Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/nixClA3bVmascN45xtolyhRLF0k.roa
File: nixClA3bVmascN45xtolyhRLF0k.roa (raw, json)
Hash identifier: m3BNOVWD38s2Zioe/AoNTcz3vQJNdrepCXtOmWVnMz0=
Subject key identifier: 9E:2C:42:94:0D:DB:56:66:AC:70:DE:39:C6:DA:25:CA:14:4B:17:49
Certificate issuer: /CN=22190c26894093dc64a05ef2cfd354a06cff039d
Certificate serial: 016F6849
Authority key identifier: 22:19:0C:26:89:40:93:DC:64:A0:5E:F2:CF:D3:54:A0:6C:FF:03:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IhkMJolAk9xkoF7yz9NUoGz_A50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/nixClA3bVmascN45xtolyhRLF0k.roa
Signing time: Tue 22 Mar 2022 05:10:03 +0000
ROA not before: Tue 22 Mar 2022 05:10:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16378
IP address blocks: 80.85.192.0/24 maxlen: 24
80.85.192.0/20 maxlen: 23
80.85.197.0/24 maxlen: 24
80.85.198.0/24 maxlen: 24
80.85.196.0/24 maxlen: 24
80.85.194.0/24 maxlen: 24
80.85.195.0/24 maxlen: 24
80.85.199.0/24 maxlen: 24
80.85.193.0/24 maxlen: 24
80.85.204.0/24 maxlen: 24
80.85.205.0/24 maxlen: 24
80.85.203.0/24 maxlen: 24
80.85.201.0/24 maxlen: 24
80.85.202.0/24 maxlen: 24
80.85.206.0/24 maxlen: 24
80.85.200.0/24 maxlen: 24
80.85.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24078409 (0x16f6849)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22190c26894093dc64a05ef2cfd354a06cff039d
Validity
Not Before: Mar 22 05:10:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e2c42940ddb5666ac70de39c6da25ca144b1749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0b:16:d9:14:39:be:64:ab:f6:5c:59:f1:88:
d6:74:94:c0:55:31:38:b3:66:05:f4:8e:a5:9c:a3:
ad:21:37:3e:81:62:da:64:9b:b1:96:fc:7c:57:71:
0f:75:c2:2c:7f:4d:7a:98:50:9d:1c:51:12:cc:da:
11:a2:18:58:1a:68:96:70:11:e1:6e:12:7a:2f:ef:
9b:fd:e6:3e:ba:42:f2:1f:ce:48:ee:fe:91:a2:61:
27:20:6e:6a:88:ad:3b:be:a7:9e:86:16:05:4c:92:
79:21:06:1a:2f:e8:f8:e8:84:92:a2:ba:07:40:10:
3a:37:a2:6b:80:1f:24:3d:1a:34:fb:60:6c:e0:70:
c1:10:ed:63:b7:75:e1:68:58:c8:97:9d:32:7c:6a:
e4:42:76:14:f9:30:66:87:45:5f:29:96:ce:a3:80:
84:bb:ad:8b:9a:e7:ef:84:b4:0d:c3:54:e6:4c:d0:
a6:5f:0b:99:d3:0b:70:26:f0:16:46:9f:be:66:3a:
07:6e:49:4a:e4:f9:c8:59:3e:b5:c0:29:b1:21:d6:
9d:85:f6:d3:28:eb:1c:ce:72:57:e3:9b:93:21:9f:
62:60:53:16:ef:04:23:d5:50:92:e3:36:03:5b:37:
f8:d7:92:44:42:62:f6:b6:8b:69:30:9c:26:65:c7:
9a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2C:42:94:0D:DB:56:66:AC:70:DE:39:C6:DA:25:CA:14:4B:17:49
X509v3 Authority Key Identifier:
keyid:22:19:0C:26:89:40:93:DC:64:A0:5E:F2:CF:D3:54:A0:6C:FF:03:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhkMJolAk9xkoF7yz9NUoGz_A50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/nixClA3bVmascN45xtolyhRLF0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3a96fa-90de-460c-bea6-ec10ebe4fccf/1/IhkMJolAk9xkoF7yz9NUoGz_A50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.192.0/20
