Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/NS4jyFNprAllhqr3A8M38RxaTWM.roa
File: NS4jyFNprAllhqr3A8M38RxaTWM.roa (raw, json)
Hash identifier: D5y+rUX9vJTSGo9YyuqERImCt1qiku800QqXYgmi/Cs=
Subject key identifier: 35:2E:23:C8:53:69:AC:09:65:86:AA:F7:03:C3:37:F1:1C:5A:4D:63
Certificate issuer: /CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Certificate serial: 0182674137AFA6EA5FF3D25DF89C003CDEBD
Authority key identifier: EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/NS4jyFNprAllhqr3A8M38RxaTWM.roa
Signing time: Thu 04 Aug 2022 05:08:23 +0000
ROA not before: Thu 04 Aug 2022 05:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2635
IP address blocks: 185.138.28.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:41:37:af:a6:ea:5f:f3:d2:5d:f8:9c:00:3c:de:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4d0394084f7e4062609728f4d4d57b06455a56
Validity
Not Before: Aug 4 05:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=352e23c85369ac096586aaf703c337f11c5a4d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:25:4b:c2:aa:c7:a0:4e:56:ae:c0:82:b1:
54:1d:13:ac:bc:73:7f:1f:34:3d:e7:a3:e6:c5:21:
62:6a:7b:9f:61:b9:4a:66:72:fa:4b:4b:80:15:9d:
80:b1:33:80:a8:28:e4:86:b9:bb:6f:29:96:29:26:
0c:7c:12:59:22:28:8d:83:3c:0c:a7:71:bf:a3:69:
42:1b:25:e1:fc:e2:81:49:64:c5:db:8e:61:00:73:
43:db:89:a3:14:84:6d:cf:23:d3:9a:9d:4d:9f:af:
fb:3f:43:8c:b9:5d:23:00:f3:c0:79:8f:ba:a2:c3:
22:1f:3a:7e:7b:a1:75:3f:df:81:9c:ef:28:ab:b0:
0e:20:ae:50:fe:3c:97:05:97:9d:27:3f:c7:b5:4e:
a8:6c:ef:cc:d9:84:eb:84:29:0f:90:b9:ae:8e:d9:
d4:5a:ed:31:3d:32:26:b7:d2:c3:b8:a0:4a:db:5e:
48:75:37:ff:a8:91:73:1b:c9:1c:9d:0a:c4:1a:14:
73:16:e5:4a:66:81:c5:2c:0b:01:d9:9b:1d:16:33:
82:fe:5b:66:f7:c0:f0:1d:51:7f:c3:1a:52:96:38:
3a:b9:b0:c9:f8:00:b3:c3:a5:82:17:fe:c8:fe:f9:
ff:48:85:9e:3e:99:34:7d:5f:7a:76:7b:14:5e:d2:
2e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2E:23:C8:53:69:AC:09:65:86:AA:F7:03:C3:37:F1:1C:5A:4D:63
X509v3 Authority Key Identifier:
keyid:EC:4D:03:94:08:4F:7E:40:62:60:97:28:F4:D4:D5:7B:06:45:5A:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7E0DlAhPfkBiYJco9NTVewZFWlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/NS4jyFNprAllhqr3A8M38RxaTWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/236610-2448-423b-9bca-268ced8435b5/1/7E0DlAhPfkBiYJco9NTVewZFWlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.28.0/22
Signature Algorithm: sha256WithRSAEncryption
72:a8:ba:37:91:d1:1a:ce:f4:6e:12:b5:e8:c9:64:5c:e8:e1:
c9:80:10:c4:b3:7e:1a:0c:b1:a5:e6:50:89:de:73:65:b0:4b:
34:ef:7a:15:5b:07:ed:ec:78:38:24:ac:c5:26:b5:a4:e6:53:
c4:7b:d5:cb:a5:85:88:3b:e9:80:29:bb:3a:11:42:16:cc:e7:
04:ad:ef:b8:a5:ba:5a:4e:68:6a:70:94:5b:16:72:6e:b6:67:
39:5d:60:c0:dc:23:4e:6b:59:af:ad:12:c7:80:94:73:af:f6:
14:3b:49:89:82:f9:eb:d4:03:a1:ab:51:0b:76:7f:99:50:af:
02:7d:d5:52:15:f5:a1:b1:7a:27:96:26:ff:67:bb:cd:1c:cc:
62:27:a3:a9:6f:5d:6c:01:6d:fc:7d:e2:18:18:15:11:86:bf:
3d:30:08:d3:0b:ae:8b:3a:fd:3f:bb:c7:d5:79:9d:8f:c5:58:
00:2c:38:83:2e:33:fc:70:7f:df:a4:50:9a:27:33:e0:f8:e3:
47:93:ab:b5:02:0c:1d:5b:c4:80:a3:e8:7b:21:ab:04:79:e4:
8b:18:e8:7d:cf:5d:b8:b0:7a:57:f3:b3:91:9c:d2:ab:dc:46:
ca:c6:05:07:10:6d:69:5a:6c:d1:95:25:9d:ed:0b:b9:30:84:
1a:2c:9a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJnQTevpupf89Jd+JwAPN69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGQwMzk0MDg0ZjdlNDA2MjYwOTcyOGY0ZDRkNTdiMDY0
NTVhNTYwHhcNMjIwODA0MDUwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTJlMjNjODUzNjlhYzA5NjU4NmFhZjcwM2MzMzdmMTFjNWE0ZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApR8lS8Kqx6BOVq7AgrFUHROsvHN/
HzQ956PmxSFianufYblKZnL6S0uAFZ2AsTOAqCjkhrm7bymWKSYMfBJZIiiNgzwM
p3G/o2lCGyXh/OKBSWTF245hAHND24mjFIRtzyPTmp1Nn6/7P0OMuV0jAPPAeY+6
osMiHzp+e6F1P9+BnO8oq7AOIK5Q/jyXBZedJz/HtU6obO/M2YTrhCkPkLmujtnU
Wu0xPTImt9LDuKBK215IdTf/qJFzG8kcnQrEGhRzFuVKZoHFLAsB2ZsdFjOC/ltm
98DwHVF/wxpSljg6ubDJ+ACzw6WCF/7I/vn/SIWePpk0fV96dnsUXtIu0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUuI8hTaawJZYaq9wPDN/EcWk1jMB8GA1UdIwQY
MBaAFOxNA5QIT35AYmCXKPTU1XsGRVpWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0UwRGxBaFBma0JpWUpjbzlOVFZld1pGV2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8yMzY2MTAtMjQ0OC00MjNiLTliY2Et
MjY4Y2VkODQzNWI1LzEvTlM0anlGTnByQWxsaHFyM0E4TTM4UnhhVFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8yMzY2MTAtMjQ0OC00MjNiLTliY2EtMjY4Y2VkODQzNWI1
LzEvN0UwRGxBaFBma0JpWUpjbzlOVFZld1pGV2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYocMA0G
CSqGSIb3DQEBCwUAA4IBAQByqLo3kdEazvRuErXoyWRc6OHJgBDEs34aDLGl5lCJ
3nNlsEs073oVWwft7Hg4JKzFJrWk5lPEe9XLpYWIO+mAKbs6EUIWzOcEre+4pbpa
TmhqcJRbFnJutmc5XWDA3CNOa1mvrRLHgJRzr/YUO0mJgvnr1AOhq1ELdn+ZUK8C
fdVSFfWhsXonlib/Z7vNHMxiJ6Opb11sAW38feIYGBURhr89MAjTC66LOv0/u8fV
eZ2PxVgALDiDLjP8cH/fpFCaJzPg+ONHk6u1AgwdW8SAo+h7IasEeeSLGOh9z124
sHpX87ORnNKr3EbKxgUHEG1pWmzRlSWd7Qu5MIQaLJoE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:10 2024 by rpki-client on console-fra.rpki-client.org