Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/nkjtkQXG0lBodlSw86hCT5C0Ixc.roa
File: nkjtkQXG0lBodlSw86hCT5C0Ixc.roa (raw, json)
Hash identifier: 8JhaqsQkt7OuIqkKD3DIfFqISfcV5dm4/y+CPWdOvFk=
Subject key identifier: 9E:48:ED:91:05:C6:D2:50:68:76:54:B0:F3:A8:42:4F:90:B4:23:17
Certificate issuer: /CN=23d480b0795617e2e26e6e18264377e7a96c78f3
Certificate serial: 0182106D77E898B866F6E5B4CE7B31340F4A
Authority key identifier: 23:D4:80:B0:79:56:17:E2:E2:6E:6E:18:26:43:77:E7:A9:6C:78:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9SAsHlWF-Libm4YJkN356lsePM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/nkjtkQXG0lBodlSw86hCT5C0Ixc.roa
Signing time: Mon 18 Jul 2022 08:29:45 +0000
ROA not before: Mon 18 Jul 2022 08:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31059
IP address blocks: 46.227.160.0/23 maxlen: 23
46.227.162.0/24 maxlen: 24
46.227.164.0/24 maxlen: 24
46.227.166.0/24 maxlen: 24
46.227.167.0/24 maxlen: 24
193.242.176.0/22 maxlen: 22
95.143.4.0/24 maxlen: 24
95.143.0.0/21 maxlen: 24
95.143.10.0/24 maxlen: 24
95.143.11.0/24 maxlen: 24
95.143.5.0/24 maxlen: 24
95.143.8.0/23 maxlen: 23
95.143.12.0/24 maxlen: 24
95.143.13.0/24 maxlen: 24
95.143.14.0/23 maxlen: 23
185.72.224.0/24 maxlen: 24
185.72.225.0/24 maxlen: 24
185.72.226.0/24 maxlen: 24
185.72.227.0/24 maxlen: 24
2a02:1328:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:10:6d:77:e8:98:b8:66:f6:e5:b4:ce:7b:31:34:0f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d480b0795617e2e26e6e18264377e7a96c78f3
Validity
Not Before: Jul 18 08:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e48ed9105c6d250687654b0f3a8424f90b42317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:1f:92:0d:00:22:20:fe:e8:54:f1:cf:da:
27:ad:2b:09:72:c6:1b:65:b2:27:59:c8:7f:b2:89:
5e:a2:2a:b1:b7:2e:0b:05:78:2f:63:2a:d8:85:e9:
db:89:69:49:ab:63:76:15:31:7a:03:be:f5:f6:30:
37:8f:2c:b7:9e:06:2e:05:17:43:18:69:56:f9:77:
84:41:1c:42:61:ad:b1:a1:4a:dd:5e:ce:50:40:89:
1a:d8:d3:12:ec:eb:70:eb:aa:3b:48:f8:f3:5b:df:
70:a7:b2:bb:c3:4a:ef:9b:3f:f8:4a:68:bc:9b:df:
30:21:6b:6a:a4:e5:e5:01:fd:e0:2f:cc:cf:42:bd:
12:e4:b4:c9:71:3d:a9:42:fd:90:36:70:2d:e4:62:
ec:3f:28:93:5f:78:07:12:98:d6:32:55:8f:dd:6a:
62:33:75:ab:06:35:52:61:4f:68:f3:fa:4c:f6:d4:
08:7d:1d:99:d4:89:4c:cf:5b:bd:2a:bb:cc:f3:9a:
fa:05:9b:bd:94:90:98:d9:58:81:23:2e:c6:78:97:
7f:aa:cc:99:ea:96:01:1b:55:63:1a:20:50:37:99:
59:39:be:8f:d4:57:0c:84:6e:6d:43:a9:b6:bf:db:
32:66:29:1c:03:31:58:dd:d2:8f:fc:0d:eb:39:3c:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:48:ED:91:05:C6:D2:50:68:76:54:B0:F3:A8:42:4F:90:B4:23:17
X509v3 Authority Key Identifier:
keyid:23:D4:80:B0:79:56:17:E2:E2:6E:6E:18:26:43:77:E7:A9:6C:78:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9SAsHlWF-Libm4YJkN356lsePM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/nkjtkQXG0lBodlSw86hCT5C0Ixc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/I9SAsHlWF-Libm4YJkN356lsePM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.160.0-46.227.162.255
