Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/nbqEUr5lOjdZh2IxXhYBvz_YajE.roa
File: nbqEUr5lOjdZh2IxXhYBvz_YajE.roa (raw, json)
Hash identifier: 0kJFGOdWPo25LVTmIRrOZVxGVLrhb4UnYV7nelaZEi4=
Subject key identifier: 9D:BA:84:52:BE:65:3A:37:59:87:62:31:5E:16:01:BF:3F:D8:6A:31
Certificate issuer: /CN=3c02094c2210d8b21715f98df8598b353208d10c
Certificate serial: 01CEC2F5
Authority key identifier: 3C:02:09:4C:22:10:D8:B2:17:15:F9:8D:F8:59:8B:35:32:08:D1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/nbqEUr5lOjdZh2IxXhYBvz_YajE.roa
Signing time: Sat 01 Jan 2022 04:57:35 +0000
ROA not before: Sat 01 Jan 2022 04:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211200
IP address blocks: 92.119.39.0/24 maxlen: 24
194.180.63.0/24 maxlen: 24
194.180.62.0/24 maxlen: 24
194.180.61.0/24 maxlen: 24
194.180.60.0/22 maxlen: 22
194.180.60.0/24 maxlen: 24
2a0b:e340::/32 maxlen: 32
2a0b:e341::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30327541 (0x1cec2f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c02094c2210d8b21715f98df8598b353208d10c
Validity
Not Before: Jan 1 04:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dba8452be653a37598762315e1601bf3fd86a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:ce:1d:d7:94:30:d0:d0:29:c0:41:30:ce:
55:df:75:c6:05:cc:9a:3c:24:40:9b:b0:95:48:c0:
16:f7:52:31:e7:c9:3b:95:cc:8f:8b:9f:ad:b7:57:
34:a5:06:0d:51:ae:b1:ca:ca:af:d5:c1:75:27:c4:
55:3c:56:85:2f:dd:5b:9e:c3:3d:31:7d:00:20:0e:
31:13:c4:b6:24:53:bd:b7:84:fa:32:1c:39:6e:c6:
11:f0:58:26:a6:19:c9:3d:5f:c3:bf:47:b7:d8:e6:
62:5d:b6:97:90:df:0f:ce:93:5b:e4:1a:42:68:f3:
89:e0:b8:cf:7f:85:53:d8:1e:1f:39:b1:2a:f0:b0:
23:2e:0c:91:bf:1c:7f:2e:e9:c0:65:ef:99:f5:c5:
1d:ca:30:04:27:dc:83:8d:82:22:d0:15:16:e2:9e:
9e:aa:bf:53:ec:41:67:33:72:99:49:40:52:c3:3d:
c9:e9:5b:91:20:59:c9:d7:e2:1a:f7:bc:aa:89:1d:
6d:cc:8a:8f:33:92:ea:76:83:87:75:09:63:f1:58:
07:98:ab:fe:15:0d:4f:23:d6:e8:e3:e5:02:35:a2:
19:43:fe:61:0e:bd:25:52:e1:97:d9:ae:45:17:ab:
91:f1:37:10:30:f8:88:ac:13:4a:07:3c:4f:f2:64:
51:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BA:84:52:BE:65:3A:37:59:87:62:31:5E:16:01:BF:3F:D8:6A:31
X509v3 Authority Key Identifier:
keyid:3C:02:09:4C:22:10:D8:B2:17:15:F9:8D:F8:59:8B:35:32:08:D1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/nbqEUr5lOjdZh2IxXhYBvz_YajE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/983c2c-ddab-422b-bcd2-17374bffb71a/1/PAIJTCIQ2LIXFfmN-FmLNTII0Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.39.0/24
194.180.60.0/22
IPv6:
2a0b:e340::/31
Signature Algorithm: sha256WithRSAEncryption
