Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NpyQyaX6Bsv4JxoaR4nfae3rE74.roa
File: NpyQyaX6Bsv4JxoaR4nfae3rE74.roa (raw, json)
Hash identifier: BbF9wbv/N1Cier8ghVq95AuXwLbJ08BPergQFvmW6w8=
Subject key identifier: 36:9C:90:C9:A5:FA:06:CB:F8:27:1A:1A:47:89:DF:69:ED:EB:13:BE
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18C6884B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NpyQyaX6Bsv4JxoaR4nfae3rE74.roa
Signing time: Fri 18 Feb 2022 06:33:43 +0000
ROA not before: Fri 18 Feb 2022 06:33:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 91.189.186.0/24 maxlen: 32
37.10.112.0/24 maxlen: 32
185.240.218.0/24 maxlen: 32
5.253.137.0/24 maxlen: 32
185.171.3.0/24 maxlen: 32
79.143.55.0/24 maxlen: 32
193.222.103.0/24 maxlen: 32
46.251.239.0/24 maxlen: 32
147.78.220.0/24 maxlen: 32
193.149.160.0/24 maxlen: 32
185.224.146.0/24 maxlen: 32
185.226.73.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415664203 (0x18c6884b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 18 06:33:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=369c90c9a5fa06cbf8271a1a4789df69edeb13be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e2:e1:37:2d:38:1d:4c:52:df:f9:85:3f:f8:
7c:2f:54:0b:91:92:0e:b4:be:fe:8e:bc:8e:92:89:
b1:be:e0:19:47:d5:e4:e5:bd:54:59:86:48:d1:bf:
ae:15:38:10:60:8d:8e:44:03:61:57:bf:55:3f:ff:
71:b9:a5:a7:13:6b:44:08:42:a9:0c:e9:d7:94:83:
7b:f0:40:50:10:14:c4:bc:ae:77:2b:89:c5:92:9d:
f0:2d:22:1a:b5:38:7b:8e:68:ab:04:bb:83:40:ef:
86:3f:ac:f6:2b:bc:29:b5:b3:a4:a9:65:e9:b8:19:
55:08:5a:d0:c5:d7:34:9e:84:d7:d8:ba:53:aa:c4:
60:81:29:46:e2:4a:b9:e6:97:51:c6:47:24:25:9f:
2c:cf:87:39:7f:ce:8c:ca:d0:f9:ac:85:dd:49:a8:
07:07:4a:a3:17:1b:bc:ef:07:14:81:07:37:4d:b1:
ac:2f:03:de:74:c1:28:19:5d:17:31:31:c6:31:91:
c4:75:95:ea:52:ed:a9:32:17:b7:5d:43:6b:17:cd:
68:98:75:9a:67:a7:3f:98:27:6c:e0:eb:38:07:6f:
99:7e:3e:1b:93:84:14:58:93:3a:50:1c:4d:a6:f1:
0c:90:20:c8:27:93:12:1d:e4:c4:f4:ac:61:17:7b:
39:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9C:90:C9:A5:FA:06:CB:F8:27:1A:1A:47:89:DF:69:ED:EB:13:BE
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NpyQyaX6Bsv4JxoaR4nfae3rE74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.137.0/24
37.10.112.0/24
46.251.239.0/24
79.143.55.0/24
91.189.186.0/24
147.78.220.0/24
185.171.3.0/24
185.224.146.0/24
185.226.73.0/24
185.240.218.0/24
193.149.160.0/24
193.222.103.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a3:fb:ca:15:e9:49:8a:93:37:91:4c:98:31:96:b7:33:b3:
88:dc:8e:8b:3c:3f:d2:5d:15:76:19:fe:3f:a5:f9:1c:16:21:
29:6e:f9:7f:48:c8:8a:b2:95:d3:fa:f1:7d:c7:6c:1e:73:b3:
68:1e:cf:6d:c4:81:14:59:7c:0a:91:54:14:20:dd:24:ba:07:
f9:2f:7c:db:8a:91:52:79:37:e6:26:27:ec:a1:7b:6e:e2:3b:
6d:ec:96:cd:ef:6e:d6:7a:dc:c1:9e:65:cb:4b:1d:3e:f7:d4:
0c:bb:fe:69:08:10:ed:a7:46:43:8b:60:5b:ac:fc:9b:86:ad:
b6:ba:81:ad:94:ce:a8:82:c0:de:33:2c:2c:e8:91:cc:97:ed:
ae:b6:63:51:51:56:a2:ae:9d:22:9c:bb:b0:71:f1:60:61:28:
d6:33:79:6e:a4:af:db:04:4c:dc:48:1b:17:c7:c3:0b:82:09:
38:60:15:6f:ff:4b:9d:8b:1c:50:0c:64:5d:1d:69:1a:2d:0b:
7c:75:00:ee:47:69:8b:24:08:f2:2e:df:3a:bd:33:26:63:15:
cf:40:de:28:41:af:33:4e:5b:8b:39:36:1f:0a:f3:f0:41:9c:
39:b7:1c:af:2d:33:4f:c3:d9:8c:a5:54:d2:21:0f:07:6d:a5:
98:1e:6a:57
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEGMaISzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIx
ODA2MzM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY5YzkwYzlhNWZh
MDZjYmY4MjcxYTFhNDc4OWRmNjllZGViMTNiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfi4TctOB1MUt/5hT/4fC9UC5GSDrS+/o68jpKJsb7gGUfV
5OW9VFmGSNG/rhU4EGCNjkQDYVe/VT//cbmlpxNrRAhCqQzp15SDe/BAUBAUxLyu
dyuJxZKd8C0iGrU4e45oqwS7g0Dvhj+s9iu8KbWzpKll6bgZVQha0MXXNJ6E19i6
U6rEYIEpRuJKueaXUcZHJCWfLM+HOX/OjMrQ+ayF3UmoBwdKoxcbvO8HFIEHN02x
rC8D3nTBKBldFzExxjGRxHWV6lLtqTIXt11DaxfNaJh1mmenP5gnbODrOAdvmX4+
G5OEFFiTOlAcTabxDJAgyCeTEh3kxPSsYRd7OcMCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQ2nJDJpfoGy/gnGhpHid9p7esTvjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L05weVF5YVg2QnN2NEp4b2FSNG5mYWUzckU3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAAX9iQMEACUKcAMEAC777wMEAE+P
NwMEAFu9ugMEAJNO3AMEALmrAwMEALngkgMEALniSQMEALnw2gMEAMGVoAMEAMHe
ZzANBgkqhkiG9w0BAQsFAAOCAQEAMqP7yhXpSYqTN5FMmDGWtzOziNyOizw/0l0V
dhn+P6X5HBYhKW75f0jIirKV0/rxfcdsHnOzaB7PbcSBFFl8CpFUFCDdJLoH+S98
24qRUnk35iYn7KF7buI7beyWze9u1nrcwZ5ly0sdPvfUDLv+aQgQ7adGQ4tgW6z8
m4attrqBrZTOqILA3jMsLOiRzJftrrZjUVFWoq6dIpy7sHHxYGEo1jN5bqSv2wRM
3EgbF8fDC4IJOGAVb/9LnYscUAxkXR1pGi0LfHUA7kdpiyQI8i7fOr0zJmMVz0De
KEGvM05bizk2Hwrz8EGcObccry0zT8PZjKVU0iEPB22lmB5qVw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org