Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/nqWlkgPC27Mip28tlCKCjDROkZg.roa
File: nqWlkgPC27Mip28tlCKCjDROkZg.roa (raw, json)
Hash identifier: +LW//cDnogqi8WVGt9vQsySxPjjObdb+Ps+q7gu7rsw=
Subject key identifier: 9E:A5:A5:92:03:C2:DB:B3:22:A7:6F:2D:94:22:82:8C:34:4E:91:98
Certificate issuer: /CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Certificate serial: 08814DE6
Authority key identifier: DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/nqWlkgPC27Mip28tlCKCjDROkZg.roa
Signing time: Sat 01 Jan 2022 06:55:41 +0000
ROA not before: Sat 01 Jan 2022 06:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8426
IP address blocks: 80.172.0.0/16 maxlen: 18
80.172.250.0/24 maxlen: 24
80.172.251.0/24 maxlen: 24
188.93.224.0/21 maxlen: 21
77.91.200.0/21 maxlen: 21
195.22.0.0/19 maxlen: 19
195.72.136.0/22 maxlen: 22
194.62.240.0/22 maxlen: 22
2001:4cc0::/32 maxlen: 48
2a03:73c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142691814 (0x8814de6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db641fc903d5b4cc971649324a4b34e4f82422c5
Validity
Not Before: Jan 1 06:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ea5a59203c2dbb322a76f2d9422828c344e9198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1a:db:e8:30:c4:45:f1:0d:23:c9:9c:b7:83:
c4:9e:cc:85:92:36:5f:cd:80:e4:7d:c8:44:83:db:
72:0c:29:ed:96:92:3b:58:81:28:a5:e4:50:d1:61:
fd:a3:28:b0:c5:70:f3:fd:47:7d:48:9a:d5:7e:6e:
df:bc:17:12:66:b9:be:ac:1c:21:5f:88:13:4d:a2:
a7:35:11:11:08:0e:d5:12:12:5e:64:f1:1b:75:66:
61:02:a0:8e:73:1e:69:80:86:2c:f5:6c:fb:72:7b:
6d:34:c2:57:db:f1:77:11:3d:b9:2c:28:a9:df:51:
04:b6:21:79:1a:89:67:2e:24:10:05:a6:dc:5d:00:
58:12:ba:8c:1e:db:05:cb:ad:df:01:23:fb:0f:ad:
8c:9d:75:31:41:fd:cb:a9:34:12:91:49:35:5c:d0:
d5:fe:29:df:cb:2e:d5:79:01:96:7e:57:e1:b2:4a:
ae:dc:2e:58:47:e0:f7:41:3d:38:76:c5:3d:a2:74:
c3:77:c3:09:77:4f:82:af:2c:ab:90:81:45:77:8f:
53:16:48:03:f2:31:2f:26:0f:81:72:bb:86:1b:45:
e8:8c:9d:e5:e6:a3:e8:94:8f:e0:d4:e8:a0:4a:a2:
55:41:91:d1:21:00:46:f6:75:ac:b0:8e:d5:6a:ee:
8f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A5:A5:92:03:C2:DB:B3:22:A7:6F:2D:94:22:82:8C:34:4E:91:98
X509v3 Authority Key Identifier:
keyid:DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/nqWlkgPC27Mip28tlCKCjDROkZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.200.0/21
80.172.0.0/16
188.93.224.0/21
194.62.240.0/22
195.22.0.0/19
195.72.136.0/22
IPv6:
2001:4cc0::/32
2a03:73c0::/48
Signature Algorithm: sha256WithRSAEncryption
60:e8:a2:68:5e:3a:03:ca:54:b9:ff:d8:22:f5:28:12:92:b7:
