Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/nVifSvDTpJWeR_phhrO_O0DOc8Y.roa
File: nVifSvDTpJWeR_phhrO_O0DOc8Y.roa (raw, json)
Hash identifier: KNX1njU/Yw5btccQ0bvva8zn+pw0cGS4Icdd6AUzyjY=
Subject key identifier: 9D:58:9F:4A:F0:D3:A4:95:9E:47:FA:61:86:B3:BF:3B:40:CE:73:C6
Certificate issuer: /CN=344f5eb0efc517d6caaeb7c74a847f965c0e14d9
Certificate serial: 03E0EF71
Authority key identifier: 34:4F:5E:B0:EF:C5:17:D6:CA:AE:B7:C7:4A:84:7F:96:5C:0E:14:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NE9esO_FF9bKrrfHSoR_llwOFNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/nVifSvDTpJWeR_phhrO_O0DOc8Y.roa
Signing time: Sat 01 Jan 2022 11:58:40 +0000
ROA not before: Sat 01 Jan 2022 11:58:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210773
IP address blocks: 185.252.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65073009 (0x3e0ef71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=344f5eb0efc517d6caaeb7c74a847f965c0e14d9
Validity
Not Before: Jan 1 11:58:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d589f4af0d3a4959e47fa6186b3bf3b40ce73c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d1:f5:23:7d:db:c1:99:91:ed:b3:a8:2e:a0:
0c:3b:94:9f:8a:0e:9a:41:bc:fd:2b:6e:fc:0e:56:
6f:22:fc:55:16:bd:c5:f7:72:a4:cd:80:5e:a9:57:
b2:e6:39:20:fe:87:7d:aa:bd:c4:ca:ed:29:f8:4d:
53:e0:4d:22:98:7a:30:9f:55:67:31:17:91:e7:e0:
b3:55:f8:a5:33:a4:03:d4:78:d3:e9:92:50:d2:0c:
40:22:c5:f3:2f:14:87:b8:d1:b7:f0:f5:9a:12:07:
f6:fc:96:44:d6:d8:4d:7e:5f:5c:f4:c1:27:a4:2c:
28:ff:b3:37:f2:18:34:e3:6e:9c:e6:d9:6a:55:81:
86:db:f2:d1:05:ef:7d:ca:2b:e9:a5:18:f3:91:25:
fa:97:b0:9e:43:e6:1e:3d:8c:8e:ac:2e:1f:91:4c:
34:c0:1f:65:59:41:ea:b6:50:43:df:fe:f8:ec:7c:
93:72:8d:54:c6:7e:25:3c:46:17:89:0b:61:bb:70:
36:a5:e9:aa:58:9f:3a:4c:b1:eb:94:de:19:d6:69:
06:3f:26:83:91:a3:3c:84:01:79:24:48:b4:c4:6e:
0f:fd:ed:02:14:73:f8:35:40:8d:95:73:92:03:2c:
cb:cc:bb:e9:b8:1f:c0:52:79:8a:ca:5e:e2:8f:cc:
d8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:58:9F:4A:F0:D3:A4:95:9E:47:FA:61:86:B3:BF:3B:40:CE:73:C6
X509v3 Authority Key Identifier:
keyid:34:4F:5E:B0:EF:C5:17:D6:CA:AE:B7:C7:4A:84:7F:96:5C:0E:14:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NE9esO_FF9bKrrfHSoR_llwOFNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/nVifSvDTpJWeR_phhrO_O0DOc8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b3f2e4-5177-48ae-955e-5d816a82c283/1/NE9esO_FF9bKrrfHSoR_llwOFNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:21:75:e8:d4:b1:a4:a4:50:a4:12:36:00:2f:c0:1f:d5:7f:
ed:9d:3e:5c:ad:91:eb:f6:5b:db:de:5f:0e:4b:42:11:76:f0:
f2:2d:a5:17:b5:58:70:5e:a0:6c:f0:cf:d3:61:8c:ef:e9:41:
cf:35:0b:77:75:98:56:b5:78:7e:a7:d9:7f:44:8b:eb:4a:8c:
ec:59:a8:85:9a:f9:4f:46:a0:83:46:e3:13:d1:ae:b9:4c:63:
5b:bb:c5:dd:8b:af:78:b0:cb:65:68:f8:42:a6:03:48:cc:27:
cd:14:fa:e8:26:76:f9:9f:d9:52:e6:05:8e:45:de:cd:ad:98:
41:3a:09:31:38:44:ee:28:da:85:d0:7a:51:31:64:62:56:f0:
5e:85:16:e7:d1:43:6d:49:98:dc:98:e4:af:f8:62:3f:a6:e9:
af:23:0c:a9:00:78:ba:3e:7c:77:a3:89:77:61:b4:f2:86:27:
6c:23:95:c6:e8:e6:d9:02:51:9c:72:ef:2f:64:4f:71:8c:0d:
e6:eb:a6:f6:1a:df:ac:04:f6:3f:04:a4:1d:28:66:ba:55:37:
d3:35:9e:08:f7:40:6e:88:a0:67:d1:68:54:37:79:98:5c:4b:
71:ce:3d:d0:95:98:8c:ba:cb:f8:ec:ff:75:48:aa:f4:71:e8:
4e:75:d0:10
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+DvcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDRmNWViMGVmYzUxN2Q2Y2FhZWI3Yzc0YTg0N2Y5NjVjMGUxNGQ5MB4XDTIyMDEw
MTExNTg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ1ODlmNGFmMGQz
YTQ5NTllNDdmYTYxODZiM2JmM2I0MGNlNzNjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDR9SN928GZke2zqC6gDDuUn4oOmkG8/Stu/A5WbyL8VRa9
xfdypM2AXqlXsuY5IP6Hfaq9xMrtKfhNU+BNIph6MJ9VZzEXkefgs1X4pTOkA9R4
0+mSUNIMQCLF8y8Uh7jRt/D1mhIH9vyWRNbYTX5fXPTBJ6QsKP+zN/IYNONunObZ
alWBhtvy0QXvfcor6aUY85El+pewnkPmHj2MjqwuH5FMNMAfZVlB6rZQQ9/++Ox8
k3KNVMZ+JTxGF4kLYbtwNqXpqlifOkyx65TeGdZpBj8mg5GjPIQBeSRItMRuD/3t
AhRz+DVAjZVzkgMsy8y76bgfwFJ5ispe4o/M2KcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSdWJ9K8NOklZ5H+mGGs787QM5zxjAfBgNVHSMEGDAWgBQ0T16w78UX1squ
t8dKhH+WXA4U2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05FOWVzT19GRjliS3JyZkhTb1JfbGx3T0ZOay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjNmMmU0LTUxNzctNDhhZS05NTVlLTVkODE2YTgyYzI4My8x
L25WaWZTdkRUcEpXZVJfcGhock9fTzBET2M4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
YjNmMmU0LTUxNzctNDhhZS05NTVlLTVkODE2YTgyYzI4My8xL05FOWVzT19GRjli
S3JyZkhTb1JfbGx3T0ZOay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn8HzANBgkqhkiG9w0BAQsFAAOC
AQEADCF16NSxpKRQpBI2AC/AH9V/7Z0+XK2R6/Zb295fDktCEXbw8i2lF7VYcF6g
bPDP02GM7+lBzzULd3WYVrV4fqfZf0SL60qM7FmohZr5T0agg0bjE9GuuUxjW7vF
3YuveLDLZWj4QqYDSMwnzRT66CZ2+Z/ZUuYFjkXeza2YQToJMThE7ijahdB6UTFk
YlbwXoUW59FDbUmY3Jjkr/hiP6bpryMMqQB4uj58d6OJd2G08oYnbCOVxujm2QJR
nHLvL2RPcYwN5uum9hrfrAT2PwSkHShmulU30zWeCPdAboigZ9FoVDd5mFxLcc49
0JWYjLrL+Oz/dUiq9HHoTnXQEA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org