Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/nnS72wdCpsCTs8CvoYyNrgIn6kc.roa
File: nnS72wdCpsCTs8CvoYyNrgIn6kc.roa (raw, json)
Hash identifier: LRBgJOISEFsvd39FJS5s4mmsZ1DBzM3BVMBSRNE/C78=
Subject key identifier: 9E:74:BB:DB:07:42:A6:C0:93:B3:C0:AF:A1:8C:8D:AE:02:27:EA:47
Certificate issuer: /CN=81b14fae44dfa0e3349167433c924c9645739861
Certificate serial: 806392
Authority key identifier: 81:B1:4F:AE:44:DF:A0:E3:34:91:67:43:3C:92:4C:96:45:73:98:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gbFPrkTfoOM0kWdDPJJMlkVzmGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/nnS72wdCpsCTs8CvoYyNrgIn6kc.roa
Signing time: Sat 29 Jan 2022 14:18:46 +0000
ROA not before: Sat 29 Jan 2022 14:18:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35297
IP address blocks: 62.68.74.0/24 maxlen: 24
2a12:c480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8414098 (0x806392)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81b14fae44dfa0e3349167433c924c9645739861
Validity
Not Before: Jan 29 14:18:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e74bbdb0742a6c093b3c0afa18c8dae0227ea47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c6:c7:f5:b9:b9:b6:01:50:e7:22:dd:e8:86:
6e:31:6f:69:27:03:7d:9d:26:78:aa:f2:32:e1:24:
0c:35:e1:ed:8a:ac:3a:4e:67:64:0e:9e:48:68:2a:
7a:b6:22:96:45:84:38:f4:40:8b:c9:c8:40:cd:c5:
cb:97:12:99:34:f8:da:e8:fc:ee:27:2e:41:f4:21:
58:f0:13:ca:76:76:fd:4d:90:cf:3d:c6:af:a6:91:
27:02:2f:73:bd:69:a1:ea:0b:79:d2:66:75:8b:5b:
fd:1e:59:af:1f:f0:11:31:3a:ef:07:e4:86:00:c8:
a4:7c:1d:c8:8e:d6:46:60:7b:16:4c:c9:e7:cb:24:
88:dc:ee:fb:a0:65:91:d7:d7:4f:6d:56:a5:e7:b3:
6c:fd:9e:20:7a:c7:8d:fe:a5:27:da:b9:ae:70:a4:
1e:52:12:6e:14:0f:a9:f1:89:db:d8:07:c0:09:69:
9a:10:b7:90:f9:05:0c:df:56:ec:d6:d7:be:ea:61:
e5:d1:eb:81:2b:80:52:ab:f4:68:a2:8b:5c:01:3c:
0e:7a:5a:16:01:7f:72:32:27:b1:a6:1a:1e:c2:c0:
8c:92:ec:e7:2f:f4:57:b3:ea:91:ad:30:b5:cb:4d:
74:c3:fa:6a:f1:59:cc:a6:cd:b0:ef:1c:b1:fe:81:
93:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:74:BB:DB:07:42:A6:C0:93:B3:C0:AF:A1:8C:8D:AE:02:27:EA:47
X509v3 Authority Key Identifier:
keyid:81:B1:4F:AE:44:DF:A0:E3:34:91:67:43:3C:92:4C:96:45:73:98:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbFPrkTfoOM0kWdDPJJMlkVzmGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/nnS72wdCpsCTs8CvoYyNrgIn6kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/5b1319-b987-4f94-b326-5769019fefb8/1/gbFPrkTfoOM0kWdDPJJMlkVzmGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.74.0/24
IPv6:
2a12:c480::/29
Signature Algorithm: sha256WithRSAEncryption
