Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/16c4b5-6dda-4a38-848f-dfbbeda21594/1/NoL3XXjE_JptOxxzuwvkimwdVCM.roa
File: NoL3XXjE_JptOxxzuwvkimwdVCM.roa (raw, json)
Hash identifier: 4gZT7gJufZlE7uqEby3TBRmKXwVc2tKqikqmh6IAE6w=
Subject key identifier: 36:82:F7:5D:78:C4:FC:9A:6D:3B:1C:73:BB:0B:E4:8A:6C:1D:54:23
Certificate issuer: /CN=f543ea52871489d86aa9ca5ca0c297c88ab82ab6
Certificate serial: 1175C76E
Authority key identifier: F5:43:EA:52:87:14:89:D8:6A:A9:CA:5C:A0:C2:97:C8:8A:B8:2A:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UPqUocUidhqqcpcoMKXyIq4KrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/16c4b5-6dda-4a38-848f-dfbbeda21594/1/NoL3XXjE_JptOxxzuwvkimwdVCM.roa
Signing time: Fri 15 Apr 2022 10:11:57 +0000
ROA not before: Fri 15 Apr 2022 10:11:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31724
IP address blocks: 92.246.152.0/22 maxlen: 22
176.221.0.0/21 maxlen: 21
185.8.200.0/22 maxlen: 22
185.64.208.0/22 maxlen: 22
178.22.192.0/21 maxlen: 21
89.207.64.0/21 maxlen: 21
31.170.168.0/21 maxlen: 21
94.198.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 292931438 (0x1175c76e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f543ea52871489d86aa9ca5ca0c297c88ab82ab6
Validity
Not Before: Apr 15 10:11:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3682f75d78c4fc9a6d3b1c73bb0be48a6c1d5423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:d7:a7:7b:56:ce:ba:9b:75:69:f6:18:2e:
3b:2f:8d:47:4e:74:d5:01:81:ef:ad:bc:20:06:d0:
b0:cb:a5:05:76:d4:ac:21:61:30:c9:86:f2:c9:8e:
10:22:54:53:3b:8d:c3:47:e3:44:ce:8e:db:35:ac:
12:c6:60:8d:59:27:a7:73:3e:a4:20:77:0e:33:1b:
77:94:f6:76:fd:f1:83:86:fd:43:fc:64:bc:3c:57:
b7:93:d5:f6:68:cb:24:d8:1e:ad:c4:70:1c:38:e5:
a6:a9:74:d9:5e:9f:c4:bb:1e:ed:93:27:2d:41:f9:
f3:9b:8f:80:da:bd:86:61:a9:ad:1f:91:e5:6d:e7:
2a:6d:1c:e7:57:8c:12:b9:14:39:c3:19:ea:a2:2d:
b0:46:38:a1:49:fd:b0:4d:b9:7f:21:ae:71:08:b1:
af:cd:c0:dd:88:10:19:aa:b5:cf:b9:fa:b7:61:90:
57:6a:85:21:32:58:c8:a1:57:b2:6d:cd:39:fe:77:
54:5c:a1:44:a6:ac:31:9e:72:13:9e:2f:f4:bd:86:
2c:87:60:5d:bb:0b:46:b4:e4:76:d2:3e:46:e6:34:
94:63:3c:a8:43:c9:57:45:88:a6:34:5f:f4:da:44:
5a:6d:8a:40:75:89:fc:61:9b:98:81:61:27:ad:08:
4c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:82:F7:5D:78:C4:FC:9A:6D:3B:1C:73:BB:0B:E4:8A:6C:1D:54:23
X509v3 Authority Key Identifier:
keyid:F5:43:EA:52:87:14:89:D8:6A:A9:CA:5C:A0:C2:97:C8:8A:B8:2A:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UPqUocUidhqqcpcoMKXyIq4KrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/16c4b5-6dda-4a38-848f-dfbbeda21594/1/NoL3XXjE_JptOxxzuwvkimwdVCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/16c4b5-6dda-4a38-848f-dfbbeda21594/1/9UPqUocUidhqqcpcoMKXyIq4KrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.168.0/21
