Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/nnawTVvYCldtaGqK_LOitqbPhzU.roa
File: nnawTVvYCldtaGqK_LOitqbPhzU.roa (raw, json)
Hash identifier: APXBeU4KK0lzaiSfMBPonvfUSx/gU9aI7T1HgJXc65M=
Subject key identifier: 9E:76:B0:4D:5B:D8:0A:57:6D:68:6A:8A:FC:B3:A2:B6:A6:CF:87:35
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 0181DA1A4481254A1D1AC7E0A5DF0D8C19A8
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/nnawTVvYCldtaGqK_LOitqbPhzU.roa
Signing time: Thu 07 Jul 2022 19:19:23 +0000
ROA not before: Thu 07 Jul 2022 19:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8075
IP address blocks: 94.245.64.0/18 maxlen: 24
172.208.0.0/13 maxlen: 13
51.124.0.0/16 maxlen: 16
192.100.112.0/21 maxlen: 21
192.100.120.0/21 maxlen: 21
192.100.128.0/22 maxlen: 22
192.100.132.0/23 maxlen: 23
172.160.0.0/11 maxlen: 11
51.144.0.0/15 maxlen: 15
51.107.0.0/16 maxlen: 16
193.149.64.0/19 maxlen: 24
192.100.104.0/21 maxlen: 21
172.200.0.0/13 maxlen: 13
51.116.0.0/16 maxlen: 16
51.138.0.0/16 maxlen: 16
51.10.0.0/15 maxlen: 15
194.110.197.0/24 maxlen: 24
51.104.0.0/15 maxlen: 15
51.136.0.0/15 maxlen: 15
51.12.0.0/15 maxlen: 15
51.103.0.0/16 maxlen: 16
51.140.0.0/14 maxlen: 14
135.130.0.0/16 maxlen: 16
159.128.0.0/16 maxlen: 16
194.41.16.0/20 maxlen: 20
132.164.0.0/16 maxlen: 16
194.41.18.0/24 maxlen: 24
194.41.22.0/24 maxlen: 24
194.41.23.0/24 maxlen: 24
194.41.20.0/24 maxlen: 24
194.41.21.0/24 maxlen: 24
194.41.19.0/24 maxlen: 24
51.132.0.0/16 maxlen: 16
157.31.0.0/16 maxlen: 16
213.199.128.0/18 maxlen: 24
193.221.113.0/24 maxlen: 24
51.53.0.0/16 maxlen: 16
51.120.0.0/16 maxlen: 16
147.243.0.0/16 maxlen: 24
51.51.0.0/16 maxlen: 16
138.105.0.0/16 maxlen: 16
2a00:1c68::/29 maxlen: 29
2a01:111::/32 maxlen: 32
2a01:111:f000::/36 maxlen: 36
2a01:111:2000::/36 maxlen: 36
2a01:111:4000::/36 maxlen: 36
2a01:111:4004::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:1a:44:81:25:4a:1d:1a:c7:e0:a5:df:0d:8c:19:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jul 7 19:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e76b04d5bd80a576d686a8afcb3a2b6a6cf8735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:34:11:bc:62:e1:87:e0:78:c4:61:cd:13:
57:cc:73:5a:8d:9c:a0:d6:f5:7b:16:10:5f:b3:dd:
53:f3:ba:0b:72:49:b1:e4:eb:8d:4f:b9:ca:1c:b5:
77:aa:8f:b9:11:ec:3c:52:29:d7:9d:95:7a:7f:c0:
35:ce:09:e7:91:f4:59:0d:3e:6e:22:66:2a:66:03:
17:51:f2:bb:9a:50:77:95:d1:26:cc:8e:96:1f:df:
24:12:4d:80:ce:f1:f0:6d:9f:74:40:c7:6e:a6:3b:
44:c0:e2:2e:45:45:3f:65:d0:a4:83:5b:db:73:b2:
ac:bf:d9:80:cd:a1:5e:4a:bb:8b:5c:ab:0c:93:2e:
38:e2:98:88:4a:89:fa:3c:d0:81:a9:17:21:9b:d4:
15:60:35:13:fe:7c:d0:12:03:16:1e:bc:ea:e6:37:
6a:53:60:ef:ba:b2:71:86:b9:88:b2:77:3a:0f:d2:
37:6e:ed:57:93:b5:bf:c7:ff:e8:cb:a2:87:cd:92:
02:0e:cc:93:18:fa:91:a6:74:62:ac:a0:cd:67:70:
b0:ac:68:5e:0c:6f:1f:44:d7:7e:d3:53:5f:fa:f4:
d3:ba:82:70:e5:75:fb:9c:2a:75:26:d5:e6:28:9c:
a1:39:e9:cc:1f:6e:37:a8:b5:8b:d1:4c:c2:34:04:
a7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:76:B0:4D:5B:D8:0A:57:6D:68:6A:8A:FC:B3:A2:B6:A6:CF:87:35
