Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/nr3WbfR6huMOQnVFE2UHecSnx5Q.roa
File: nr3WbfR6huMOQnVFE2UHecSnx5Q.roa (raw, json)
Hash identifier: 5Xl88s0h+AVU7h1wO2z5vqrRDUJCf3DZE19arCfPRWM=
Subject key identifier: 9E:BD:D6:6D:F4:7A:86:E3:0E:42:75:45:13:65:07:79:C4:A7:C7:94
Certificate issuer: /CN=29c2103fd2417c8869145617de94fcc913b085ef
Certificate serial: 01838ED3311C35F21E1C14899FCF8C43FA10
Authority key identifier: 29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/nr3WbfR6huMOQnVFE2UHecSnx5Q.roa
Signing time: Fri 30 Sep 2022 14:35:48 +0000
ROA not before: Fri 30 Sep 2022 14:35:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48504
IP address blocks: 45.134.192.0/22 maxlen: 24
176.53.128.0/22 maxlen: 24
46.247.160.0/19 maxlen: 24
94.247.160.0/21 maxlen: 24
185.12.96.0/22 maxlen: 24
37.26.176.0/21 maxlen: 24
94.143.80.0/21 maxlen: 24
185.50.76.0/22 maxlen: 24
185.48.48.0/22 maxlen: 24
2a01:9720::/32 maxlen: 48
2a03:bd00::/32 maxlen: 48
2a01:aa60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8e:d3:31:1c:35:f2:1e:1c:14:89:9f:cf:8c:43:fa:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c2103fd2417c8869145617de94fcc913b085ef
Validity
Not Before: Sep 30 14:35:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ebdd66df47a86e30e42754513650779c4a7c794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:73:da:f4:85:cb:0d:59:cb:7b:32:ee:5b:
d7:91:88:13:eb:85:2f:19:b8:2d:44:4c:ad:5e:89:
a4:eb:2a:c6:10:41:54:6b:78:d6:1b:0a:d2:cc:8f:
de:f8:3e:b5:d5:e7:aa:c5:59:28:7b:c5:65:50:c4:
27:8d:3c:fd:1b:47:74:3c:c0:e3:77:ba:21:a9:2d:
c9:18:65:10:0c:da:e8:0f:8e:81:81:b0:c7:bf:99:
22:dc:a2:d1:5b:69:33:e2:31:19:3b:ce:e0:77:fb:
48:10:fa:be:13:d4:d1:cd:7c:d3:69:91:02:dd:49:
c9:a8:1a:5a:42:2f:50:ed:eb:99:9e:3f:38:5f:86:
37:ee:94:95:f9:5e:1b:86:ea:75:3e:3a:e5:f1:f0:
e4:1b:58:37:8c:3b:c9:5a:12:54:82:e6:62:1f:84:
fa:8b:61:a0:f6:08:e2:27:16:41:ac:fc:63:b6:0d:
90:27:52:29:81:ae:67:3b:90:fb:b9:9e:01:f6:b0:
8c:15:2b:55:4c:69:72:6a:5e:2b:9d:7e:f9:21:75:
f8:5e:e0:63:c3:40:b9:79:6f:4b:45:dc:ad:7a:3e:
0b:21:ab:1b:71:f9:04:38:07:36:e3:a5:27:11:38:
01:de:21:d9:f1:ec:fe:66:a9:c0:1d:d6:0e:0c:2f:
c2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BD:D6:6D:F4:7A:86:E3:0E:42:75:45:13:65:07:79:C4:A7:C7:94
X509v3 Authority Key Identifier:
keyid:29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/nr3WbfR6huMOQnVFE2UHecSnx5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.176.0/21
45.134.192.0/22
46.247.160.0/19
94.143.80.0/21
94.247.160.0/21
176.53.128.0/22
185.12.96.0/22
185.48.48.0/22
