Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/Nx_aT1aTl115_5T66Lif5POPVfQ.roa
File: Nx_aT1aTl115_5T66Lif5POPVfQ.roa (raw, json)
Hash identifier: 1PUBlCNZhol2Rw0O1r61LYdLD1Sy+ZgrzgJ9AaAj8bM=
Subject key identifier: 37:1F:DA:4F:56:93:97:5D:79:FF:94:FA:E8:B8:9F:E4:F3:8F:55:F4
Certificate issuer: /CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Certificate serial: 051FF4F1
Authority key identifier: 99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/Nx_aT1aTl115_5T66Lif5POPVfQ.roa
Signing time: Sat 01 Jan 2022 12:03:53 +0000
ROA not before: Sat 01 Jan 2022 12:03:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12361
IP address blocks: 195.97.52.0/24 maxlen: 24
62.74.128.0/17 maxlen: 17
77.69.38.0/24 maxlen: 24
213.249.32.0/19 maxlen: 19
62.74.0.0/17 maxlen: 17
62.74.0.0/16 maxlen: 24
195.46.0.0/19 maxlen: 19
195.46.0.0/20 maxlen: 20
185.158.220.0/22 maxlen: 22
185.158.220.0/23 maxlen: 23
185.158.222.0/23 maxlen: 23
213.249.0.0/18 maxlen: 18
213.249.0.0/19 maxlen: 19
195.46.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85980401 (0x51ff4f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Validity
Not Before: Jan 1 12:03:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=371fda4f5693975d79ff94fae8b89fe4f38f55f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:69:33:bf:ca:ea:7c:6c:ac:1d:70:fc:2c:5c:
3c:f6:2b:23:98:a3:52:8c:cf:0c:82:1b:49:66:24:
79:17:1e:2f:39:49:88:5c:f3:a3:12:d0:6d:29:ac:
98:3d:9f:d6:78:de:9d:d8:9b:da:f6:db:cb:9f:4b:
b1:2b:ab:59:49:97:bf:1a:30:a2:30:06:1d:4c:b5:
03:12:6a:4c:00:25:de:f4:67:9f:dc:d2:e6:80:a0:
7f:86:c8:7d:22:69:19:e1:d6:20:bc:2c:a3:f8:fb:
54:5c:0a:de:66:46:ef:b9:61:d5:e0:0a:ed:3c:13:
d3:58:b4:73:75:e1:1e:4d:ce:85:8d:48:67:53:27:
71:e7:c7:ec:9c:4b:cf:43:5d:23:14:ed:28:42:3f:
fa:0b:58:ce:8d:c3:b6:b8:a6:06:61:af:7b:a3:87:
c6:dc:03:e8:e2:db:c8:fa:bb:64:b2:df:8a:78:92:
c8:6f:db:44:07:4c:b3:ef:04:4c:56:ac:e7:eb:88:
09:8f:7c:4b:d9:cc:f8:ab:5a:57:ff:89:8c:9e:4c:
23:e8:5e:f4:fa:a7:fc:60:28:40:4e:0e:6e:15:84:
d5:e5:38:ef:de:47:43:63:15:ea:5b:8b:6e:21:e9:
11:a8:15:67:48:c5:5d:e2:df:d0:df:34:3f:d6:90:
a9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1F:DA:4F:56:93:97:5D:79:FF:94:FA:E8:B8:9F:E4:F3:8F:55:F4
X509v3 Authority Key Identifier:
keyid:99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/Nx_aT1aTl115_5T66Lif5POPVfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/mVXFpxN-tdR-ok4X0n-pLQtC-9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.74.0.0/16
77.69.38.0/24
185.158.220.0/22
195.46.0.0/19
195.97.52.0/24
213.249.0.0/18
Signature Algorithm: sha256WithRSAEncryption
