Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NHQ42E6jMaq7AzqEe2vLrZ_CAYk.roa
File: NHQ42E6jMaq7AzqEe2vLrZ_CAYk.roa (raw, json)
Hash identifier: qn3OKbvYRa6js4YY+WoarwgtshI6FhrTQU3p95V1PSI=
Subject key identifier: 34:74:38:D8:4E:A3:31:AA:BB:03:3A:84:7B:6B:CB:AD:9F:C2:01:89
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0BF4D954
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NHQ42E6jMaq7AzqEe2vLrZ_CAYk.roa
Signing time: Thu 27 Jan 2022 13:24:25 +0000
ROA not before: Thu 27 Jan 2022 13:24:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.233.144.0/24 maxlen: 24
194.233.151.0/24 maxlen: 24
194.163.90.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200595796 (0xbf4d954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 27 13:24:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=347438d84ea331aabb033a847b6bcbad9fc20189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:74:17:eb:75:6c:26:d9:f4:a8:4b:a2:16:99:
ee:0e:ee:1b:e4:56:c5:ab:26:36:a5:4b:20:b8:64:
57:d2:ec:74:b5:c6:04:47:29:b2:a8:48:0b:be:9f:
82:47:9d:b6:01:e2:b4:98:0f:57:bd:85:40:f6:1d:
fc:27:d7:ac:51:28:30:35:37:db:d1:4d:5c:fe:85:
b7:33:d4:fd:5b:fe:c0:7b:1d:a9:bc:3e:3e:0e:14:
2c:14:a0:4e:da:d1:c1:5d:34:79:b0:d6:63:33:c0:
a7:1c:6e:a3:13:d3:26:7a:d7:b0:3e:4e:02:04:bc:
45:ef:97:b4:ac:f0:79:be:d0:2b:18:a2:f3:32:6b:
c6:34:45:ff:4b:d5:e7:cf:cf:87:9a:db:95:a3:02:
aa:e0:1a:8c:95:82:a4:52:0f:d2:ab:24:a7:b0:bd:
0a:c1:4d:48:d1:27:78:57:4e:b1:a3:93:e3:88:bc:
7c:d6:a4:ae:d1:83:41:da:08:8d:52:86:d8:1b:f2:
5d:bd:33:dc:f5:42:f5:0a:9f:d8:6d:28:21:66:5b:
69:91:e0:fc:91:5e:5d:3c:f1:76:a0:cf:58:b6:75:
e4:9b:5f:24:70:c1:de:20:04:51:93:6b:78:72:d6:
b1:86:ad:25:bd:f8:ce:b7:3e:4b:e5:b3:46:42:fe:
9c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:74:38:D8:4E:A3:31:AA:BB:03:3A:84:7B:6B:CB:AD:9F:C2:01:89
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NHQ42E6jMaq7AzqEe2vLrZ_CAYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.90.0/24
194.163.92.0/24
194.233.144.0/24
194.233.151.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b9:64:a0:ad:dc:79:7f:f5:00:42:0f:59:f1:7d:08:89:d2:
e3:ad:ed:03:9f:94:e0:e5:7b:f6:35:1a:37:c2:28:31:38:78:
53:8b:56:44:f9:67:d5:6a:ef:d4:84:b5:82:11:87:d6:d7:00:
66:d6:14:aa:4b:7e:0c:ec:90:e0:f5:2b:d6:a8:8e:03:bc:a9:
75:e0:9c:93:cd:af:00:23:35:bb:3c:23:e6:c1:08:ea:24:3d:
8d:c2:b2:be:7f:12:df:fe:b3:81:66:bc:76:12:09:bb:45:1a:
06:f4:ae:34:6f:6a:f4:fe:ba:54:42:77:d5:d4:88:93:4b:8d:
1e:d8:30:88:fe:74:25:22:26:cf:9c:80:02:69:ec:8f:92:40:
88:d5:8f:d5:08:29:48:3d:04:5e:b1:87:51:b4:1f:d0:15:ae:
e5:99:ff:1a:36:36:ec:6e:7b:9f:e8:63:4a:fe:23:bc:94:f9:
08:39:74:0b:51:bf:2e:3d:2b:c5:05:61:ff:f4:ab:56:a7:35:
ed:26:f0:93:f3:3f:39:de:af:38:36:7c:94:ce:e6:1e:5d:3f:
71:90:39:6d:05:83:a2:db:f3:3d:8b:97:e3:5e:48:a2:b3:c8:
6e:e1:5f:ad:50:73:10:83:6d:5b:4a:a9:32:c0:95:d1:b0:ab:
9b:51:53:2c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEC/TZVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDEy
NzEzMjQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ3NDM4ZDg0ZWEz
MzFhYWJiMDMzYTg0N2I2YmNiYWQ5ZmMyMDE4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJl0F+t1bCbZ9KhLohaZ7g7uG+RWxasmNqVLILhkV9LsdLXG
BEcpsqhIC76fgkedtgHitJgPV72FQPYd/CfXrFEoMDU329FNXP6FtzPU/Vv+wHsd
qbw+Pg4ULBSgTtrRwV00ebDWYzPApxxuoxPTJnrXsD5OAgS8Re+XtKzweb7QKxii
8zJrxjRF/0vV58/Ph5rblaMCquAajJWCpFIP0qskp7C9CsFNSNEneFdOsaOT44i8
fNakrtGDQdoIjVKG2BvyXb0z3PVC9Qqf2G0oIWZbaZHg/JFeXTzxdqDPWLZ15Jtf
JHDB3iAEUZNreHLWsYatJb34zrc+S+WzRkL+nBcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ0dDjYTqMxqrsDOoR7a8utn8IBiTAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L05IUTQyRTZqTWFxN0F6cUVlMnZMclpfQ0FZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMKjWgMEAMKjXAMEAMLpkAMEAMLp
lzANBgkqhkiG9w0BAQsFAAOCAQEAWLlkoK3ceX/1AEIPWfF9CInS463tA5+U4OV7
9jUaN8IoMTh4U4tWRPln1Wrv1IS1ghGH1tcAZtYUqkt+DOyQ4PUr1qiOA7ypdeCc
k82vACM1uzwj5sEI6iQ9jcKyvn8S3/6zgWa8dhIJu0UaBvSuNG9q9P66VEJ31dSI
k0uNHtgwiP50JSImz5yAAmnsj5JAiNWP1QgpSD0EXrGHUbQf0BWu5Zn/GjY27G57
n+hjSv4jvJT5CDl0C1G/Lj0rxQVh//SrVqc17Sbwk/M/Od6vODZ8lM7mHl0/cZA5
bQWDotvzPYuX415IorPIbuFfrVBzEINtW0qpMsCV0bCrm1FTLA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org