Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/NxJFs8pMLYTDf15u48CpERvoHDU.roa
File: NxJFs8pMLYTDf15u48CpERvoHDU.roa (raw, json)
Hash identifier: azz0vOfvqhiS0P81+vRYvK6+77TJAavmkccCQhF6naI=
Subject key identifier: 37:12:45:B3:CA:4C:2D:84:C3:7F:5E:6E:E3:C0:A9:11:1B:E8:1C:35
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 4868D1FC
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/NxJFs8pMLYTDf15u48CpERvoHDU.roa
Signing time: Sat 01 Jan 2022 03:00:28 +0000
ROA not before: Sat 01 Jan 2022 03:00:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49453
IP address blocks: 5.188.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1214829052 (0x4868d1fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=371245b3ca4c2d84c37f5e6ee3c0a9111be81c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:13:e8:23:32:bc:87:c2:4e:9b:bd:8d:26:ff:
5b:cc:ad:9b:91:2d:37:3d:48:92:c8:a1:dd:ad:d7:
f0:ec:ea:bd:93:44:9b:cc:27:21:4c:4e:86:c3:ec:
19:65:e3:26:5a:a0:fa:68:cf:c4:1f:fa:49:cb:eb:
01:51:a7:eb:a4:af:39:62:9c:ef:f7:ed:8b:f9:c5:
c5:bc:6e:73:fb:00:16:dd:5a:5a:25:10:54:76:a0:
fc:cc:1e:37:70:f3:ab:01:82:af:0b:2c:e5:13:a3:
a9:29:f7:69:7c:2f:e7:f9:09:b1:07:94:c2:9d:c1:
8f:df:38:78:c2:49:70:cd:2b:ea:88:1f:74:16:b7:
9e:38:4e:d4:78:44:d0:09:64:62:ab:90:8a:7c:06:
12:e8:bb:f6:40:64:03:1b:7a:66:02:f3:eb:d0:f2:
5d:59:f9:2f:f8:1b:6b:63:22:f3:5c:bf:cb:ed:43:
e0:6f:d2:00:60:3e:06:44:80:38:61:88:64:8a:14:
fc:6c:85:ab:28:d4:d0:a3:cc:bb:cb:14:fa:74:6c:
1b:ca:7a:66:4a:70:c9:43:5a:14:03:a1:13:31:f7:
3a:6e:ec:3c:da:37:de:33:e0:23:0e:e0:ef:db:eb:
0e:05:c1:16:a7:0a:bc:47:c4:62:e8:7d:e5:de:46:
3e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:12:45:B3:CA:4C:2D:84:C3:7F:5E:6E:E3:C0:A9:11:1B:E8:1C:35
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/NxJFs8pMLYTDf15u48CpERvoHDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.86.0/24
Signature Algorithm: sha256WithRSAEncryption
44:45:0e:c2:60:31:f5:c1:db:11:aa:37:74:0f:f5:e5:cc:ea:
b3:8e:c8:c4:56:60:90:a8:38:7e:73:65:ca:e9:81:f2:e4:f4:
f1:57:e0:ce:a0:f9:35:63:8a:9d:74:2f:33:05:62:64:df:0e:
da:8f:66:c1:64:9e:7b:26:99:92:02:01:4f:07:fa:b2:2a:d6:
43:01:63:a0:87:3e:98:d1:e1:6e:92:2a:8d:5e:f3:e7:4b:04:
32:5a:42:d9:fd:12:71:ec:68:84:db:14:aa:4c:8b:af:5a:48:
c8:96:ee:06:7f:00:37:a8:23:50:ed:e4:5f:c0:8e:91:4b:1e:
df:7a:39:05:f4:d5:4a:05:cd:ae:42:1f:c4:aa:39:1d:f6:93:
f3:83:46:c7:8d:07:63:32:c1:5f:28:4d:26:c9:9c:38:dd:15:
3f:84:c6:ff:00:aa:15:eb:d1:bd:f3:49:15:52:f6:c1:f8:a7:
02:68:0f:15:95:63:ce:2c:f9:fe:fb:c1:3a:5d:64:e0:3d:13:
c3:03:be:83:64:9e:99:2d:dc:d9:91:96:22:20:f3:38:30:fb:
ec:0f:d4:92:8d:7c:52:56:f8:61:4e:8d:b0:51:21:ba:58:0d:
0b:d8:84:d8:10:7a:77:84:19:31:08:bd:df:06:dd:15:a8:2e:
d1:72:cc:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESGjR/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDAyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzcxMjQ1YjNjYTRj
MmQ4NGMzN2Y1ZTZlZTNjMGE5MTExYmU4MWMzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMET6CMyvIfCTpu9jSb/W8ytm5EtNz1Iksih3a3X8OzqvZNE
m8wnIUxOhsPsGWXjJlqg+mjPxB/6ScvrAVGn66SvOWKc7/fti/nFxbxuc/sAFt1a
WiUQVHag/MweN3DzqwGCrwss5ROjqSn3aXwv5/kJsQeUwp3Bj984eMJJcM0r6ogf
dBa3njhO1HhE0AlkYquQinwGEui79kBkAxt6ZgLz69DyXVn5L/gba2Mi81y/y+1D
4G/SAGA+BkSAOGGIZIoU/GyFqyjU0KPMu8sU+nRsG8p6ZkpwyUNaFAOhEzH3Om7s
PNo33jPgIw7g79vrDgXBFqcKvEfEYuh95d5GPsECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3EkWzykwthMN/Xm7jwKkRG+gcNTAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L054SkZzOHBNTFlURGYxNXU0OENwRVJ2b0hEVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW8VjANBgkqhkiG9w0BAQsFAAOC
AQEAREUOwmAx9cHbEao3dA/15czqs47IxFZgkKg4fnNlyumB8uT08VfgzqD5NWOK
nXQvMwViZN8O2o9mwWSeeyaZkgIBTwf6sirWQwFjoIc+mNHhbpIqjV7z50sEMlpC
2f0ScexohNsUqkyLr1pIyJbuBn8AN6gjUO3kX8COkUse33o5BfTVSgXNrkIfxKo5
HfaT84NGx40HYzLBXyhNJsmcON0VP4TG/wCqFevRvfNJFVL2wfinAmgPFZVjziz5
/vvBOl1k4D0TwwO+g2SemS3c2ZGWIiDzODD77A/Uko18Ulb4YU6NsFEhulgNC9iE
2BB6d4QZMQi93wbdFagu0XLMsg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org