Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/NJzlQFC3Fj8JtCiPBfp9J5QvfxY.roa
File: NJzlQFC3Fj8JtCiPBfp9J5QvfxY.roa (raw, json)
Hash identifier: 4MW+fNu43vxBb+ViWr57r03PHpNPpDid2TTM2+fSB5s=
Subject key identifier: 34:9C:E5:40:50:B7:16:3F:09:B4:28:8F:05:FA:7D:27:94:2F:7F:16
Certificate issuer: /CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Certificate serial: 017863
Authority key identifier: BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/NJzlQFC3Fj8JtCiPBfp9J5QvfxY.roa
Signing time: Sat 08 Jan 2022 07:25:47 +0000
ROA not before: Sat 08 Jan 2022 07:25:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39571
IP address blocks: 89.235.64.0/22 maxlen: 22
89.235.64.0/24 maxlen: 24
89.235.67.0/24 maxlen: 24
89.235.65.0/24 maxlen: 24
89.235.66.0/24 maxlen: 24
185.135.28.0/24 maxlen: 24
185.135.31.0/24 maxlen: 24
185.135.28.0/22 maxlen: 22
185.135.29.0/24 maxlen: 24
185.135.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96355 (0x17863)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Validity
Not Before: Jan 8 07:25:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=349ce54050b7163f09b4288f05fa7d27942f7f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d8:80:79:b5:a2:72:2a:9a:b5:39:d0:7b:9c:
19:33:3d:dc:49:8d:00:d7:74:76:6c:b0:bf:3a:e8:
03:d5:a7:fa:80:4e:42:d1:71:75:0e:74:5d:7e:7b:
ca:d3:4d:7d:3d:2d:24:53:dc:c1:73:d1:21:54:1a:
75:43:32:bb:9f:18:d0:25:e2:37:86:37:f2:db:08:
b8:99:9d:02:91:cd:7d:24:3f:b6:81:6d:6a:c2:75:
3c:44:31:75:c6:9b:7a:88:f0:84:45:4f:58:4b:ec:
43:1e:d0:f7:1d:07:7b:6d:1a:6e:5d:bd:f9:79:3b:
e5:95:d9:03:c2:8e:ac:db:9f:3f:20:e5:2d:f0:39:
50:6b:51:27:8f:f0:b9:d8:0a:30:f2:62:5e:9f:74:
eb:d3:ee:7c:da:4f:72:d5:09:26:22:08:9b:05:a3:
f7:68:93:f7:22:d1:47:0d:46:a1:ca:bb:e4:8f:83:
11:14:64:e4:a5:65:1f:a0:65:e6:0e:b0:8a:9b:9d:
a0:83:2d:6b:01:ee:69:e5:bf:45:28:08:d8:a5:3e:
06:13:2c:10:9d:01:1a:a2:fa:ee:99:63:88:d0:9b:
65:c6:08:94:18:9e:8c:2a:a9:3d:26:b3:f5:1d:7a:
81:31:f0:63:26:69:69:8c:a5:f1:86:7b:ef:1e:a3:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9C:E5:40:50:B7:16:3F:09:B4:28:8F:05:FA:7D:27:94:2F:7F:16
X509v3 Authority Key Identifier:
keyid:BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/NJzlQFC3Fj8JtCiPBfp9J5QvfxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.235.64.0/22
185.135.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:da:06:92:00:11:f2:ea:3c:43:8a:b6:36:9d:0a:fb:89:ed:
24:7b:f3:b9:36:12:87:8f:a1:a3:c0:30:15:ab:21:ac:6c:c4:
21:1a:6d:a5:e1:99:ed:c0:d3:50:91:20:20:08:18:1d:e9:1f:
e3:fc:64:da:0b:d6:3f:29:51:66:d8:58:3f:8c:86:13:b7:96:
ab:75:89:0b:4c:68:9c:3e:a9:0a:ca:71:19:a5:1c:9f:c6:01:
0f:a3:01:94:e2:3f:92:51:4f:c8:d2:7d:34:eb:b1:1d:f9:c7:
07:21:a0:94:12:6b:2a:53:ed:b3:c5:9a:19:ac:4f:37:b1:f0:
7e:ec:03:e0:a5:9d:71:65:8c:fc:d2:45:89:06:ee:30:06:f7:
36:0c:6b:cf:73:fc:b3:3b:f4:0c:f6:0f:dc:c0:cc:0c:c3:89:
14:ab:90:2b:b5:00:2d:da:05:ee:10:92:9f:35:39:d0:a5:ee:
e9:ce:bf:84:21:c6:4f:e1:90:98:bc:60:f5:15:0f:7c:a3:af:
86:10:d0:d3:45:5b:af:da:9a:55:9e:c7:b9:43:23:40:54:fc:
f8:c6:8a:61:7c:00:c2:29:26:43:47:de:23:46:c5:ef:c6:ba:
70:1e:d8:52:c0:72:5c:6f:cf:4b:c3:e8:3c:1c:51:4f:8a:82:
05:c3:e2:b1
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAXhjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJl
OWYxNTliYWI4MzY2MWZkOTNlYWQ0MzBjM2JkYjFlYWE3ZWFmMDgwHhcNMjIwMTA4
MDcyNTQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNDljZTU0MDUwYjcx
NjNmMDliNDI4OGYwNWZhN2QyNzk0MmY3ZjE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwdiAebWiciqatTnQe5wZMz3cSY0A13R2bLC/OugD1af6gE5C
0XF1DnRdfnvK0019PS0kU9zBc9EhVBp1QzK7nxjQJeI3hjfy2wi4mZ0Ckc19JD+2
gW1qwnU8RDF1xpt6iPCERU9YS+xDHtD3HQd7bRpuXb35eTvlldkDwo6s258/IOUt
8DlQa1Enj/C52Aow8mJen3Tr0+582k9y1QkmIgibBaP3aJP3ItFHDUahyrvkj4MR
FGTkpWUfoGXmDrCKm52ggy1rAe5p5b9FKAjYpT4GEywQnQEaovrumWOI0JtlxgiU
GJ6MKqk9JrP1HXqBMfBjJmlpjKXxhnvvHqPRGwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFDSc5UBQtxY/CbQojwX6fSeUL38WMB8GA1UdIwQYMBaAFL6fFZurg2Yf2T6t
Qww72x6qfq8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMtMjhkODI0OGI1YjYxLzEv
Tkp6bFFGQzNGajhKdENpUEJmcDlKNVF2ZnhZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9h
NDgxZmEtMmQwZC00ZThlLWIyZDMtMjhkODI0OGI1YjYxLzEvdnA4Vm02dURaaF9a
UHExREREdmJIcXAtcndnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWetAAwQCuYccMA0GCSqGSIb3DQEB
CwUAA4IBAQCi2gaSABHy6jxDirY2nQr7ie0ke/O5NhKHj6GjwDAVqyGsbMQhGm2l
4ZntwNNQkSAgCBgd6R/j/GTaC9Y/KVFm2Fg/jIYTt5ardYkLTGicPqkKynEZpRyf
xgEPowGU4j+SUU/I0n0067Ed+ccHIaCUEmsqU+2zxZoZrE83sfB+7APgpZ1xZYz8
0kWJBu4wBvc2DGvPc/yzO/QM9g/cwMwMw4kUq5ArtQAt2gXuEJKfNTnQpe7pzr+E
IcZP4ZCYvGD1FQ98o6+GENDTRVuv2ppVnse5QyNAVPz4xophfADCKSZDR94jRsXv
xrpwHthSwHJcb89Lw+g8HFFPioIFw+Kx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org