f6:a8:06:af:78:ca:0e:76:93:2f:d6:e0:86:e0:cb:1a:b4:3f:
7d:b4:bc:0d:0e:35:1a:e5:d3:e0:dc:a5:77:26:89:c3:f8:f9:
ae:38:fb:97:be:d1:a3:2f:33:92:d6:4b:14:d8:b0:69:30:3a:
68:7f:b0:07:ed:c1:79:f8:15:76:44:b3:b6:75:63:88:4a:51:
bf:5f:31:c3:8e:39:b1:0e:42:33:c7:10:4d:1e:33:30:db:1c:
11:4c:d6:05:08:20:6a:5b:ed:32:61:e2:f0:c8:5b:85:6d:b6:
be:18:0c:27:f0:8f:ba:ba:d5:91:02:3a:1e:83:7f:54:ce:99:
d9:61:46:38:6a:74:d3:b5:8b:22:5c:23:14:00:48:36:15:aa:
f9:b3:d8:0d:df:3e:f0:b3:8a:c7:07:a4:ac:de:0a:aa:dd:3e:
65:35:de:06:75:e8:4d:78:88:4d:6b:71:69:b1:4c:56:c6:fe:
86:53:a4:be:58:ed:c8:42:19:33:29:29:8e:1c:40:57:5d:31:
dd:9c:94:fa:ac:df:84:91:95:3d:85:2f:16:91:ca:9f:75:c7:
5c:67:ca:b6:d8:55:1f:96:17:13:24:44:b6:69:c5:0d:3d:5b:
54:19:f5:65
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIECIFN5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjY0MWZjOTAzZDViNGNjOTcxNjQ5MzI0YTRiMzRlNGY4MjQyMmM1MB4XDTIyMDEw
MTA2NTU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVhNWE1OTIwM2My
ZGJiMzIyYTc2ZjJkOTQyMjgyOGMzNDRlOTE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPIa2+gwxEXxDSPJnLeDxJ7MhZI2X82A5H3IRIPbcgwp7ZaS
O1iBKKXkUNFh/aMosMVw8/1HfUia1X5u37wXEma5vqwcIV+IE02ipzUREQgO1RIS
XmTxG3VmYQKgjnMeaYCGLPVs+3J7bTTCV9vxdxE9uSwoqd9RBLYheRqJZy4kEAWm
3F0AWBK6jB7bBcut3wEj+w+tjJ11MUH9y6k0EpFJNVzQ1f4p38su1XkBln5X4bJK
rtwuWEfg90E9OHbFPaJ0w3fDCXdPgq8sq5CBRXePUxZIA/IxLyYPgXK7hhtF6Iyd
5eaj6JSP4NTooEqiVUGR0SEARvZ1rLCO1Wruj98CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBSepaWSA8LbsyKnby2UIoKMNE6RmDAfBgNVHSMEGDAWgBTbZB/JA9W0zJcW
STJKSzTk+CQixTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzIyUWZ5UVBWdE15WEZra3lTa3MwNVBna0lzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMTAwOTVmLWZkMzUtNGEwNi04ZjM5LTdmZWU1OTFhMjA5Yy8x
L25xV2xrZ1BDMjdNaXAyOHRsQ0tDakRST2taZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MTAwOTVmLWZkMzUtNGEwNi04ZjM5LTdmZWU1OTFhMjA5Yy8xLzIyUWZ5UVBWdE15
WEZra3lTa3MwNVBna0lzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwKQQCAAEwIwMEA01byAMDAFCsAwQDvF3gAwQCwj7w
AwQFwxYAAwQCw0iIMBYEAgACMBADBQAgAUzAAwcAKgNzwAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQBg6KJoXjoDylS5/9gi9SgSkrf2qAaveMoOdpMv1uCG4MsatD99tLwN
DjUa5dPg3KV3JonD+PmuOPuXvtGjLzOS1ksU2LBpMDpof7AH7cF5+BV2RLO2dWOI
SlG/XzHDjjmxDkIzxxBNHjMw2xwRTNYFCCBqW+0yYeLwyFuFbba+GAwn8I+6utWR
Ajoeg39UzpnZYUY4anTTtYsiXCMUAEg2Far5s9gN3z7ws4rHB6Ss3gqq3T5lNd4G
dehNeIhNa3FpsUxWxv6GU6S+WO3IQhkzKSmOHEBXXTHdnJT6rN+EkZU9hS8Wkcqf
dcdcZ8q22FUflhcTJES2acUNPVtUGfVl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:05 2025 by rpki-client