Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NnMBvQQPEeKYE3QqNwLAlWBb5IE.roa
File: NnMBvQQPEeKYE3QqNwLAlWBb5IE.roa (raw, json)
Hash identifier: xCcwGYBQWY1NS9Gifb1q4BC1Mcl+BRYzS6nhwRjIZoM=
Subject key identifier: 36:73:01:BD:04:0F:11:E2:98:13:74:2A:37:02:C0:95:60:5B:E4:81
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 428733E7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NnMBvQQPEeKYE3QqNwLAlWBb5IE.roa
Signing time: Sat 01 Jan 2022 14:03:25 +0000
ROA not before: Sat 01 Jan 2022 14:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201271
IP address blocks: 193.234.187.0/24 maxlen: 24
193.234.189.0/24 maxlen: 24
193.234.191.0/24 maxlen: 24
193.234.188.0/24 maxlen: 24
193.234.190.0/24 maxlen: 24
193.234.192.0/24 maxlen: 24
193.234.193.0/24 maxlen: 24
193.234.195.0/24 maxlen: 24
193.234.185.0/24 maxlen: 24
193.234.184.0/24 maxlen: 24
193.234.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1116156903 (0x428733e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=367301bd040f11e29813742a3702c095605be481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6e:01:4e:75:b6:80:e5:b8:4d:ef:c0:0d:ce:
02:d1:52:29:65:8b:7f:ec:53:7c:09:27:43:d7:b9:
eb:ec:75:9c:20:f3:60:eb:58:57:a3:61:52:0f:0c:
fe:3b:1d:4f:68:16:bc:fc:fc:a8:8e:51:8f:75:aa:
37:33:32:15:e6:6e:3e:b6:58:b0:2a:19:0f:14:13:
37:b2:80:0e:d3:0e:9a:71:2c:3d:70:cb:aa:16:38:
06:c4:11:e9:6a:7f:b1:9c:6e:11:4d:54:c8:20:3c:
85:4e:96:4f:b4:1c:ca:5c:b8:9e:93:06:e9:2c:a9:
12:bc:ee:ba:1a:75:b6:4b:ee:35:ca:19:f2:b4:45:
7c:b2:85:b0:3f:81:ed:09:0d:1f:07:b0:b0:ae:d8:
15:cf:23:1f:85:bc:1d:2e:40:22:87:ee:b2:e5:00:
b0:6b:5e:d4:06:d4:a5:0d:10:25:7b:11:9a:cd:c6:
eb:31:19:6b:37:06:41:e2:09:26:87:8c:3d:a1:86:
2a:d4:8a:70:2c:ef:5a:94:93:ce:e1:1c:7b:8b:26:
31:81:96:69:06:95:0a:30:43:de:4c:37:7d:01:79:
b0:ec:c0:b0:4a:57:af:26:1a:72:f1:e9:3e:49:64:
db:44:b7:a6:85:c0:05:5b:b0:76:c3:6a:62:f5:38:
2f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:73:01:BD:04:0F:11:E2:98:13:74:2A:37:02:C0:95:60:5B:E4:81
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/NnMBvQQPEeKYE3QqNwLAlWBb5IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.184.0-193.234.193.255
193.234.195.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ec:fe:6e:b1:3e:4f:23:7b:9e:29:fe:ef:83:d3:ab:71:62:
de:3e:d9:c4:e5:15:9f:b4:83:08:0a:61:ec:96:64:65:37:7a:
05:4c:40:b5:0b:54:54:5f:ab:11:62:bc:ef:6c:7f:ce:e3:66:
ad:1c:4e:8a:bb:b7:32:99:17:e0:1d:35:e9:f1:c3:ed:6a:e2:
33:68:71:09:74:1f:04:74:f9:cf:67:48:4d:4a:c3:1d:8f:87:
a0:88:77:74:d3:b6:45:4b:a2:06:6c:21:d5:a8:e6:4b:0a:72:
b1:15:ba:f2:95:5f:88:69:62:47:c8:30:cc:c3:55:61:c3:f6:
d0:0f:21:b0:2b:b3:31:e3:dd:fa:7e:98:48:2f:2a:68:5f:5e:
8e:77:87:17:14:c8:ca:cb:92:93:38:ba:e7:0d:72:c9:0a:1f:
0e:e3:94:fd:cc:ab:c2:75:c4:69:e7:ab:2d:b8:de:d0:f6:06:
15:3c:09:fa:6a:42:90:c6:2b:c1:21:71:ea:04:e9:ac:48:fa:
bc:f6:77:d0:5e:20:fb:df:a8:bb:3c:6e:9d:76:4f:87:54:d6:
60:f5:bc:c5:b2:9f:19:f0:8a:65:45:aa:46:ac:77:c1:70:3b:
94:ce:60:ec:84:5d:1b:c7:98:32:16:eb:94:66:50:03:10:82:
38:d1:6a:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEQocz5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY3MzAxYmQwNDBm
MTFlMjk4MTM3NDJhMzcwMmMwOTU2MDViZTQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZuAU51toDluE3vwA3OAtFSKWWLf+xTfAknQ9e56+x1nCDz
YOtYV6NhUg8M/jsdT2gWvPz8qI5Rj3WqNzMyFeZuPrZYsCoZDxQTN7KADtMOmnEs
PXDLqhY4BsQR6Wp/sZxuEU1UyCA8hU6WT7Qcyly4npMG6SypErzuuhp1tkvuNcoZ
8rRFfLKFsD+B7QkNHwewsK7YFc8jH4W8HS5AIofusuUAsGte1AbUpQ0QJXsRms3G
6zEZazcGQeIJJoeMPaGGKtSKcCzvWpSTzuEce4smMYGWaQaVCjBD3kw3fQF5sOzA
sEpXryYacvHpPklk20S3poXABVuwdsNqYvU4L9sCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQ2cwG9BA8R4pgTdCo3AsCVYFvkgTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L05uTUJ2UVFQRWVLWUUzUXFOd0xBbFdCYjVJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQDweq4AwQBwerAAwQAwerDMA0G
CSqGSIb3DQEBCwUAA4IBAQBu7P5usT5PI3ueKf7vg9OrcWLePtnE5RWftIMICmHs
lmRlN3oFTEC1C1RUX6sRYrzvbH/O42atHE6Ku7cymRfgHTXp8cPtauIzaHEJdB8E
dPnPZ0hNSsMdj4egiHd007ZFS6IGbCHVqOZLCnKxFbrylV+IaWJHyDDMw1Vhw/bQ
DyGwK7Mx4936fphILypoX16Od4cXFMjKy5KTOLrnDXLJCh8O45T9zKvCdcRp56st
uN7Q9gYVPAn6akKQxivBIXHqBOmsSPq89nfQXiD736i7PG6ddk+HVNZg9bzFsp8Z
8IplRapGrHfBcDuUzmDshF0bx5gyFuuUZlADEII40Wpp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org