Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/nSsoXLC3ggKh2l8N03NOpOG7YXQ.roa
File: nSsoXLC3ggKh2l8N03NOpOG7YXQ.roa (raw, json)
Hash identifier: +65+7q2J8fh00jqWuBFRDP2vS1QEOJrE12AVKgQl4Hs=
Subject key identifier: 9D:2B:28:5C:B0:B7:82:02:A1:DA:5F:0D:D3:73:4E:A4:E1:BB:61:74
Certificate issuer: /CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Certificate serial: 44AF268F
Authority key identifier: 78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/nSsoXLC3ggKh2l8N03NOpOG7YXQ.roa
Signing time: Sat 01 Jan 2022 15:00:53 +0000
ROA not before: Sat 01 Jan 2022 15:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51978
IP address blocks: 194.182.192.0/19 maxlen: 19
82.180.64.0/18 maxlen: 18
185.8.136.0/22 maxlen: 22
46.30.112.0/22 maxlen: 22
46.30.118.0/24 maxlen: 24
46.30.116.0/23 maxlen: 23
46.30.119.0/24 maxlen: 24
64.190.238.0/23 maxlen: 23
130.193.112.0/21 maxlen: 21
46.35.32.0/20 maxlen: 20
2a03:b580::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1152329359 (0x44af268f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78a4c4eaef6fe1705698b00e61915677a2fb8d5b
Validity
Not Before: Jan 1 15:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d2b285cb0b78202a1da5f0dd3734ea4e1bb6174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3a:17:6c:9c:92:cf:7a:5a:6c:3b:f6:8b:48:
46:9b:0d:01:7b:ea:21:67:37:13:b2:36:28:9e:4d:
49:e4:ae:ab:15:59:1e:a0:4b:6e:26:c5:bf:61:e5:
b5:c6:af:a5:53:8f:32:6d:d1:88:f2:b0:89:2a:76:
45:63:8b:4f:2d:fb:cc:46:eb:cc:75:06:da:26:34:
d4:5d:dc:33:be:0a:70:17:ab:63:71:29:28:5d:0c:
0a:6f:8f:5b:4a:ac:90:6d:f3:11:9d:02:e3:ba:4c:
f0:43:61:cd:a0:30:3c:06:80:64:50:d5:ae:f7:73:
e0:40:d8:d8:92:58:1c:93:28:c9:d2:db:dc:c6:a8:
a2:01:e0:1c:1c:96:2a:79:e8:c9:7e:05:9b:df:8b:
9b:13:c2:fe:91:aa:74:5d:68:bf:65:11:63:07:50:
d5:7f:21:b1:cc:a7:ce:48:f1:cf:c2:7c:22:14:bf:
89:49:9b:79:be:b5:5e:d9:55:9f:c2:96:cd:28:42:
ad:f9:db:b6:97:9d:19:0e:11:56:7f:78:30:ec:90:
8f:f5:5d:53:c7:5f:13:3c:95:e1:38:c4:c2:04:2b:
95:b7:e6:17:52:61:9f:a8:ba:9b:53:73:9b:34:03:
e2:2e:84:e7:f6:2f:32:c8:22:d6:ee:39:7d:ca:d8:
2d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2B:28:5C:B0:B7:82:02:A1:DA:5F:0D:D3:73:4E:A4:E1:BB:61:74
X509v3 Authority Key Identifier:
keyid:78:A4:C4:EA:EF:6F:E1:70:56:98:B0:0E:61:91:56:77:A2:FB:8D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eKTE6u9v4XBWmLAOYZFWd6L7jVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/nSsoXLC3ggKh2l8N03NOpOG7YXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/51ba0b-69c6-4ed9-82c7-429307f24320/1/eKTE6u9v4XBWmLAOYZFWd6L7jVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.112.0/21
46.35.32.0/20
64.190.238.0/23
82.180.64.0/18
