Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nHBNeDwXEoJSqwAib6d8laG4n8g.roa
File: nHBNeDwXEoJSqwAib6d8laG4n8g.roa (raw, json)
Hash identifier: VqNLZ1jW/SXvqe5tCU+WptqQBdDbmwajxJBZETJ28KM=
Subject key identifier: 9C:70:4D:78:3C:17:12:82:52:AB:00:22:6F:A7:7C:95:A1:B8:9F:C8
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01853F1C616F3D1CCA829C388E0F4DC2937B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nHBNeDwXEoJSqwAib6d8laG4n8g.roa
Signing time: Fri 23 Dec 2022 13:11:42 +0000
ROA not before: Fri 23 Dec 2022 13:11:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 82.115.0.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:1c:61:6f:3d:1c:ca:82:9c:38:8e:0f:4d:c2:93:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 23 13:11:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c704d783c17128252ab00226fa77c95a1b89fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:16:90:67:e2:f1:0d:be:80:1e:ce:50:0c:bf:
9f:9a:c6:39:4d:dc:d1:5a:23:88:3e:c9:f3:6e:fd:
fe:7f:ad:a8:67:06:9a:f8:ec:44:cf:84:02:72:fd:
41:6e:94:84:22:e0:58:0d:1e:88:b5:66:70:6d:15:
f8:36:5a:e8:83:5f:5d:01:58:59:48:1d:c9:e0:fa:
a4:32:0c:d5:25:27:4c:68:f5:6f:22:46:fe:b6:c2:
48:3c:0a:23:5e:27:6d:c3:6c:ff:2c:e1:a8:9f:f3:
3f:61:bc:5c:30:75:d0:ed:dc:b9:45:8d:b7:94:2f:
c2:9b:1b:59:6b:11:42:49:e5:29:42:8f:c2:2c:27:
75:55:99:31:ee:bc:6b:e4:16:b6:2d:39:32:a2:b7:
49:2f:a5:7d:d6:97:3d:9c:4a:d4:b7:6a:9d:c6:b2:
12:d3:90:52:3d:65:10:9c:77:41:02:9a:e8:08:26:
8f:57:12:93:eb:fd:c7:d9:be:5d:cf:20:02:3d:f0:
7d:32:fc:fd:fd:e1:28:1d:37:8a:40:0d:2a:55:6c:
d2:c8:a6:0f:74:49:36:26:63:5e:e2:98:f2:70:76:
80:09:09:46:ea:ae:5d:fb:1e:43:f1:22:e9:1e:0e:
95:02:92:16:5a:c2:44:9c:a6:c0:fa:d3:df:6b:f6:
5c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:70:4D:78:3C:17:12:82:52:AB:00:22:6F:A7:7C:95:A1:B8:9F:C8
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nHBNeDwXEoJSqwAib6d8laG4n8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.0.0/21
Signature Algorithm: sha256WithRSAEncryption
41:64:33:26:5b:93:29:88:f4:c6:f6:79:0a:1f:15:17:0c:35:
dc:65:90:dd:b6:3e:61:e4:c3:bb:3b:e5:82:f4:1c:ca:4d:ba:
8d:a1:75:56:96:67:37:9e:0c:8b:5a:ce:4a:5f:5f:98:2b:09:
61:cc:09:6d:77:9e:f5:2e:49:94:a9:9b:b2:19:7b:04:06:a4:
0b:09:aa:67:78:ce:c2:af:01:57:19:2d:f4:d9:7f:c8:d5:ea:
cd:34:cb:68:4b:3d:3f:46:6e:48:b6:70:e5:98:bd:0e:5f:1f:
e9:3d:21:55:37:8d:6f:55:bf:12:b0:6f:d0:03:c0:57:a8:bc:
cf:2c:f2:f1:5c:87:d5:85:be:ae:b7:12:da:f4:17:19:c8:49:
a7:35:9a:5a:97:65:73:73:16:7a:a2:27:21:ba:77:f0:f2:ed:
89:ad:7c:a1:3f:f9:3b:2a:c5:bb:ad:46:ef:72:59:2c:62:0e:
74:72:a1:ea:41:79:4d:37:b2:3b:56:d1:d9:49:ca:78:e2:83:
ae:2b:ff:96:c1:8f:c2:9d:d1:52:72:f8:15:8a:8a:64:0f:43:
ec:51:e1:46:49:63:fd:ac:4c:05:2e:e5:cd:b1:fb:5d:2b:0d:
e9:84:23:96:ff:c6:94:02:71:03:dd:76:4e:98:b3:cd:30:a4:
2b:00:6e:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU/HGFvPRzKgpw4jg9NwpN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIxMjIzMTMxMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzcwNGQ3ODNjMTcxMjgyNTJhYjAwMjI2ZmE3N2M5NWExYjg5ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRaQZ+LxDb6AHs5QDL+fmsY5TdzR
WiOIPsnzbv3+f62oZwaa+OxEz4QCcv1BbpSEIuBYDR6ItWZwbRX4Nlrog19dAVhZ
SB3J4PqkMgzVJSdMaPVvIkb+tsJIPAojXidtw2z/LOGon/M/YbxcMHXQ7dy5RY23
lC/CmxtZaxFCSeUpQo/CLCd1VZkx7rxr5Ba2LTkyordJL6V91pc9nErUt2qdxrIS
05BSPWUQnHdBAproCCaPVxKT6/3H2b5dzyACPfB9Mvz9/eEoHTeKQA0qVWzSyKYP
dEk2JmNe4pjycHaACQlG6q5d+x5D8SLpHg6VApIWWsJEnKbA+tPfa/ZcSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxwTXg8FxKCUqsAIm+nfJWhuJ/IMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbkhCTmVEd1hFb0pTcXdBaWI2ZDhsYUc0bjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUnMAMA0G
CSqGSIb3DQEBCwUAA4IBAQBBZDMmW5MpiPTG9nkKHxUXDDXcZZDdtj5h5MO7O+WC
9BzKTbqNoXVWlmc3ngyLWs5KX1+YKwlhzAltd571LkmUqZuyGXsEBqQLCapneM7C
rwFXGS302X/I1erNNMtoSz0/Rm5ItnDlmL0OXx/pPSFVN41vVb8SsG/QA8BXqLzP
LPLxXIfVhb6utxLa9BcZyEmnNZpal2VzcxZ6oichunfw8u2JrXyhP/k7KsW7rUbv
clksYg50cqHqQXlNN7I7VtHZScp44oOuK/+WwY/CndFScvgViopkD0PsUeFGSWP9
rEwFLuXNsftdKw3phCOW/8aUAnED3XZOmLPNMKQrAG56
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org