16:9b:e7:27:a4:1d:0c:eb:75:ef:75:6a:6e:0a:96:65:76:d0:
dd:97:fa:98:1d:46:e7:84:69:63:e7:be:23:f7:d4:ff:47:28:
29:3a:85:f0:ff:f2:6c:96:ad:8c:72:12:42:0d:41:d2:a7:0c:
43:9d:78:7e:01:87:4a:ce:aa:67:9e:7d:8f:5f:13:cc:72:c7:
df:84:c6:3c:7b:a0:c3:dc:4a:89:6f:9a:fa:5a:0b:11:49:62:
db:85:5e:a8:2c:35:78:0a:20:1b:1f:2e:a2:5a:4b:37:d2:0e:
88:3f:f9:5a:a2:1a:a2:c6:52:ea:e5:22:5f:82:5d:7b:c5:c6:
9c:1f:6d:81:5e:89:ea:c2:4b:70:d8:dc:63:1f:ba:2e:cf:2a:
5e:c5:d0:6e:47:d8:a4:86:c6:97:b9:b4:cb:6e:34:ea:13:98:
4b:f0:bc:1b:43:4e:e5:ab:44:a8:6a:d1:c6:65:7f:02:51:dc:
ce:51:73:19:5a:b7:30:c7:ea:1b:e6:b4:d4:e6:cb:77:3e:c0:
e1:c9:c4:a5:b3:ff:9a:78:c1:e7:89:ac:0a:25:8a:5f:6f:db:
b7:91:2c:91:87:36:e7:80:3c:85:7a:4d:27:91:c4:46:8a:7f:
2d:c1:35:08:7e:42:b6:b1:c0:2a:8a:ca:e3:d0:0c:55:96:2c:
c4:1d:5f:9d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAc7C9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzAyMDk0YzIyMTBkOGIyMTcxNWY5OGRmODU5OGIzNTMyMDhkMTBjMB4XDTIyMDEw
MTA0NTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRiYTg0NTJiZTY1
M2EzNzU5ODc2MjMxNWUxNjAxYmYzZmQ4NmEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtvzh3XlDDQ0CnAQTDOVd91xgXMmjwkQJuwlUjAFvdSMefJ
O5XMj4ufrbdXNKUGDVGuscrKr9XBdSfEVTxWhS/dW57DPTF9ACAOMRPEtiRTvbeE
+jIcOW7GEfBYJqYZyT1fw79Ht9jmYl22l5DfD86TW+QaQmjzieC4z3+FU9geHzmx
KvCwIy4Mkb8cfy7pwGXvmfXFHcowBCfcg42CItAVFuKenqq/U+xBZzNymUlAUsM9
yelbkSBZydfiGve8qokdbcyKjzOS6naDh3UJY/FYB5ir/hUNTyPW6OPlAjWiGUP+
YQ69JVLhl9muRRerkfE3EDD4iKwTSgc8T/JkUdECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSduoRSvmU6N1mHYjFeFgG/P9hqMTAfBgNVHSMEGDAWgBQ8AglMIhDYshcV
+Y34WYs1MgjRDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BBSUpUQ0lRMkxJWEZmbU4tRm1MTlRJSTBRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvOTgzYzJjLWRkYWItNDIyYi1iY2QyLTE3Mzc0YmZmYjcxYS8x
L25icUVVcjVsT2pkWmgySXhYaFlCdnpfWWFqRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
OTgzYzJjLWRkYWItNDIyYi1iY2QyLTE3Mzc0YmZmYjcxYS8xL1BBSUpUQ0lRMkxJ
WEZmbU4tRm1MTlRJSTBRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFx3JwMEAsK0PDANBAIAAjAHAwUB
KgvjQDANBgkqhkiG9w0BAQsFAAOCAQEAFpvnJ6QdDOt173VqbgqWZXbQ3Zf6mB1G
54RpY+e+I/fU/0coKTqF8P/ybJatjHISQg1B0qcMQ514fgGHSs6qZ559j18TzHLH
34TGPHugw9xKiW+a+loLEUli24VeqCw1eAogGx8uolpLN9IOiD/5WqIaosZS6uUi
X4Jde8XGnB9tgV6J6sJLcNjcYx+6Ls8qXsXQbkfYpIbGl7m0y2406hOYS/C8G0NO
5atEqGrRxmV/AlHczlFzGVq3MMfqG+a01ObLdz7A4cnEpbP/mnjB54msCiWKX2/b
t5EskYc254A8hXpNJ5HERop/LcE1CH5CtrHAKorK49AMVZYsxB1fnQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:29 2023 by rpki-client on console.sobornost.net