Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/n6XEZLs3wNUAoj86caMU0APIHZs.roa
File: n6XEZLs3wNUAoj86caMU0APIHZs.roa (raw, json)
Hash identifier: dDWp2+cQ6tUPqgTNgkxNqAVwQzpe/EniFPSHkYSi62s=
Subject key identifier: 9F:A5:C4:64:BB:37:C0:D5:00:A2:3F:3A:71:A3:14:D0:03:C8:1D:9B
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 0181D298581132C66CB3FDCFB3EDEE2E507B
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/n6XEZLs3wNUAoj86caMU0APIHZs.roa
Signing time: Wed 06 Jul 2022 08:20:08 +0000
ROA not before: Wed 06 Jul 2022 08:20:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 83.229.66.0/24 maxlen: 32
80.240.98.0/23 maxlen: 32
217.194.136.0/24 maxlen: 32
217.194.136.0/23 maxlen: 32
80.240.116.0/22 maxlen: 32
212.103.56.0/22 maxlen: 32
80.240.120.0/22 maxlen: 32
193.47.56.0/22 maxlen: 32
185.18.40.0/22 maxlen: 32
195.216.128.0/22 maxlen: 32
103.14.104.0/22 maxlen: 32
46.149.160.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d2:98:58:11:32:c6:6c:b3:fd:cf:b3:ed:ee:2e:50:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Jul 6 08:20:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fa5c464bb37c0d500a23f3a71a314d003c81d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:66:3b:d1:80:f2:7e:1f:b8:bd:01:96:af:
e1:14:73:67:59:a2:b0:ae:29:3d:41:36:99:ff:78:
5f:50:1a:5d:64:53:58:d8:85:c7:5a:f3:b6:08:86:
1a:8b:bc:85:1f:a7:8d:ee:d2:95:e4:46:68:b6:5f:
88:63:04:33:ee:2d:58:22:70:e3:b1:32:05:45:a8:
f7:79:5e:0b:a4:c1:44:51:85:34:7c:39:49:8c:c1:
93:09:1d:d4:f7:26:d1:05:3d:87:fb:98:39:b0:bb:
9f:70:4b:54:59:17:d5:f5:dc:38:cb:59:f5:15:d6:
59:f2:cf:7d:33:9e:72:36:99:66:e0:d6:78:25:ba:
d3:57:3f:e3:e0:93:13:96:51:35:ca:b0:6a:a1:ef:
03:7c:9d:74:e4:60:98:58:4c:f9:05:24:e9:4b:93:
5f:05:45:d1:d8:b0:c4:27:af:f7:76:11:ca:de:18:
14:b3:93:c9:4c:86:c6:27:6a:e6:93:73:86:69:21:
dd:50:f8:fa:41:16:7b:9b:10:69:99:e9:b2:34:da:
40:e9:f3:c0:8d:08:55:13:5a:1c:40:a3:d1:61:bd:
92:8a:eb:27:10:65:ee:6b:c9:f3:0d:98:c8:62:7e:
1c:1f:24:cb:ef:f1:d8:dc:9d:67:30:5c:f2:5f:9e:
dd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A5:C4:64:BB:37:C0:D5:00:A2:3F:3A:71:A3:14:D0:03:C8:1D:9B
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/n6XEZLs3wNUAoj86caMU0APIHZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.160.0/22
80.240.98.0/23
80.240.116.0-80.240.123.255
83.229.66.0/24
103.14.104.0/22
185.18.40.0/22
193.47.56.0/22
195.216.128.0/22
212.103.56.0/22
217.194.136.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:37:ba:7b:8b:60:54:ed:fd:0a:da:c1:d6:3a:a6:87:c9:6d:
5f:e9:a2:60:85:ec:0f:b9:ad:ce:6b:34:cb:eb:76:d9:d9:ac:
1e:99:db:58:46:88:5d:94:e8:1a:ef:ba:f9:7d:6f:b1:cf:2a:
3d:a5:1a:50:56:ad:db:56:12:7d:6b:6a:0c:a1:98:4d:17:8f:
1f:5c:41:00:a6:04:7c:4f:ef:18:3c:bb:d8:af:c6:a1:86:0a:
b8:ef:a6:70:df:42:1b:2f:a7:55:09:c7:1d:66:e7:a4:e4:20:
c9:96:30:9c:7d:c9:45:a0:3e:4d:18:6a:f8:d6:b6:58:9c:95:
94:b0:46:71:0b:3d:d6:02:48:ea:ec:3c:02:3a:3f:6e:3a:e7:
fb:ba:de:7f:c6:f8:2d:2c:c3:d9:eb:a9:cd:91:d5:a1:9d:75:
42:eb:ef:13:c1:43:9f:15:37:e7:1c:b6:2d:81:d7:f1:5a:35:
7d:20:50:de:7a:2d:a5:7c:11:4b:d0:e6:53:ee:10:9b:96:62:
41:b0:f3:49:5d:38:02:59:7f:d4:7f:0e:40:e4:14:e1:67:23:
23:25:dc:33:55:91:97:fd:39:6b:92:a3:79:94:6b:7e:fd:cd:
3b:61:9a:19:7e:4a:be:6f:24:e1:f5:43:65:7a:d0:fe:4d:2c:
fb:d0:87:05
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYHSmFgRMsZss/3Ps+3uLlB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjIwNzA2MDgyMDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmE1YzQ2NGJiMzdjMGQ1MDBhMjNmM2E3MWEzMTRkMDAzYzgxZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB1mO9GA8n4fuL0Blq/hFHNnWaKw
rik9QTaZ/3hfUBpdZFNY2IXHWvO2CIYai7yFH6eN7tKV5EZotl+IYwQz7i1YInDj
sTIFRaj3eV4LpMFEUYU0fDlJjMGTCR3U9ybRBT2H+5g5sLufcEtUWRfV9dw4y1n1
FdZZ8s99M55yNplm4NZ4JbrTVz/j4JMTllE1yrBqoe8DfJ105GCYWEz5BSTpS5Nf
BUXR2LDEJ6/3dhHK3hgUs5PJTIbGJ2rmk3OGaSHdUPj6QRZ7mxBpmemyNNpA6fPA
jQhVE1ocQKPRYb2SiusnEGXua8nzDZjIYn4cHyTL7/HY3J1nMFzyX57dhwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJ+lxGS7N8DVAKI/OnGjFNADyB2bMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvbjZYRVpMczN3TlVBb2o4NmNhTVUwQVBJSFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLpWgAwQB
UPBiMAwDBAJQ8HQDBAJQ8HgDBABT5UIDBAJnDmgDBAK5EigDBALBLzgDBALD2IAD
BALUZzgDBAHZwogwDQYJKoZIhvcNAQELBQADggEBAFo3unuLYFTt/QrawdY6pofJ
bV/pomCF7A+5rc5rNMvrdtnZrB6Z21hGiF2U6Brvuvl9b7HPKj2lGlBWrdtWEn1r
agyhmE0Xjx9cQQCmBHxP7xg8u9ivxqGGCrjvpnDfQhsvp1UJxx1m56TkIMmWMJx9
yUWgPk0YavjWtliclZSwRnELPdYCSOrsPAI6P2465/u63n/G+C0sw9nrqc2R1aGd
dULr7xPBQ58VN+ccti2B1/FaNX0gUN56LaV8EUvQ5lPuEJuWYkGw80ldOAJZf9R/
DkDkFOFnIyMl3DNVkZf9OWuSo3mUa379zTthmhl+Sr5vJOH1Q2V60P5NLPvQhwU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org