Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NPf2HDsZFJ6VNBa-Y5I5oqu7lNc.roa
File: NPf2HDsZFJ6VNBa-Y5I5oqu7lNc.roa (raw, json)
Hash identifier: rU1VzKi60mPBI/vG7tnaaKQ+dQLggcPRvSoOcJifkFA=
Subject key identifier: 34:F7:F6:1C:3B:19:14:9E:95:34:16:BE:63:92:39:A2:AB:BB:94:D7
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0C250FB7
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NPf2HDsZFJ6VNBa-Y5I5oqu7lNc.roa
Signing time: Thu 10 Feb 2022 07:15:41 +0000
ROA not before: Thu 10 Feb 2022 07:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 195.180.136.0/24 maxlen: 24
195.180.138.0/24 maxlen: 24
194.233.147.0/24 maxlen: 24
195.180.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203755447 (0xc250fb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Feb 10 07:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34f7f61c3b19149e953416be639239a2abbb94d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:38:00:2d:59:bc:73:1f:f8:c8:a9:6a:51:3d:
f3:c4:57:29:5b:b5:f3:20:06:5a:74:97:96:2b:80:
5f:51:8b:f5:d2:66:96:43:0d:82:e0:b1:42:d8:eb:
9b:d3:b7:16:06:ab:62:9d:f8:5f:dd:05:ab:af:e4:
e2:f1:32:b6:00:a1:b7:65:36:db:13:20:a5:9f:88:
82:ed:9b:18:c6:83:ee:b0:99:49:3c:6d:7e:9b:74:
c7:c9:2b:c8:ba:7b:fe:47:7c:5a:69:fc:a2:31:c5:
47:28:72:79:04:ff:e2:e2:2d:c1:25:5f:94:cf:3e:
a8:dc:a0:f6:75:c5:dd:3d:6d:df:75:db:31:cd:7f:
fc:7c:84:bf:f5:8d:65:09:55:6d:86:8b:e0:6e:7d:
5c:63:11:05:ee:de:81:6c:81:b6:20:c2:95:f0:5d:
87:f8:e8:f2:97:bf:c7:fc:6e:6a:ec:00:4d:70:be:
12:e3:e3:35:85:90:89:e5:c5:bf:b3:a5:18:1f:1d:
9f:ab:49:fd:2f:c1:3d:e8:23:35:a0:78:07:2c:ff:
cc:33:ab:a6:04:13:f5:8a:31:37:b0:aa:f7:52:02:
42:b7:33:06:85:b0:09:9e:e7:3d:16:d1:b9:c5:44:
c8:4a:1a:ad:ce:27:91:d7:f6:40:a3:77:98:47:7f:
f9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F7:F6:1C:3B:19:14:9E:95:34:16:BE:63:92:39:A2:AB:BB:94:D7
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/NPf2HDsZFJ6VNBa-Y5I5oqu7lNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.233.147.0/24
195.180.136.0/24
195.180.138.0/24
195.180.156.0/24
Signature Algorithm: sha256WithRSAEncryption
29:bf:e9:62:ab:f8:26:1a:30:fa:e8:7b:20:29:00:1e:1e:0d:
bb:2f:22:ff:e4:4c:91:bf:4e:ba:09:b5:da:8d:11:1d:2f:2d:
f7:36:6f:6e:51:46:de:77:af:64:de:6d:c3:d5:2d:98:3f:f5:
e2:4a:61:e2:c9:a5:45:3a:22:74:31:52:3e:29:51:d7:b8:f4:
8d:83:b7:6b:20:a6:1d:30:8b:c5:0b:72:92:9f:56:94:7c:7e:
1b:5e:1a:ed:2c:48:11:a3:15:c8:1e:aa:60:bf:5c:39:d8:7a:
bd:6b:f3:07:ac:b3:52:fc:f2:07:ec:6f:04:b5:de:fb:94:74:
bd:56:4c:7e:7e:bb:32:1f:a2:79:a3:5b:11:1c:db:96:e8:6c:
50:89:e7:e1:80:dc:13:a8:81:35:ee:5d:42:c0:2a:d4:db:76:
86:88:fd:3d:51:46:30:c0:e2:a5:f3:83:90:57:6d:6a:b8:2f:
b8:aa:5f:1e:5e:86:bf:17:9c:cb:35:e7:66:be:b8:ac:77:ca:
e3:c7:ef:02:ec:ac:62:4b:04:c6:98:3f:b9:97:ce:d9:30:85:
2f:03:41:dc:0b:41:a4:86:f2:0f:f3:29:d1:83:4a:04:91:01:
0b:97:9f:1d:03:21:9e:29:32:11:35:f5:f4:36:ae:ce:14:03:
6e:52:8f:1f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDCUPtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDIx
MDA3MTU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRmN2Y2MWMzYjE5
MTQ5ZTk1MzQxNmJlNjM5MjM5YTJhYmJiOTRkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMY4AC1ZvHMf+MipalE988RXKVu18yAGWnSXliuAX1GL9dJm
lkMNguCxQtjrm9O3FgarYp34X90Fq6/k4vEytgCht2U22xMgpZ+Igu2bGMaD7rCZ
STxtfpt0x8kryLp7/kd8Wmn8ojHFRyhyeQT/4uItwSVflM8+qNyg9nXF3T1t33Xb
Mc1//HyEv/WNZQlVbYaL4G59XGMRBe7egWyBtiDClfBdh/jo8pe/x/xuauwATXC+
EuPjNYWQieXFv7OlGB8dn6tJ/S/BPegjNaB4Byz/zDOrpgQT9YoxN7Cq91ICQrcz
BoWwCZ7nPRbRucVEyEoarc4nkdf2QKN3mEd/+RECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ09/YcOxkUnpU0Fr5jkjmiq7uU1zAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L05QZjJIRHNaRko2Vk5CYS1ZNUk1b3F1N2xOYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMLpkwMEAMO0iAMEAMO0igMEAMO0
nDANBgkqhkiG9w0BAQsFAAOCAQEAKb/pYqv4Jhow+uh7ICkAHh4Nuy8i/+RMkb9O
ugm12o0RHS8t9zZvblFG3nevZN5tw9UtmD/14kph4smlRToidDFSPilR17j0jYO3
ayCmHTCLxQtykp9WlHx+G14a7SxIEaMVyB6qYL9cOdh6vWvzB6yzUvzyB+xvBLXe
+5R0vVZMfn67Mh+ieaNbERzbluhsUInn4YDcE6iBNe5dQsAq1Nt2hoj9PVFGMMDi
pfODkFdtargvuKpfHl6GvxecyzXnZr64rHfK48fvAuysYksExpg/uZfO2TCFLwNB
3AtBpIbyD/Mp0YNKBJEBC5efHQMhnikyETX19DauzhQDblKPHw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:29 2023 by rpki-client on console-ams.rpki-client.org