185.50.76.0/22
IPv6:
2a01:9720::/32
2a01:aa60::/32
2a03:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
07:d2:ed:a4:1c:76:29:7a:31:8c:4f:95:dc:d3:7a:8b:5f:70:
b1:06:96:16:86:aa:05:05:92:c8:1c:fe:19:43:b4:e5:8f:68:
64:72:72:cd:6a:24:cf:a7:c7:18:a6:43:27:20:39:56:14:ed:
fb:e4:88:9f:8d:7e:d5:7a:e3:4f:87:ba:ac:2d:0b:2c:dc:ca:
94:85:07:c0:bc:45:4b:78:97:8a:2d:3f:2b:8d:45:ed:0a:62:
de:67:99:0b:cb:5d:6b:b5:82:8b:e2:25:06:08:4f:e9:68:75:
61:60:d5:34:41:76:2a:57:11:c6:04:09:ec:f3:88:1e:06:5b:
15:90:84:66:69:53:98:53:ae:fd:38:26:0a:86:09:31:70:33:
dd:75:1a:e2:65:ea:7a:a2:50:37:36:3c:5d:85:46:3b:ca:df:
38:03:f8:78:ba:5b:a1:d5:93:0e:58:6d:ff:7c:40:72:15:08:
5f:a7:43:93:5b:1c:9e:86:a2:99:e2:ae:12:86:26:b7:d1:a2:
66:df:d5:06:4d:f3:0e:3e:d7:d9:40:c2:b1:bd:06:1d:21:d2:
38:1b:6c:ea:0a:14:eb:37:79:e8:ad:a0:1f:0d:6e:0c:8d:b8:
c8:6c:bc:20:ce:28:68:f7:cb:47:a9:cb:78:bf:34:4a:64:be:
bc:ad:81:27
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYOO0zEcNfIeHBSJn8+MQ/oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzIxMDNmZDI0MTdjODg2OTE0NTYxN2RlOTRmY2M5MTNi
MDg1ZWYwHhcNMjIwOTMwMTQzNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWJkZDY2ZGY0N2E4NmUzMGU0Mjc1NDUxMzY1MDc3OWM0YTdjNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM1z2vSFyw1Zy3sy7lvXkYgT64Uv
GbgtREytXomk6yrGEEFUa3jWGwrSzI/e+D611eeqxVkoe8VlUMQnjTz9G0d0PMDj
d7ohqS3JGGUQDNroD46BgbDHv5ki3KLRW2kz4jEZO87gd/tIEPq+E9TRzXzTaZEC
3UnJqBpaQi9Q7euZnj84X4Y37pSV+V4bhup1Pjrl8fDkG1g3jDvJWhJUguZiH4T6
i2Gg9gjiJxZBrPxjtg2QJ1Ipga5nO5D7uZ4B9rCMFStVTGlyal4rnX75IXX4XuBj
w0C5eW9LRdytej4LIasbcfkEOAc246UnETgB3iHZ8ez+ZqnAHdYODC/CewIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFJ691m30eobjDkJ1RRNlB3nEp8eUMB8GA1UdIwQY
MBaAFCnCED/SQXyIaRRWF96U/MkTsIXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUt
OWQ1NjU3NTEzZTIwLzEvbnIzV2JmUjZodU1PUW5WRkUyVUhlY1NueDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUtOWQ1NjU3NTEzZTIw
LzEvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQDJRqwAwQC
LYbAAwQFLvegAwQDXo9QAwQDXvegAwQCsDWAAwQCuQxgAwQCuTAwAwQCuTJMMBsE
AgACMBUDBQAqAZcgAwUAKgGqYAMFACoDvQAwDQYJKoZIhvcNAQELBQADggEBAAfS
7aQcdil6MYxPldzTeotfcLEGlhaGqgUFksgc/hlDtOWPaGRycs1qJM+nxximQycg
OVYU7fvkiJ+NftV640+HuqwtCyzcypSFB8C8RUt4l4otPyuNRe0KYt5nmQvLXWu1
goviJQYIT+lodWFg1TRBdipXEcYECezziB4GWxWQhGZpU5hTrv04JgqGCTFwM911
GuJl6nqiUDc2PF2FRjvK3zgD+Hi6W6HVkw5Ybf98QHIVCF+nQ5NbHJ6GopnirhKG
JrfRombf1QZN8w4+19lAwrG9Bh0h0jgbbOoKFOs3eeitoB8NbgyNuMhsvCDOKGj3
y0epy3i/NEpkvrytgSc=
-----END CERTIFICATE-----
Generated at Tue Apr 29 14:12:05 2025 by rpki-client