Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/NOlgagBTqiK5kTjCjyPGgxPUWRA.roa
File: NOlgagBTqiK5kTjCjyPGgxPUWRA.roa (raw, json)
Hash identifier: bhzCl8DyMHmGE+jNIUq+uIJEXVG29iK1nq2MX01HKQs=
Subject key identifier: 34:E9:60:6A:00:53:AA:22:B9:91:38:C2:8F:23:C6:83:13:D4:59:10
Certificate issuer: /CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Certificate serial: 018555F97DE844344B5F42C41F315A9FB0ED
Authority key identifier: CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/NOlgagBTqiK5kTjCjyPGgxPUWRA.roa
Signing time: Tue 27 Dec 2022 23:44:52 +0000
ROA not before: Tue 27 Dec 2022 23:44:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39923
IP address blocks: 161.199.31.0/24 maxlen: 24
2a0f:efc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:55:f9:7d:e8:44:34:4b:5f:42:c4:1f:31:5a:9f:b0:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Validity
Not Before: Dec 27 23:44:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34e9606a0053aa22b99138c28f23c68313d45910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:56:16:c2:3e:ff:bd:56:68:b3:d5:99:f8:81:
0a:d2:d7:7b:bf:31:2d:9d:5d:6f:71:6b:6a:67:96:
58:2c:db:14:ca:a1:f9:f9:bc:c2:c0:8d:7d:d2:22:
99:1a:55:7b:7a:e4:d7:f9:2b:ec:e3:b2:3a:34:e4:
06:f6:7d:04:fc:b8:6b:9b:35:c8:f0:fa:cc:36:b8:
17:b3:dd:89:d8:59:13:b8:3b:54:e0:34:85:8c:cc:
d6:50:07:97:cd:ab:e1:41:1c:d9:c7:44:8d:13:b3:
7e:b0:af:bd:83:ad:fe:c0:5a:87:df:58:ab:aa:c2:
a6:4d:a9:5a:a7:b2:d0:45:94:b8:86:09:f1:61:ff:
47:ab:dd:fc:4b:d3:94:1e:7a:b8:33:b8:f2:6c:88:
46:6f:7e:10:f2:68:76:f3:fc:c8:d2:68:44:56:d5:
df:d6:72:18:2e:a0:3b:d9:08:21:78:12:15:79:3b:
67:2a:05:58:1a:23:9e:b1:4b:6a:6c:39:16:0a:d3:
c5:a0:e1:30:40:88:c0:a6:8a:00:30:50:c1:81:b9:
ad:c3:4f:e0:49:df:75:22:1d:20:24:fe:ec:5d:53:
2f:3d:87:2c:2c:ea:d3:42:1c:7f:9d:03:fd:20:11:
fe:a2:3b:03:cb:41:a3:c5:6e:3d:f5:e6:ba:d0:29:
c5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E9:60:6A:00:53:AA:22:B9:91:38:C2:8F:23:C6:83:13:D4:59:10
X509v3 Authority Key Identifier:
keyid:CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/NOlgagBTqiK5kTjCjyPGgxPUWRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/ynSM0AzX_mohdVr2QtiBuN2aOfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.199.31.0/24
IPv6:
2a0f:efc1::/32
Signature Algorithm: sha256WithRSAEncryption
6a:f0:ac:f3:46:4b:ed:be:51:c6:c1:c6:13:7c:1b:21:f8:d5:
07:0f:28:72:f0:40:99:5c:8b:7d:12:3b:29:fd:f0:6d:69:f1:
40:72:cf:4c:6d:7a:b0:9f:ee:66:64:95:3c:c7:e8:f4:d6:1e:
4a:ea:3b:2b:f6:c3:d1:ed:81:e6:69:5c:69:a7:de:3f:70:bb:
ab:22:52:1f:45:1e:6b:cb:06:c4:15:2e:b6:01:89:18:82:aa:
93:94:a6:82:a0:f3:60:b6:78:e3:ab:e2:d5:f6:b4:b8:ec:66:
6c:9f:bc:dc:63:1d:66:ef:67:09:a1:ff:c9:72:af:75:b1:37:
59:b2:2f:85:34:f2:9f:39:75:ac:09:f5:1d:9d:0f:a8:dc:08:
3b:4f:86:7c:0e:74:92:69:a2:a4:a5:92:4b:a9:a1:8c:b5:07:
80:ef:cf:3e:b1:08:ea:20:88:5e:24:56:cb:a2:40:0d:07:f1:
79:37:05:0d:50:bd:38:3c:af:48:3f:0d:9f:8a:08:0a:6c:7c:
17:c1:17:d2:a6:be:7f:e1:f4:87:05:5d:47:aa:b9:e4:34:1d:
d3:b1:c4:23:da:ff:b3:67:3c:f0:8d:7e:0c:f6:9b:a3:db:21:
e4:b5:38:74:e3:97:84:b4:b0:50:52:a6:b4:8c:65:e6:28:fd:
9b:8b:a6:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVV+X3oRDRLX0LEHzFan7DtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzQ4Y2QwMGNkN2ZlNmEyMTc1NWFmNjQyZDg4MWI4ZGQ5
YTM5ZjcwHhcNMjIxMjI3MjM0NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU5NjA2YTAwNTNhYTIyYjk5MTM4YzI4ZjIzYzY4MzEzZDQ1OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlYWwj7/vVZos9WZ+IEK0td7vzEt
nV1vcWtqZ5ZYLNsUyqH5+bzCwI190iKZGlV7euTX+Svs47I6NOQG9n0E/LhrmzXI
8PrMNrgXs92J2FkTuDtU4DSFjMzWUAeXzavhQRzZx0SNE7N+sK+9g63+wFqH31ir
qsKmTalap7LQRZS4hgnxYf9Hq938S9OUHnq4M7jybIhGb34Q8mh28/zI0mhEVtXf
1nIYLqA72QgheBIVeTtnKgVYGiOesUtqbDkWCtPFoOEwQIjApooAMFDBgbmtw0/g
Sd91Ih0gJP7sXVMvPYcsLOrTQhx/nQP9IBH+ojsDy0GjxW499ea60CnFTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDTpYGoAU6oiuZE4wo8jxoMT1FkQMB8GA1UdIwQY
MBaAFMp0jNAM1/5qIXVa9kLYgbjdmjn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgt
MmEzZGY5YjMzMzEzLzEvTk9sZ2FnQlRxaUs1a1RqQ2p5UEdneFBVV1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgtMmEzZGY5YjMzMzEz
LzEveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAoccfMA0E
AgACMAcDBQAqD+/BMA0GCSqGSIb3DQEBCwUAA4IBAQBq8KzzRkvtvlHGwcYTfBsh
+NUHDyhy8ECZXIt9Ejsp/fBtafFAcs9MbXqwn+5mZJU8x+j01h5K6jsr9sPR7YHm
aVxpp94/cLurIlIfRR5rywbEFS62AYkYgqqTlKaCoPNgtnjjq+LV9rS47GZsn7zc
Yx1m72cJof/Jcq91sTdZsi+FNPKfOXWsCfUdnQ+o3Ag7T4Z8DnSSaaKkpZJLqaGM
tQeA788+sQjqIIheJFbLokANB/F5NwUNUL04PK9IPw2figgKbHwXwRfSpr5/4fSH
BV1HqrnkNB3TscQj2v+zZzzwjX4M9puj2yHktTh045eEtLBQUqa0jGXmKP2bi6bU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:34 2024 by rpki-client on console-ams.rpki-client.org