Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/n-tuxAKRWAo3lV_7sO5N6ioZoWg.roa
File: n-tuxAKRWAo3lV_7sO5N6ioZoWg.roa (raw, json)
Hash identifier: NgPu/ndvmG3nhNJDNM07EFAJwsGUSSi1evnjhsjvet4=
Subject key identifier: 9F:EB:6E:C4:02:91:58:0A:37:95:5F:FB:B0:EE:4D:EA:2A:19:A1:68
Certificate issuer: /CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Certificate serial: 01887C329FA1FD4B334DA89EE2EF77ED8144
Authority key identifier: 7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/n-tuxAKRWAo3lV_7sO5N6ioZoWg.roa
Signing time: Fri 02 Jun 2023 13:01:12 +0000
ROA not before: Fri 02 Jun 2023 13:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35790
IP address blocks: 213.204.219.0/24 maxlen: 24
213.204.218.0/24 maxlen: 24
213.204.216.0/23 maxlen: 23
213.204.215.0/24 maxlen: 24
213.204.224.0/20 maxlen: 20
213.204.222.0/24 maxlen: 24
213.204.221.0/24 maxlen: 24
213.204.232.0/24 maxlen: 24
213.204.237.0/24 maxlen: 24
213.204.244.0/24 maxlen: 24
213.204.240.0/21 maxlen: 21
213.204.252.0/22 maxlen: 22
213.204.248.0/22 maxlen: 23
213.204.247.0/24 maxlen: 24
185.31.143.0/24 maxlen: 24
185.31.140.0/22 maxlen: 22
213.204.192.0/23 maxlen: 23
213.204.192.0/20 maxlen: 20
213.204.198.0/24 maxlen: 24
213.204.208.0/20 maxlen: 20
185.105.244.0/22 maxlen: 22
185.57.84.0/22 maxlen: 22
185.217.224.0/22 maxlen: 22
2a0b:cdc7::/32 maxlen: 32
2a0b:cdc0::/29 maxlen: 29
2a0b:cdc1::/32 maxlen: 32
2a0b:cdc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:32:9f:a1:fd:4b:33:4d:a8:9e:e2:ef:77:ed:81:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Validity
Not Before: Jun 2 13:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9feb6ec40291580a37955ffbb0ee4dea2a19a168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:22:5f:86:e4:c9:ae:8e:91:ed:d5:d1:08:73:
94:0d:a0:da:cc:7a:3d:38:ee:bb:b1:7b:58:0c:86:
a8:52:e9:1f:4b:60:5c:0c:b6:c3:4e:68:ea:c7:f7:
63:44:9e:70:da:50:0d:fe:ed:c5:e8:15:1c:80:f1:
85:1f:89:c0:cf:46:ab:b0:9b:9e:71:97:c9:30:12:
1f:4e:06:d5:e6:91:ea:c6:6a:2a:0e:2b:e9:3d:5f:
0f:28:1f:96:8b:dc:30:69:cf:8c:9c:5e:3d:9d:0b:
ca:f2:0a:6f:0a:fc:72:e8:af:ca:5a:79:4a:f6:86:
1a:42:da:ce:e2:6e:98:2e:f2:ef:76:a2:eb:c7:c3:
30:ee:33:d8:34:35:f5:a3:6b:a1:2d:f0:3e:9a:3b:
d1:56:24:6c:69:4d:dd:25:62:52:dd:f7:3c:8a:74:
8c:9a:11:f9:de:5d:05:69:b9:ab:40:42:75:ad:50:
42:d3:ec:75:76:1a:07:6d:a4:3a:aa:c5:30:e2:a9:
1a:19:11:a9:52:7c:1d:00:9d:a3:53:b4:6f:27:b9:
ac:13:30:40:d8:d9:b3:cb:f3:bd:ec:3b:c2:2f:ab:
9d:8d:f5:b7:b9:49:a8:93:d1:ea:f2:af:7a:b7:22:
aa:be:21:9a:d9:39:e0:8a:48:d0:09:0d:de:2f:b1:
ab:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:EB:6E:C4:02:91:58:0A:37:95:5F:FB:B0:EE:4D:EA:2A:19:A1:68
X509v3 Authority Key Identifier:
keyid:7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/n-tuxAKRWAo3lV_7sO5N6ioZoWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.140.0/22
185.57.84.0/22
185.105.244.0/22
185.217.224.0/22
213.204.192.0/18
IPv6:
2a0b:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
47:1a:6b:8d:aa:07:4e:e7:29:cc:e7:14:62:87:77:4b:15:e2:
21:59:8a:10:dd:53:4a:a5:a3:1f:e7:a7:85:f2:fe:37:30:ef:
66:b9:c7:40:56:28:90:ba:59:2c:a9:55:fb:f7:e9:f5:c0:a3:
41:c6:de:d7:ee:0a:ba:94:11:c3:43:72:2f:10:e6:97:42:dd:
2b:b3:57:46:c0:2d:96:4c:c7:f2:4d:e0:d6:f3:6c:bb:01:f6:
8a:db:f9:c0:f5:62:76:14:72:e3:4b:94:2d:ad:e1:ea:63:55:
ff:30:28:ac:e4:7a:c5:01:9e:8d:66:5c:bd:95:73:b9:07:e3:
ce:54:76:dd:52:7e:b2:4a:61:d0:dd:21:50:38:4d:1c:32:8c:
57:90:41:66:12:c9:cd:4b:12:e5:26:23:98:a4:c6:b1:31:32:
2e:2d:6f:c9:57:2c:9b:0b:af:1f:f3:89:98:7b:c4:68:ec:ac:
37:06:c9:84:40:94:be:2f:a2:76:72:83:db:e9:42:08:2a:48:
5d:bb:7b:16:e0:a0:de:56:e9:58:d5:af:16:7c:27:e4:f4:47:
e4:4b:bb:81:c1:d6:4e:bc:cd:6f:51:5f:0e:bf:09:b4:b3:6d:
f7:f7:2b:00:8f:15:ee:ac:44:16:4c:f7:7d:f4:f8:a4:7d:66:
3c:d6:40:03
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYh8Mp+h/UszTaie4u937YFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjFiODM3OGU4ZjM2OGFlNDk5OGQ1MWMzYTlhY2U2NDE0
OGQ2Y2QwHhcNMjMwNjAyMTMwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmViNmVjNDAyOTE1ODBhMzc5NTVmZmJiMGVlNGRlYTJhMTlhMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSJfhuTJro6R7dXRCHOUDaDazHo9
OO67sXtYDIaoUukfS2BcDLbDTmjqx/djRJ5w2lAN/u3F6BUcgPGFH4nAz0arsJue
cZfJMBIfTgbV5pHqxmoqDivpPV8PKB+Wi9wwac+MnF49nQvK8gpvCvxy6K/KWnlK
9oYaQtrO4m6YLvLvdqLrx8Mw7jPYNDX1o2uhLfA+mjvRViRsaU3dJWJS3fc8inSM
mhH53l0FabmrQEJ1rVBC0+x1dhoHbaQ6qsUw4qkaGRGpUnwdAJ2jU7RvJ7msEzBA
2Nmzy/O97DvCL6udjfW3uUmok9Hq8q96tyKqviGa2TngikjQCQ3eL7Gr9wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ/rbsQCkVgKN5Vf+7DuTeoqGaFoMB8GA1UdIwQY
MBaAFH1huDeOjzaK5JmNUcOprOZBSNbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQt
ZDE2ZTRhZTYxZjgwLzEvbi10dXhBS1JXQW8zbFZfN3NPNU42aW9ab1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZDgyMWItMzQ1Mi00MjdhLThlNDQtZDE2ZTRhZTYxZjgw
LzEvZldHNE40NlBOb3JrbVkxUnc2bXM1a0ZJMXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuR+MAwQC
uTlUAwQCuWn0AwQCudngAwQG1czAMA0EAgACMAcDBQMqC83AMA0GCSqGSIb3DQEB
CwUAA4IBAQBHGmuNqgdO5ynM5xRih3dLFeIhWYoQ3VNKpaMf56eF8v43MO9mucdA
ViiQulksqVX79+n1wKNBxt7X7gq6lBHDQ3IvEOaXQt0rs1dGwC2WTMfyTeDW82y7
AfaK2/nA9WJ2FHLjS5QtreHqY1X/MCis5HrFAZ6NZly9lXO5B+POVHbdUn6ySmHQ
3SFQOE0cMoxXkEFmEsnNSxLlJiOYpMaxMTIuLW/JVyybC68f84mYe8Ro7Kw3BsmE
QJS+L6J2coPb6UIIKkhdu3sW4KDeVulY1a8WfCfk9EfkS7uBwdZOvM1vUV8Ovwm0
s2339ysAjxXurEQWTPd99PikfWY81kAD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:24 2025 by rpki-client