Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/NH-_bfxukAw5l44mpaSQ5NPO0-I.roa
File: NH-_bfxukAw5l44mpaSQ5NPO0-I.roa (raw, json)
Hash identifier: TOrLQaGvaeTgofl6687BWrecPxR3MZesDos+EIILi9A=
Subject key identifier: 34:7F:BF:6D:FC:6E:90:0C:39:97:8E:26:A5:A4:90:E4:D3:CE:D3:E2
Certificate issuer: /CN=4d16240897b01305681c9425fe523f58fab27415
Certificate serial: 16FB42CF
Authority key identifier: 4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/NH-_bfxukAw5l44mpaSQ5NPO0-I.roa
Signing time: Sat 01 Jan 2022 00:56:32 +0000
ROA not before: Sat 01 Jan 2022 00:56:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20963
IP address blocks: 81.25.176.0/20 maxlen: 20
80.77.128.0/20 maxlen: 20
185.88.228.0/22 maxlen: 22
46.227.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 385565391 (0x16fb42cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d16240897b01305681c9425fe523f58fab27415
Validity
Not Before: Jan 1 00:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=347fbf6dfc6e900c39978e26a5a490e4d3ced3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:26:15:b8:d8:42:02:83:35:e0:a9:83:d2:60:
db:ac:45:0a:c4:e1:c9:7d:e6:03:fa:72:e4:3d:d3:
5f:95:f0:88:9f:bf:fd:83:ed:00:5e:62:78:4a:4f:
81:f6:5d:03:1a:80:d3:bc:d1:15:a3:0c:49:03:52:
d6:d2:7c:e9:0c:f8:87:93:56:22:14:50:29:8d:f7:
8a:e0:04:bb:e5:7c:2f:d1:e4:a7:ea:7f:e0:44:73:
78:1d:bb:3f:75:0a:e4:cf:29:3c:c1:67:32:be:ab:
f9:33:31:16:89:35:65:d5:26:9c:1b:f7:04:30:07:
8f:30:d6:ef:80:f0:d1:8a:af:10:9d:29:9f:15:1c:
f4:ca:66:12:af:01:b1:98:43:0f:aa:2a:0c:ea:f9:
b5:20:e9:3f:ef:96:e7:55:be:16:8d:2e:c7:af:d6:
d3:ef:8e:02:ff:d6:e1:be:6c:63:4c:1e:61:a2:d8:
9f:85:fa:48:95:47:7c:29:1e:28:45:a1:46:eb:b6:
ea:70:b8:14:7b:c3:23:9a:fa:ea:f3:61:bb:84:ba:
a8:a9:66:69:89:2b:c2:d7:16:f2:b5:33:ba:03:7d:
18:30:e3:ed:81:2d:4e:30:a2:93:9c:59:7b:ca:1c:
62:16:c8:6e:4e:14:18:f2:87:f1:1a:f0:f3:e3:73:
ff:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7F:BF:6D:FC:6E:90:0C:39:97:8E:26:A5:A4:90:E4:D3:CE:D3:E2
X509v3 Authority Key Identifier:
keyid:4D:16:24:08:97:B0:13:05:68:1C:94:25:FE:52:3F:58:FA:B2:74:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRYkCJewEwVoHJQl_lI_WPqydBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/NH-_bfxukAw5l44mpaSQ5NPO0-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/fc481a-ab01-4f82-9e6e-eb02f3d3f40c/1/TRYkCJewEwVoHJQl_lI_WPqydBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.112.0/21
80.77.128.0/20
81.25.176.0/20
185.88.228.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:a7:82:64:5c:eb:53:f6:3f:39:2e:7e:f5:35:c9:e4:31:ab:
10:a5:05:f0:da:b3:50:82:52:3e:ea:c9:b4:c3:52:e8:6e:e4:
2d:e3:08:b6:e6:b5:e1:cc:a3:39:bf:24:bf:fb:56:75:90:b4:
eb:77:2d:5e:a3:a8:ad:50:7f:18:cc:d9:57:e7:fc:ba:8f:1f:
68:75:83:48:1d:bb:d2:3a:d7:e4:9b:95:04:6d:60:f4:74:56:
63:4d:89:a0:0b:7a:0d:17:5c:b4:4e:5a:d1:a1:f6:95:22:f0:
c5:5f:25:cf:f1:d2:7a:f4:32:7f:b0:31:1d:b9:1e:a7:dc:21:
b6:e6:76:b6:aa:b8:e4:7f:aa:d1:81:26:fe:2a:e8:5b:fe:59:
58:95:83:cd:32:7e:2c:05:ab:1d:92:2d:7f:b7:87:2e:65:4c:
18:62:bf:cf:e5:d6:c3:07:3c:06:dc:4c:d9:e2:b3:ec:39:da:
36:91:66:ef:da:f2:01:73:41:52:78:08:c2:03:cd:bc:4a:66:
29:2e:00:aa:ed:55:46:16:70:f8:13:ef:92:3e:83:8f:11:4d:
dd:53:d1:f2:56:e9:b8:ec:5a:1a:71:ea:f4:b1:17:d2:4e:b0:
1f:0d:02:a4:23:4c:36:f6:f8:b2:fe:05:36:d8:08:fa:fb:77:
c9:b4:0b:80
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFvtCzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDE2MjQwODk3YjAxMzA1NjgxYzk0MjVmZTUyM2Y1OGZhYjI3NDE1MB4XDTIyMDEw
MTAwNTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ3ZmJmNmRmYzZl
OTAwYzM5OTc4ZTI2YTVhNDkwZTRkM2NlZDNlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwmFbjYQgKDNeCpg9Jg26xFCsThyX3mA/py5D3TX5XwiJ+/
/YPtAF5ieEpPgfZdAxqA07zRFaMMSQNS1tJ86Qz4h5NWIhRQKY33iuAEu+V8L9Hk
p+p/4ERzeB27P3UK5M8pPMFnMr6r+TMxFok1ZdUmnBv3BDAHjzDW74Dw0YqvEJ0p
nxUc9MpmEq8BsZhDD6oqDOr5tSDpP++W51W+Fo0ux6/W0++OAv/W4b5sY0weYaLY
n4X6SJVHfCkeKEWhRuu26nC4FHvDI5r66vNhu4S6qKlmaYkrwtcW8rUzugN9GDDj
7YEtTjCik5xZe8ocYhbIbk4UGPKH8Rrw8+Nz/9sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ0f79t/G6QDDmXjialpJDk087T4jAfBgNVHSMEGDAWgBRNFiQIl7ATBWgc
lCX+Uj9Y+rJ0FTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RSWWtDSmV3RXdWb0hKUWxfbElfV1BxeWRCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZmM0ODFhLWFiMDEtNGY4Mi05ZTZlLWViMDJmM2QzZjQwYy8x
L05ILV9iZnh1a0F3NWw0NG1wYVNRNU5QTzAtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZmM0ODFhLWFiMDEtNGY4Mi05ZTZlLWViMDJmM2QzZjQwYy8xL1RSWWtDSmV3RXdW
b0hKUWxfbElfV1BxeWRCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAy7jcAMEBFBNgAMEBFEZsAMEArlY
5DANBgkqhkiG9w0BAQsFAAOCAQEAm6eCZFzrU/Y/OS5+9TXJ5DGrEKUF8NqzUIJS
PurJtMNS6G7kLeMItua14cyjOb8kv/tWdZC063ctXqOorVB/GMzZV+f8uo8faHWD
SB270jrX5JuVBG1g9HRWY02JoAt6DRdctE5a0aH2lSLwxV8lz/HSevQyf7AxHbke
p9whtuZ2tqq45H+q0YEm/iroW/5ZWJWDzTJ+LAWrHZItf7eHLmVMGGK/z+XWwwc8
BtxM2eKz7DnaNpFm79ryAXNBUngIwgPNvEpmKS4Aqu1VRhZw+BPvkj6DjxFN3VPR
8lbpuOxaGnHq9LEX0k6wHw0CpCNMNvb4sv4FNtgI+vt3ybQLgA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:25 2023 by rpki-client on console.sobornost.net