46.227.164.0/24
46.227.166.0/23
95.143.0.0/20
185.72.224.0/22
193.242.176.0/22
IPv6:
2a02:1328:2::/48
Signature Algorithm: sha256WithRSAEncryption
ad:99:55:d3:cd:54:2c:8c:54:c5:a1:39:11:f6:30:c5:7e:7f:
d7:9c:82:88:12:b7:4d:e5:7d:ec:e2:68:e2:91:84:c9:24:60:
ed:19:56:7f:60:41:65:9b:10:ec:37:e8:b0:50:c6:8f:fd:2b:
c6:0d:55:c0:7c:8a:71:4d:87:0e:9d:b2:5a:90:48:38:e7:84:
85:33:7b:22:6e:ee:4c:32:99:5b:fe:aa:a9:5b:46:0b:92:c4:
3f:11:c8:ff:73:d5:da:55:f5:9a:a3:76:d7:a4:a6:88:20:78:
83:27:03:ea:ec:eb:57:49:80:90:2d:73:fe:b3:47:6f:b8:5f:
a4:03:0d:76:4c:37:46:d2:0b:b4:5e:6e:8a:9c:13:bf:cd:fa:
e9:87:51:ac:eb:94:42:58:a6:47:2d:b9:93:13:f5:10:ed:09:
fb:ae:a8:81:2e:bb:8e:8b:61:2e:d2:94:14:5d:97:e0:6d:a3:
9b:7c:2f:db:85:1b:c2:34:8e:8f:e9:e2:c4:94:f9:e1:e8:45:
70:b7:41:75:f1:22:5b:6f:d3:2c:5f:16:66:20:03:35:d8:ad:
8d:01:a3:2b:14:0f:66:11:87:2d:c0:89:b0:68:c4:4e:3c:c6:
d9:4c:14:cb:4e:b9:f2:7d:8b:b5:e1:60:6d:9e:03:23:0e:a8:
6a:b2:f0:4e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYIQbXfomLhm9uW0znsxNA9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDQ4MGIwNzk1NjE3ZTJlMjZlNmUxODI2NDM3N2U3YTk2
Yzc4ZjMwHhcNMjIwNzE4MDgyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ4ZWQ5MTA1YzZkMjUwNjg3NjU0YjBmM2E4NDI0ZjkwYjQyMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsQfkg0AIiD+6FTxz9onrSsJcsYb
ZbInWch/soleoiqxty4LBXgvYyrYhenbiWlJq2N2FTF6A7719jA3jyy3ngYuBRdD
GGlW+XeEQRxCYa2xoUrdXs5QQIka2NMS7Otw66o7SPjzW99wp7K7w0rvmz/4Smi8
m98wIWtqpOXlAf3gL8zPQr0S5LTJcT2pQv2QNnAt5GLsPyiTX3gHEpjWMlWP3Wpi
M3WrBjVSYU9o8/pM9tQIfR2Z1IlMz1u9KrvM85r6BZu9lJCY2ViBIy7GeJd/qsyZ
6pYBG1VjGiBQN5lZOb6P1FcMhG5tQ6m2v9syZikcAzFY3dKP/A3rOTwA7QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJ5I7ZEFxtJQaHZUsPOoQk+QtCMXMB8GA1UdIwQY
MBaAFCPUgLB5Vhfi4m5uGCZDd+epbHjzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlTQXNIbFdGLUxpYm00WUprTjM1NmxzZVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82NjRjYWItYmE5YS00YzQwLTk3ZjQt
YWY5OGU0OWYxMWFlLzEvbmtqdGtRWEcwbEJvZGxTdzg2aENUNUMwSXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82NjRjYWItYmE5YS00YzQwLTk3ZjQtYWY5OGU0OWYxMWFl
LzEvSTlTQXNIbFdGLUxpYm00WUprTjM1NmxzZVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAyBAIAATAsMAwDBAUu46AD
BAAu46IDBAAu46QDBAEu46YDBARfjwADBAK5SOADBALB8rAwDwQCAAIwCQMHACoC
EygAAjANBgkqhkiG9w0BAQsFAAOCAQEArZlV081ULIxUxaE5EfYwxX5/15yCiBK3
TeV97OJo4pGEySRg7RlWf2BBZZsQ7DfosFDGj/0rxg1VwHyKcU2HDp2yWpBIOOeE
hTN7Im7uTDKZW/6qqVtGC5LEPxHI/3PV2lX1mqN216SmiCB4gycD6uzrV0mAkC1z
/rNHb7hfpAMNdkw3RtILtF5uipwTv8366YdRrOuUQlimRy25kxP1EO0J+66ogS67
jothLtKUFF2X4G2jm3wv24UbwjSOj+nixJT54ehFcLdBdfEiW2/TLF8WZiADNdit
jQGjKxQPZhGHLcCJsGjETjzG2UwUy0658n2LteFgbZ4DIw6oarLwTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:26 2024 by rpki-client on console-ams.rpki-client.org