89.207.64.0/21
92.246.152.0/22
94.198.232.0/21
176.221.0.0/21
178.22.192.0/21
185.8.200.0/22
185.64.208.0/22
Signature Algorithm: sha256WithRSAEncryption
05:5d:59:e5:a0:a1:76:27:3c:73:01:18:15:e6:a8:97:e8:57:
02:57:61:4f:37:47:68:41:b4:16:1e:a0:26:e0:2d:b2:61:1a:
52:31:d7:79:92:29:50:d9:26:c2:9d:29:d7:f6:2a:ba:12:20:
0d:31:8f:13:00:66:62:e8:fb:49:f9:26:c6:4a:a4:9c:ff:dc:
7f:f9:07:02:ca:e9:76:e7:3b:20:0f:32:80:3f:af:4a:0e:db:
9d:92:5b:43:b7:3d:cc:b7:b1:7a:94:57:bd:05:14:4e:be:67:
ed:4f:f3:f1:71:ee:1c:93:62:88:46:d2:a3:cb:88:5e:9d:d2:
bb:c8:dc:38:bb:a4:b4:9a:c3:ca:60:6c:40:14:a4:7a:49:23:
96:1e:53:2b:59:e4:52:ee:8a:e6:53:00:9b:d3:a0:53:38:ed:
30:d2:f3:5b:6c:a8:2c:05:d7:7b:06:10:09:1d:d7:3a:af:72:
4f:83:bc:62:84:60:73:f3:9a:3c:e2:71:24:e0:cf:4f:2d:40:
dc:47:17:40:3d:58:26:77:66:54:c3:ca:c5:d1:d5:a2:9e:21:
43:7f:58:3e:64:ec:25:2a:fe:78:bd:48:4d:31:f5:60:88:89:
67:2f:44:bf:97:30:2a:44:3b:9f:95:6a:4e:dd:be:a4:cd:d1:
90:58:d5:bf
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEEXXHbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTQzZWE1Mjg3MTQ4OWQ4NmFhOWNhNWNhMGMyOTdjODhhYjgyYWI2MB4XDTIyMDQx
NTEwMTE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY4MmY3NWQ3OGM0
ZmM5YTZkM2IxYzczYmIwYmU0OGE2YzFkNTQyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtD16d7Vs66m3Vp9hguOy+NR0501QGB7628IAbQsMulBXbU
rCFhMMmG8smOECJUUzuNw0fjRM6O2zWsEsZgjVknp3M+pCB3DjMbd5T2dv3xg4b9
Q/xkvDxXt5PV9mjLJNgercRwHDjlpql02V6fxLse7ZMnLUH585uPgNq9hmGprR+R
5W3nKm0c51eMErkUOcMZ6qItsEY4oUn9sE25fyGucQixr83A3YgQGaq1z7n6t2GQ
V2qFITJYyKFXsm3NOf53VFyhRKasMZ5yE54v9L2GLIdgXbsLRrTkdtI+RuY0lGM8
qEPJV0WIpjRf9NpEWm2KQHWJ/GGbmIFhJ60ITA0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQ2gvddeMT8mm07HHO7C+SKbB1UIzAfBgNVHSMEGDAWgBT1Q+pShxSJ2Gqp
ylygwpfIirgqtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlVUHFVb2NVaWRocXFjcGNvTUtYeUlxNEtyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMTZjNGI1LTZkZGEtNGEzOC04NDhmLWRmYmJlZGEyMTU5NC8x
L05vTDNYWGpFX0pwdE94eHp1d3ZraW13ZFZDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MTZjNGI1LTZkZGEtNGEzOC04NDhmLWRmYmJlZGEyMTU5NC8xLzlVUHFVb2NVaWRo
cXFjcGNvTUtYeUlxNEtyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAx+qqAMEA1nPQAMEAlz2mAMEA17G
6AMEA7DdAAMEA7IWwAMEArkIyAMEArlA0DANBgkqhkiG9w0BAQsFAAOCAQEABV1Z
5aChdic8cwEYFeaol+hXAldhTzdHaEG0Fh6gJuAtsmEaUjHXeZIpUNkmwp0p1/Yq
uhIgDTGPEwBmYuj7SfkmxkqknP/cf/kHAsrpduc7IA8ygD+vSg7bnZJbQ7c9zLex
epRXvQUUTr5n7U/z8XHuHJNiiEbSo8uIXp3Su8jcOLuktJrDymBsQBSkekkjlh5T
K1nkUu6K5lMAm9OgUzjtMNLzW2yoLAXXewYQCR3XOq9yT4O8YoRgc/OaPOJxJODP
Ty1A3EcXQD1YJndmVMPKxdHVop4hQ39YPmTsJSr+eL1ITTH1YIiJZy9Ev5cwKkQ7
n5VqTt2+pM3RkFjVvw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:33 2023 by rpki-client on console.sobornost.net