130.193.112.0/21
185.8.136.0/22
194.182.192.0/19
IPv6:
2a03:b580::/32
Signature Algorithm: sha256WithRSAEncryption
72:3f:20:65:63:e6:a1:3d:ee:c7:75:6b:a9:5c:3c:4d:7f:8f:
e5:a8:53:b2:97:af:12:21:11:42:a6:eb:a4:55:f6:d5:3c:32:
6d:3f:15:c1:9b:51:58:0a:07:65:ff:16:89:34:ea:16:25:2a:
99:2d:3e:0e:dc:92:b4:3e:88:70:f5:13:b2:58:e2:26:e2:fb:
88:6c:94:3b:6d:f4:b2:cc:d8:7d:1d:37:f1:4a:f6:c0:c5:ce:
00:4e:4b:60:fd:0d:54:67:a7:9f:ab:41:d0:f4:75:3d:69:38:
a9:0e:dc:89:99:02:2b:21:d0:e7:73:61:e3:3f:67:d7:43:b7:
9e:1b:3d:45:b8:0c:4d:52:07:21:23:78:bd:ba:e8:d2:4f:f1:
01:39:92:07:c2:a8:19:aa:85:19:c5:67:f0:34:ac:b8:d6:e0:
3e:7f:b8:3b:21:90:dd:c8:0c:00:f3:82:71:11:9a:27:d7:55:
a8:9d:5b:17:94:7e:82:8b:99:77:89:99:d8:f3:1c:83:7b:f8:
67:ab:12:e0:c8:40:95:79:0d:d7:7c:e4:75:fc:d7:72:8b:97:
42:39:b4:57:5d:37:13:25:65:24:5c:f1:0c:0f:67:0d:a3:ac:
9d:f9:e4:0d:4f:53:90:e3:d7:b7:e0:7b:df:ee:0a:91:96:7e:
dc:f0:44:e9
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIERK8mjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OGE0YzRlYWVmNmZlMTcwNTY5OGIwMGU2MTkxNTY3N2EyZmI4ZDViMB4XDTIyMDEw
MTE1MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQyYjI4NWNiMGI3
ODIwMmExZGE1ZjBkZDM3MzRlYTRlMWJiNjE3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANk6F2ycks96Wmw79otIRpsNAXvqIWc3E7I2KJ5NSeSuqxVZ
HqBLbibFv2HltcavpVOPMm3RiPKwiSp2RWOLTy37zEbrzHUG2iY01F3cM74KcBer
Y3EpKF0MCm+PW0qskG3zEZ0C47pM8ENhzaAwPAaAZFDVrvdz4EDY2JJYHJMoydLb
3MaoogHgHByWKnnoyX4Fm9+LmxPC/pGqdF1ov2URYwdQ1X8hscynzkjxz8J8IhS/
iUmbeb61XtlVn8KWzShCrfnbtpedGQ4RVn94MOyQj/VdU8dfEzyV4TjEwgQrlbfm
F1Jhn6i6m1NzmzQD4i6E5/YvMsgi1u45fcrYLZkCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSdKyhcsLeCAqHaXw3Tc06k4bthdDAfBgNVHSMEGDAWgBR4pMTq72/hcFaY
sA5hkVZ3ovuNWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VLVEU2dTl2NFhCV21MQU9ZWkZXZDZMN2pWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNTFiYTBiLTY5YzYtNGVkOS04MmM3LTQyOTMwN2YyNDMyMC8x
L25Tc29YTEMzZ2dLaDJsOE4wM05PcE9HN1lYUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NTFiYTBiLTY5YzYtNGVkOS04MmM3LTQyOTMwN2YyNDMyMC8xL2VLVEU2dTl2NFhC
V21MQU9ZWkZXZDZMN2pWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAy4ecAMEBC4jIAMEAUC+7gMEBlK0
QAMEA4LBcAMEArkIiAMEBcK2wDANBAIAAjAHAwUAKgO1gDANBgkqhkiG9w0BAQsF
AAOCAQEAcj8gZWPmoT3ux3VrqVw8TX+P5ahTspevEiERQqbrpFX21TwybT8VwZtR
WAoHZf8WiTTqFiUqmS0+DtyStD6IcPUTsljiJuL7iGyUO230sszYfR038Ur2wMXO
AE5LYP0NVGenn6tB0PR1PWk4qQ7ciZkCKyHQ53Nh4z9n10O3nhs9RbgMTVIHISN4
vbro0k/xATmSB8KoGaqFGcVn8DSsuNbgPn+4OyGQ3cgMAPOCcRGaJ9dVqJ1bF5R+
gouZd4mZ2PMcg3v4Z6sS4MhAlXkN13zkdfzXcouXQjm0V103EyVlJFzxDA9nDaOs
nfnkDU9TkOPXt+B73+4KkZZ+3PBE6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org