Signature Algorithm: sha256WithRSAEncryption
74:ea:db:a0:6c:3f:4e:9d:cd:e8:ba:49:d6:39:6a:06:df:c1:
91:97:c4:4a:11:1b:9f:91:ad:5d:0d:31:a7:24:6c:50:89:6b:
87:4d:49:7f:07:0b:62:1a:e8:c3:c2:42:b7:54:87:da:38:d8:
57:85:52:3d:ff:77:2b:41:61:6e:74:01:16:c8:bc:5c:ca:32:
53:b8:56:d1:25:d2:50:a4:48:85:21:00:dd:81:20:2f:88:f8:
51:1d:8b:9a:2e:62:37:df:eb:70:9a:e0:41:2b:e1:50:7a:28:
8f:1d:24:6e:59:c1:29:94:a3:c6:d1:4d:3f:57:52:03:a3:fd:
88:85:b7:44:bf:9a:9c:95:ca:3b:10:4c:54:1e:aa:4c:0e:af:
19:00:e9:42:a8:1d:89:2a:2e:07:1f:45:a5:26:a6:19:98:b9:
1a:2f:72:cb:f6:eb:a2:8a:38:0a:0c:3e:ae:d4:fa:e4:68:29:
e2:e1:c8:99:d4:b6:18:81:5d:8c:fe:bd:1e:fd:da:c0:c2:3b:
da:2d:d8:c0:c8:aa:67:c2:14:14:0b:39:84:45:be:70:ae:5e:
c4:78:8a:d9:95:b8:34:d7:28:51:22:fa:31:7c:b6:01:90:c6:
e0:a0:7b:0f:b3:e8:7f:01:8b:48:c9:27:0d:c8:41:13:5b:f4:
e0:26:c2:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAW9oSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjE5MGMyNjg5NDA5M2RjNjRhMDVlZjJjZmQzNTRhMDZjZmYwMzlkMB4XDTIyMDMy
MjA1MTAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUyYzQyOTQwZGRi
NTY2NmFjNzBkZTM5YzZkYTI1Y2ExNDRiMTc0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8LFtkUOb5kq/ZcWfGI1nSUwFUxOLNmBfSOpZyjrSE3PoFi
2mSbsZb8fFdxD3XCLH9NephQnRxREszaEaIYWBpolnAR4W4Sei/vm/3mPrpC8h/O
SO7+kaJhJyBuaoitO76nnoYWBUySeSEGGi/o+OiEkqK6B0AQOjeia4AfJD0aNPtg
bOBwwRDtY7d14WhYyJedMnxq5EJ2FPkwZodFXymWzqOAhLuti5rn74S0DcNU5kzQ
pl8LmdMLcCbwFkafvmY6B25JSuT5yFk+tcApsSHWnYX20yjrHM5yV+ObkyGfYmBT
Fu8EI9VQkuM2A1s3+NeSREJi9raLaTCcJmXHmjUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSeLEKUDdtWZqxw3jnG2iXKFEsXSTAfBgNVHSMEGDAWgBQiGQwmiUCT3GSg
XvLP01SgbP8DnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0loa01Kb2xBazl4a29GN3l6OU5Vb0d6X0E1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvM2E5NmZhLTkwZGUtNDYwYy1iZWE2LWVjMTBlYmU0ZmNjZi8x
L25peENsQTNiVm1hc2NONDV4dG9seWhSTEYway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
M2E5NmZhLTkwZGUtNDYwYy1iZWE2LWVjMTBlYmU0ZmNjZi8xL0loa01Kb2xBazl4
a29GN3l6OU5Vb0d6X0E1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFBVwDANBgkqhkiG9w0BAQsFAAOC
AQEAdOrboGw/Tp3N6LpJ1jlqBt/BkZfEShEbn5GtXQ0xpyRsUIlrh01JfwcLYhro
w8JCt1SH2jjYV4VSPf93K0FhbnQBFsi8XMoyU7hW0SXSUKRIhSEA3YEgL4j4UR2L
mi5iN9/rcJrgQSvhUHoojx0kblnBKZSjxtFNP1dSA6P9iIW3RL+anJXKOxBMVB6q
TA6vGQDpQqgdiSouBx9FpSamGZi5Gi9yy/brooo4Cgw+rtT65Ggp4uHImdS2GIFd
jP69Hv3awMI72i3YwMiqZ8IUFAs5hEW+cK5exHiK2ZW4NNcoUSL6MXy2AZDG4KB7
D7PofwGLSMknDchBE1v04CbClA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:00 2023 by rpki-client on console-ams.rpki-client.org