58:11:57:5f:6a:51:9a:eb:05:ae:d1:88:f9:f1:ce:d9:74:71:
3f:d9:1e:36:f4:55:df:d7:3a:4c:97:78:a1:d4:12:8f:38:32:
b8:3d:64:5c:13:fb:dc:f4:f6:58:74:b4:a0:1b:3d:02:80:d5:
56:f5:fc:7f:57:02:0e:3e:f0:61:22:79:36:22:54:0e:8e:01:
5e:9e:5d:ca:f3:97:1e:bb:b4:89:a7:8a:02:a7:a5:94:3a:fa:
66:d1:c3:a5:f4:e0:9c:a6:dd:d7:34:d1:96:2b:93:ab:93:84:
5b:9e:c0:4d:5c:cd:4b:0b:8f:00:b4:48:ee:d7:75:92:15:8b:
a6:1e:b2:ac:a2:7f:81:0c:06:a8:e4:ff:cd:67:a3:13:6d:92:
06:14:53:d1:cf:f2:09:55:81:98:aa:b8:7e:e1:99:04:c1:19:
e0:38:d0:b0:57:b0:74:13:c9:1a:77:12:18:c6:3b:80:8f:c6:
8c:f5:a3:19:b9:2e:3f:a1:48:e1:21:3f:7e:45:f1:b5:02:dc:
52:cd:e9:78:dc:34:a1:c2:81:9d:aa:29:c2:9d:b2:5a:d3:53:
56:bd:83:4f:6c:97:66:94:af:07:fe:e6:0a:c1:bc:b7:fa:1b:
d5:8a:97:8d:d9:ee:75:6d:d6:6d:41:dc:61:91:2e:27:96:8f:
2a:f9:fe:e1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAIBjkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWIxNGZhZTQ0ZGZhMGUzMzQ5MTY3NDMzYzkyNGM5NjQ1NzM5ODYxMB4XDTIyMDEy
OTE0MTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU3NGJiZGIwNzQy
YTZjMDkzYjNjMGFmYTE4YzhkYWUwMjI3ZWE0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7Gx/W5ubYBUOci3eiGbjFvaScDfZ0meKryMuEkDDXh7Yqs
Ok5nZA6eSGgqerYilkWEOPRAi8nIQM3Fy5cSmTT42uj87icuQfQhWPATynZ2/U2Q
zz3Gr6aRJwIvc71poeoLedJmdYtb/R5Zrx/wETE67wfkhgDIpHwdyI7WRmB7FkzJ
58skiNzu+6BlkdfXT21WpeezbP2eIHrHjf6lJ9q5rnCkHlISbhQPqfGJ29gHwAlp
mhC3kPkFDN9W7NbXvuph5dHrgSuAUqv0aKKLXAE8DnpaFgF/cjInsaYaHsLAjJLs
5y/0V7Pqka0wtctNdMP6avFZzKbNsO8csf6Bk5ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSedLvbB0KmwJOzwK+hjI2uAifqRzAfBgNVHSMEGDAWgBSBsU+uRN+g4zSR
Z0M8kkyWRXOYYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2diRlBya1Rmb09NMGtXZERQSkpNbGtWem1HRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvNWIxMzE5LWI5ODctNGY5NC1iMzI2LTU3NjkwMTlmZWZiOC8x
L25uUzcyd2RDcHNDVHM4Q3ZvWXlOcmdJbjZrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
NWIxMzE5LWI5ODctNGY5NC1iMzI2LTU3NjkwMTlmZWZiOC8xL2diRlBya1Rmb09N
MGtXZERQSkpNbGtWem1HRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAD5ESjANBAIAAjAHAwUDKhLEgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWBFXX2pRmusFrtGI+fHO2XRxP9keNvRV39c6TJd4
odQSjzgyuD1kXBP73PT2WHS0oBs9AoDVVvX8f1cCDj7wYSJ5NiJUDo4BXp5dyvOX
Hru0iaeKAqellDr6ZtHDpfTgnKbd1zTRliuTq5OEW57ATVzNSwuPALRI7td1khWL
ph6yrKJ/gQwGqOT/zWejE22SBhRT0c/yCVWBmKq4fuGZBMEZ4DjQsFewdBPJGncS
GMY7gI/GjPWjGbkuP6FI4SE/fkXxtQLcUs3peNw0ocKBnaopwp2yWtNTVr2DT2yX
ZpSvB/7mCsG8t/ob1YqXjdnudW3WbUHcYZEuJ5aPKvn+4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:50 2024 by rpki-client on console-fra.rpki-client.org