgCfGRR3GR5
35jXzPbRgXko3FFt1erzZ+3vysl9Sn5pn+so2NbKrZd0/lghz1KYhnFRIAfqbAl0
EgMjjvWjboYv/ISMmhpueZVdj4m+iE7OjG1PA9l+kcPVbmCqLTg0cOBlv71Qiu9A
nFtGBUqu4PMoPIV9gRutOw7QnDJr1hkgJFne6c4y7skGzPBspkqOUM+5sSlsXsmy
uYBRFani4Po+YviPjX7t6spIzvcBPDJxv6J++OsCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQ2XEPY2ewJJiL1/WulX3odEOCGCDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L05seEQyTm5zQ1NZaTlmMXJwVjk2SFJEZ2hnZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAC2GAQMEAC2eIwMEAIAAdQMEAIAA
dwMEAMIxbQMEAMIxcAMEAcKRjgMEAcKRxDANBgkqhkiG9w0BAQsFAAOCAQEAPvpd
Jjg/xyB/CTpC43BVKKVLtT9PZZtr7b8PQGNluqHyKoolUhSUNuw13NMVsHiabtz0
lS3orszNR5Zq9ZXKshElkNf3TUIdMIKBYXSi1CyMZ17CfeBOtI0gR8PIcpwWXH3D
ntnbhel7H+j864JOahN4oX1nC3U/4KsWB9qCITBbjiRoBH4s0r/7k2DlbNYP/+Ra
s2rG8pYlW7Ow0bC7zRmmf18yG3Np3QOb4munHHplKPdYgT+na/tz8tiCezFu/bWc
gcVv/fOC5CdK5f+tuBMGTN0uqwimNTiiseYVwLgc+zqTyWUZiiMVT1t61xnk6JLp
Dyky6IOCXldIaaUj1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org