Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/nhdRUtRXAY95-exfZK25fOhvf50.roa
File: nhdRUtRXAY95-exfZK25fOhvf50.roa (raw, json)
Hash identifier: j/e6u7gCkN5Kpf8tEQAy+oAE9Lea5x+ak48HkveC1BU=
Subject key identifier: 9E:17:51:52:D4:57:01:8F:79:F9:EC:5F:64:AD:B9:7C:E8:6F:7F:9D
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 38A940BC
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/nhdRUtRXAY95-exfZK25fOhvf50.roa
Signing time: Thu 28 Apr 2022 10:11:41 +0000
ROA not before: Thu 28 Apr 2022 10:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
2a01:7a8:0:f73c::/63 maxlen: 63
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950616252 (0x38a940bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Apr 28 10:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e175152d457018f79f9ec5f64adb97ce86f7f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ba:4b:a4:31:43:08:b1:84:08:8f:be:74:36:
82:64:da:eb:91:18:ae:94:63:5c:94:0e:7b:9d:0f:
69:60:92:ed:f8:44:f9:50:52:11:99:ec:ad:88:32:
6d:3e:1a:5d:66:8d:ba:a5:88:f7:39:b4:bc:e2:09:
fe:33:67:c4:a0:58:9d:b0:d6:c1:07:89:d1:02:39:
f3:e7:60:45:4d:97:b2:4c:7e:8b:af:a1:4c:89:9d:
7d:ce:91:65:02:b2:a0:94:52:fb:00:31:7f:31:34:
13:89:2c:ae:b0:94:08:ba:0e:e4:a3:60:02:f8:22:
9b:ef:2d:41:e6:08:9c:e5:c1:f6:fb:95:c9:30:f3:
eb:c6:6d:40:7a:ea:41:27:a3:f5:89:d3:f4:ce:8a:
44:be:2c:41:43:bb:96:06:a9:b2:c2:00:db:89:d5:
17:51:1f:ee:dd:53:65:ce:03:cd:95:b1:e9:55:a7:
7c:e1:49:82:ed:af:c0:97:a9:c5:81:9a:4f:d3:9e:
37:38:51:fb:c0:9a:db:3c:d1:72:7b:ee:30:9f:eb:
b5:c5:b5:34:a1:d8:2a:11:8f:20:23:8e:bf:6f:13:
c9:bb:08:e8:ce:1c:fb:bf:db:8b:26:9d:8a:65:b7:
76:2a:d1:ee:bd:5f:02:7a:59:48:ad:b1:1f:97:01:
de:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:17:51:52:D4:57:01:8F:79:F9:EC:5F:64:AD:B9:7C:E8:6F:7F:9D
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/nhdRUtRXAY95-exfZK25fOhvf50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
IPv6:
2a01:7a8:0:f73c::/63
Signature Algorithm: sha256WithRSAEncryption
15:ff:95:41:d4:a8:ab:b1:0d:ab:99:97:65:e6:a4:23:31:f0:
00:48:14:e8:43:01:81:62:86:b5:7b:ea:dc:d5:c6:dd:c2:75:
a4:e0:54:cb:a8:d5:56:aa:67:06:c4:fd:df:e8:b1:19:70:6a:
4b:c2:82:11:5f:dc:2c:5d:b5:32:22:67:e1:6d:d0:91:8f:99:
b0:d7:8b:a4:ce:d2:48:a0:70:0c:85:1e:3b:0e:4c:94:db:3e:
60:b9:e0:97:1f:d6:8d:0f:0e:bb:67:66:1f:09:81:1d:f9:59:
5a:9e:19:f0:e2:78:30:fc:a9:0e:b2:df:64:e1:0a:6d:bf:ce:
d6:bd:b1:ed:2c:fc:c9:72:36:a5:05:d1:8c:de:ec:cb:ba:b1:
46:79:ea:c4:ea:50:c1:b1:1d:37:20:33:1e:f7:87:38:34:f1:
d2:d6:0f:14:7c:49:46:d8:3c:87:fa:5f:cb:13:10:39:10:71:
14:7e:f9:c8:95:26:0f:34:70:bb:26:8c:2e:16:4d:2a:e5:2f:
05:a4:1f:c5:ab:59:3d:aa:88:09:77:95:39:92:a8:c4:a8:db:
9c:4e:2a:46:eb:13:52:a3:61:f9:14:ba:4c:da:af:43:71:65:
34:b1:81:be:68:a2:12:46:5c:9b:23:73:be:64:ec:37:ab:cc:
be:99:cb:5f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEOKlAvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjUyOWE0ZDIyZmFlZjIzMTM1ZDZlZmY4OTEyMjY2NjIzYzQ5MjU1MB4XDTIyMDQy
ODEwMTE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUxNzUxNTJkNDU3
MDE4Zjc5ZjllYzVmNjRhZGI5N2NlODZmN2Y5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+6S6QxQwixhAiPvnQ2gmTa65EYrpRjXJQOe50PaWCS7fhE
+VBSEZnsrYgybT4aXWaNuqWI9zm0vOIJ/jNnxKBYnbDWwQeJ0QI58+dgRU2Xskx+
i6+hTImdfc6RZQKyoJRS+wAxfzE0E4ksrrCUCLoO5KNgAvgim+8tQeYInOXB9vuV
yTDz68ZtQHrqQSej9YnT9M6KRL4sQUO7lgapssIA24nVF1Ef7t1TZc4DzZWx6VWn
fOFJgu2vwJepxYGaT9OeNzhR+8Ca2zzRcnvuMJ/rtcW1NKHYKhGPICOOv28TybsI
6M4c+7/biyadimW3dirR7r1fAnpZSK2xH5cB3ssCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBSeF1FS1FcBj3n57F9krbl86G9/nTAfBgNVHSMEGDAWgBRLUppNIvrvIxNd
bv+JEiZmI8SSVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxS2FUU0w2N3lNVFhXN19pUkltWmlQRWtsVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8x
L25oZFJVdFJYQVk5NS1leGZaSzI1Zk9odmY1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8xL1MxS2FUU0w2N3lN
VFhXN19pUkltWmlQRWtsVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwHgQCAAEwGAMEAgULEAMEAwULGAMEBFD7AAMEBVUf
QDARBAIAAjALAwkBKgEHqAAA9zwwDQYJKoZIhvcNAQELBQADggEBABX/lUHUqKux
DauZl2XmpCMx8ABIFOhDAYFihrV76tzVxt3CdaTgVMuo1VaqZwbE/d/osRlwakvC
ghFf3CxdtTIiZ+Ft0JGPmbDXi6TO0kigcAyFHjsOTJTbPmC54Jcf1o0PDrtnZh8J
gR35WVqeGfDieDD8qQ6y32ThCm2/zta9se0s/MlyNqUF0Yze7Mu6sUZ56sTqUMGx
HTcgMx73hzg08dLWDxR8SUbYPIf6X8sTEDkQcRR++ciVJg80cLsmjC4WTSrlLwWk
H8WrWT2qiAl3lTmSqMSo25xOKkbrE1KjYfkUukzar0NxZTSxgb5oohJGXJsjc75k
7DerzL6Zy18=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:06 2024 by rpki-client on console-fra.rpki-client.org