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/nnawTVvYCldtaGqK_LOitqbPhzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.10.0.0-51.13.255.255
51.51.0.0/16
51.53.0.0/16
51.103.0.0-51.105.255.255
51.107.0.0/16
51.116.0.0/16
51.120.0.0/16
51.124.0.0/16
51.132.0.0/16
51.136.0.0-51.138.255.255
51.140.0.0-51.145.255.255
94.245.64.0/18
132.164.0.0/16
135.130.0.0/16
138.105.0.0/16
147.243.0.0/16
157.31.0.0/16
159.128.0.0/16
172.160.0.0/11
172.200.0.0-172.215.255.255
192.100.104.0-192.100.133.255
193.149.64.0/19
193.221.113.0/24
194.41.16.0/20
194.110.197.0/24
213.199.128.0/18
IPv6:
2a00:1c68::/29
2a01:111::/32
Signature Algorithm: sha256WithRSAEncryption
cc:56:e8:81:53:8d:75:81:03:d4:b9:f6:d8:b4:28:3b:27:30:
b0:ae:ed:24:85:09:e9:3c:1c:64:11:d5:fa:f5:3b:6e:19:58:
af:90:4a:df:59:03:0c:72:fc:46:7e:ef:06:f5:0c:c1:e3:df:
27:d7:6b:b9:2e:b0:4e:ba:61:9e:a8:4b:c0:0f:b7:5e:5f:1c:
52:c2:5d:be:f5:e9:06:c9:3e:ce:61:a3:b5:40:be:23:a8:ad:
fe:88:b3:07:65:78:af:ff:6e:74:9c:54:0b:25:e2:0c:00:c5:
a6:11:c4:04:c8:8b:50:d2:bc:d0:8f:f8:e3:a9:44:1b:38:d5:
3f:83:d5:7f:8e:0c:e6:b5:40:e1:41:77:e0:39:92:19:0e:cc:
e4:34:01:00:85:e2:e6:82:33:92:19:ff:c5:7e:be:82:b8:3b:
0c:dd:9b:f1:dc:1a:1a:9c:36:f5:81:9e:71:e3:d7:94:5a:41:
23:f0:b5:9c:73:b2:f7:31:6b:25:6e:6c:9e:21:d6:26:a4:06:
8d:70:f6:ff:7b:20:8a:ff:b2:d5:a3:e0:ab:6f:bc:ce:30:92:
b1:35:1b:f8:83:f0:d8:18:ad:20:85:e9:8d:fe:7f:2e:e2:6a:
b0:ec:f1:71:f4:3a:06:8e:98:4d:04:60:f4:3b:31:a6:f4:0b:
4f:d4:11:de
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYHaGkSBJUodGsfgpd8NjBmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjIwNzA3MTkxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTc2YjA0ZDViZDgwYTU3NmQ2ODZhOGFmY2IzYTJiNmE2Y2Y4NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEE0Ebxi4YfgeMRhzRNXzHNajZyg
1vV7FhBfs91T87oLckmx5OuNT7nKHLV3qo+5Eew8UinXnZV6f8A1zgnnkfRZDT5u
ImYqZgMXUfK7mlB3ldEmzI6WH98kEk2AzvHwbZ90QMdupjtEwOIuRUU/ZdCkg1vb
c7Ksv9mAzaFeSruLXKsMky444piISon6PNCBqRchm9QVYDUT/nzQEgMWHrzq5jdq
U2DvurJxhrmIsnc6D9I3bu1Xk7W/x//oy6KHzZICDsyTGPqRpnRirKDNZ3CwrGhe
DG8fRNd+01Nf+vTTuoJw5XX7nCp1JtXmKJyhOenMH243qLWL0UzCNASnAwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFJ52sE1b2ApXbWhqivyzoramz4c1MB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvbm5hd1RWdllDbGR0YUdxS19MT2l0cWJQaHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBuwQCAAEwgbQwCgMD
ATMKAwMBMwwDAwAzMwMDADM1MAoDAwAzZwMDATNoAwMAM2sDAwAzdAMDADN4AwMA
M3wDAwAzhDAKAwMDM4gDAwAzijAKAwMCM4wDAwEzkAMEBl71QAMDAISkAwMAh4ID
AwCKaQMDAJPzAwMAnR8DAwCfgAMDBaygMAoDAwOsyAMDA6zQMAwDBAPAZGgDBAHA
ZIQDBAXBlUADBADB3XEDBATCKRADBADCbsUDBAbVx4AwFAQCAAIwDgMFAyoAHGgD
BQAqAQERMA0GCSqGSIb3DQEBCwUAA4IBAQDMVuiBU411gQPUufbYtCg7JzCwru0k
hQnpPBxkEdX69TtuGVivkErfWQMMcvxGfu8G9QzB498n12u5LrBOumGeqEvAD7de
XxxSwl2+9ekGyT7OYaO1QL4jqK3+iLMHZXiv/250nFQLJeIMAMWmEcQEyItQ0rzQ
j/jjqUQbONU/g9V/jgzmtUDhQXfgOZIZDszkNAEAheLmgjOSGf/Ffr6CuDsM3Zvx
3BoanDb1gZ5x49eUWkEj8LWcc7L3MWslbmyeIdYmpAaNcPb/eyCK/7LVo+Crb7zO
MJKxNRv4g/DYGK0ghemN/n8u4mqw7PFx9DoGjphNBGD0OzGm9AtP1BHe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:00 2024 by rpki-client on console-ams.rpki-client.org