82:31:bf:14:63:47:53:28:fc:fc:c6:8d:5d:c1:2d:4f:03:df:
b5:5c:f8:52:f9:bf:43:56:30:6a:c5:4b:66:2a:e6:03:ec:13:
c1:4e:f3:8f:fa:63:0b:f2:83:c0:a0:6f:9f:5e:f0:02:b5:86:
12:61:0e:ef:79:8f:49:13:ef:4e:5e:b9:e9:04:a1:e2:09:8a:
e1:b0:5e:60:bb:e0:e8:44:1b:56:f9:ac:99:7c:a0:5d:ce:31:
6c:f0:00:5a:c2:08:15:d1:ce:9a:21:2f:9d:8d:8c:64:a4:22:
fd:32:09:55:7e:36:12:90:5b:24:38:7d:0c:c5:8f:71:0e:63:
24:c4:64:4a:3d:f5:7f:18:fc:f5:dd:e9:8f:81:5a:cb:c2:9a:
b7:1b:21:c9:17:65:3e:64:6f:85:3a:fd:d6:a8:1e:f5:e3:af:
4d:91:99:22:c9:a9:ec:3f:fb:36:cb:38:e0:e2:23:c2:9e:03:
3d:57:7d:d5:4e:ca:da:14:7b:ab:73:01:87:e9:22:ac:02:eb:
48:23:fa:5a:53:01:28:e0:ba:98:97:a0:04:3d:1d:79:52:f7:
0f:5a:40:58:fb:36:b0:7e:bf:9f:b1:2c:dd:b0:1f:0a:ee:7a:
80:f3:14:e9:71:29:6a:1e:51:29:cc:f9:f6:23:e1:98:67:fc:
f4:41:ea:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBR/08TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTU1YzVhNzEzN2ViNWQ0N2VhMjRlMTdkMjdmYTkyZDBiNDJmYmQ4MB4XDTIyMDEw
MTEyMDM1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzcxZmRhNGY1Njkz
OTc1ZDc5ZmY5NGZhZThiODlmZTRmMzhmNTVmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRpM7/K6nxsrB1w/CxcPPYrI5ijUozPDIIbSWYkeRceLzlJ
iFzzoxLQbSmsmD2f1njendib2vbby59LsSurWUmXvxowojAGHUy1AxJqTAAl3vRn
n9zS5oCgf4bIfSJpGeHWILwso/j7VFwK3mZG77lh1eAK7TwT01i0c3XhHk3OhY1I
Z1MncefH7JxLz0NdIxTtKEI/+gtYzo3DtrimBmGve6OHxtwD6OLbyPq7ZLLfiniS
yG/bRAdMs+8ETFas5+uICY98S9nM+KtaV/+JjJ5MI+he9Pqn/GAoQE4ObhWE1eU4
795HQ2MV6luLbiHpEagVZ0jFXeLf0N80P9aQqUMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQ3H9pPVpOXXXn/lProuJ/k849V9DAfBgNVHSMEGDAWgBSZVcWnE3611H6i
ThfSf6ktC0L72DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21WWEZweE4tdGRSLW9rNFgwbi1wTFF0Qy05Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOTQ1M2EwLWU2NTUtNDgwZS1iNmE5LWUzOTUyNGU3YTZlZC8x
L054X2FUMWFUbDExNV81VDY2TGlmNVBPUFZmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OTQ1M2EwLWU2NTUtNDgwZS1iNmE5LWUzOTUyNGU3YTZlZC8xL21WWEZweE4tdGRS
LW9rNFgwbi1wTFF0Qy05Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswKQQCAAEwIwMDAD5KAwQATUUmAwQCuZ7cAwQFwy4A
AwQAw2E0AwQG1fkAMA0GCSqGSIb3DQEBCwUAA4IBAQCCMb8UY0dTKPz8xo1dwS1P
A9+1XPhS+b9DVjBqxUtmKuYD7BPBTvOP+mML8oPAoG+fXvACtYYSYQ7veY9JE+9O
XrnpBKHiCYrhsF5gu+DoRBtW+ayZfKBdzjFs8ABawggV0c6aIS+djYxkpCL9MglV
fjYSkFskOH0MxY9xDmMkxGRKPfV/GPz13emPgVrLwpq3GyHJF2U+ZG+FOv3WqB71
469NkZkiyansP/s2yzjg4iPCngM9V33VTsraFHurcwGH6SKsAutII/paUwEo4LqY
l6AEPR15UvcPWkBY+zawfr+fsSzdsB8K7nqA8xTpcSlqHlEpzPn2I+GYZ/z0QeoP
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:33 2023 by rpki-client on console.sobornost.net