Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/nhCFKm6yjcCGAagkVcGD8eJqW3Y.roa
File: nhCFKm6yjcCGAagkVcGD8eJqW3Y.roa (raw, json)
Hash identifier: pGEzHtA0bJTB5ATtKHIHn+WUc9vEY6P1dd10EL+LcFg=
Subject key identifier: 9E:10:85:2A:6E:B2:8D:C0:86:01:A8:24:55:C1:83:F1:E2:6A:5B:76
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 0182395B5540549ED72F6D4D76732169BD99
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/nhCFKm6yjcCGAagkVcGD8eJqW3Y.roa
Signing time: Tue 26 Jul 2022 07:14:23 +0000
ROA not before: Tue 26 Jul 2022 07:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.112.0/24 maxlen: 24
176.108.111.0/24 maxlen: 24
176.108.112.0/22 maxlen: 24
176.108.108.0/24 maxlen: 24
176.108.108.0/22 maxlen: 24
176.108.109.0/24 maxlen: 24
176.108.106.0/24 maxlen: 24
176.108.106.0/23 maxlen: 24
176.108.116.0/24 maxlen: 24
176.108.116.0/22 maxlen: 24
176.108.112.0/21 maxlen: 24
176.108.118.0/24 maxlen: 24
176.108.117.0/24 maxlen: 24
176.108.120.0/22 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/22 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
193.93.18.0/24 maxlen: 24
176.108.100.0/22 maxlen: 24
176.108.103.0/24 maxlen: 24
176.108.102.0/24 maxlen: 24
176.108.104.0/24 maxlen: 24
176.108.104.0/22 maxlen: 24
176.108.104.0/21 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:5b:55:40:54:9e:d7:2f:6d:4d:76:73:21:69:bd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 26 07:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e10852a6eb28dc08601a82455c183f1e26a5b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:96:85:fb:98:f6:83:00:a6:23:42:b0:10:40:
09:c8:7e:b7:1f:52:a0:95:0f:83:be:be:97:90:84:
40:fb:40:4d:11:ed:50:95:23:d4:b4:e7:c8:9c:e5:
d3:99:5a:5a:e0:3c:49:f6:19:9d:e7:dc:6f:71:1f:
41:b2:50:a6:3a:83:97:19:8e:02:62:9d:ab:7a:1e:
a4:ae:34:1d:a6:c6:f6:a3:7f:08:24:38:74:0a:53:
6c:47:ad:2a:2d:cd:fe:5c:13:e7:76:67:3d:08:21:
e5:45:a0:91:89:33:a2:11:bb:c8:0d:a9:f0:0f:8d:
96:cf:92:35:89:4b:24:5a:80:55:ce:45:cc:f4:41:
76:9a:9d:8f:a9:88:b8:83:12:cd:71:6a:2e:26:1b:
56:10:35:a0:d1:f0:28:df:07:0e:05:74:71:d4:ce:
f9:c2:b4:a0:82:2c:4a:8a:4d:40:7b:d4:52:ff:35:
75:cb:24:10:27:9c:93:a6:6d:47:eb:cc:3d:58:d4:
93:9e:6f:1a:35:3c:b0:ce:d6:17:87:ec:49:c1:73:
d9:36:59:9f:d4:dc:a8:be:99:47:d2:92:1e:31:8e:
52:a2:a6:07:5f:20:dd:fc:f9:c7:64:1e:16:63:23:
8c:7d:ce:e8:61:14:42:17:42:2e:d5:7f:d6:5f:06:
74:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:10:85:2A:6E:B2:8D:C0:86:01:A8:24:55:C1:83:F1:E2:6A:5B:76
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/nhCFKm6yjcCGAagkVcGD8eJqW3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.100.0-176.108.123.255
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
9a:0d:0c:8a:88:a0:4b:d1:ab:5f:f8:38:62:97:d1:e7:8b:25:
d3:b3:81:f5:73:9d:36:8a:4d:75:7d:8b:32:35:6a:15:91:97:
19:97:fc:bb:7b:25:ca:6c:22:a9:9f:ea:7f:9d:06:6c:94:cf:
5d:06:42:59:6b:28:12:ca:d5:f4:3b:41:a8:25:9e:01:96:d3:
a6:c1:db:81:51:f4:4b:03:be:97:83:4b:41:6f:1f:4c:ad:75:
a6:5a:95:86:45:da:b8:af:36:12:da:fc:5f:e2:c2:28:41:da:
d9:8e:2a:c0:64:09:a7:20:96:22:55:25:01:60:4f:7a:1d:ab:
5c:e9:9f:8c:47:7a:be:22:46:3a:fe:de:df:bc:f9:2b:15:08:
c1:23:14:de:ad:0c:b0:fb:17:14:08:88:8a:4e:51:1a:f0:83:
24:d4:50:d0:8c:d4:d8:fa:e2:0d:7f:10:fd:ae:71:e0:6d:3f:
a8:1d:5d:26:da:f4:5c:b0:50:3d:eb:4e:9c:15:f2:8b:0a:a0:
b8:44:37:f3:cb:24:e2:23:a0:cb:75:d4:b3:0a:b2:ba:54:b2:
79:9a:b0:44:31:32:6c:e5:99:a1:17:eb:56:33:08:68:04:cb:
bd:da:a9:61:98:ac:8b:8d:cc:7d:0c:33:8d:67:ea:f6:4c:f4:
20:6d:28:71
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYI5W1VAVJ7XL21NdnMhab2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzI2MDcxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTEwODUyYTZlYjI4ZGMwODYwMWE4MjQ1NWMxODNmMWUyNmE1Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZaF+5j2gwCmI0KwEEAJyH63H1Kg
lQ+Dvr6XkIRA+0BNEe1QlSPUtOfInOXTmVpa4DxJ9hmd59xvcR9BslCmOoOXGY4C
Yp2reh6krjQdpsb2o38IJDh0ClNsR60qLc3+XBPndmc9CCHlRaCRiTOiEbvIDanw
D42Wz5I1iUskWoBVzkXM9EF2mp2PqYi4gxLNcWouJhtWEDWg0fAo3wcOBXRx1M75
wrSggixKik1Ae9RS/zV1yyQQJ5yTpm1H68w9WNSTnm8aNTywztYXh+xJwXPZNlmf
1NyovplH0pIeMY5SoqYHXyDd/PnHZB4WYyOMfc7oYRRCF0Iu1X/WXwZ0jwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJ4QhSpuso3AhgGoJFXBg/Hialt2MB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvbmhDRkttNnlqY0NHQWFna1ZjR0Q4ZUpxVzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAKwbGQD
BAKwbHgDBALBXRAwDwQCAAIwCQMHACABBngEaDANBgkqhkiG9w0BAQsFAAOCAQEA
mg0MioigS9GrX/g4YpfR54sl07OB9XOdNopNdX2LMjVqFZGXGZf8u3slymwiqZ/q
f50GbJTPXQZCWWsoEsrV9DtBqCWeAZbTpsHbgVH0SwO+l4NLQW8fTK11plqVhkXa
uK82Etr8X+LCKEHa2Y4qwGQJpyCWIlUlAWBPeh2rXOmfjEd6viJGOv7e37z5KxUI
wSMU3q0MsPsXFAiIik5RGvCDJNRQ0IzU2PriDX8Q/a5x4G0/qB1dJtr0XLBQPetO
nBXyiwqguEQ388sk4iOgy3XUswqyulSyeZqwRDEybOWZoRfrVjMIaATLvdqpYZis
i43MfQwzjWfq9kz0IG0ocQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org