Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/nzhHn6wHDNbmoM9KOyaho5tJ6ao.roa
File: nzhHn6wHDNbmoM9KOyaho5tJ6ao.roa (raw, json)
Hash identifier: VP2qH2tLLxGRsjsMvn4p0j5a6W3iv9fPV6XvF2LZKZM=
Subject key identifier: 9F:38:47:9F:AC:07:0C:D6:E6:A0:CF:4A:3B:26:A1:A3:9B:49:E9:AA
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018559BF36729C18D03CF0D2C8B76C523763
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/nzhHn6wHDNbmoM9KOyaho5tJ6ao.roa
Signing time: Wed 28 Dec 2022 17:19:41 +0000
ROA not before: Wed 28 Dec 2022 17:19:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25591
IP address blocks: 5.101.208.0/22 maxlen: 22
91.243.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:bf:36:72:9c:18:d0:3c:f0:d2:c8:b7:6c:52:37:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Dec 28 17:19:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f38479fac070cd6e6a0cf4a3b26a1a39b49e9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:e5:bb:77:2c:bd:c6:ba:ea:26:37:a8:e9:
0b:89:0b:63:74:6f:82:d5:94:4b:2e:d4:ca:89:7c:
dc:b1:2f:9b:4e:ea:7a:d6:89:24:05:58:55:d9:9f:
41:8b:ed:59:9e:d8:94:d5:45:bb:01:6a:c7:4b:96:
02:55:fc:bc:31:93:a7:5c:86:6b:ca:c0:f2:64:67:
34:7e:60:88:91:f2:08:ce:17:b4:f9:e7:9b:f8:c6:
c7:10:a1:55:5c:cd:d6:20:f7:6d:55:bb:d5:75:78:
e3:02:88:ab:8b:62:cd:c9:2a:72:ba:4e:1e:ed:1f:
c4:73:49:a7:0c:8b:cd:6d:52:19:06:23:a9:25:52:
3a:34:56:e9:70:d6:64:dd:59:07:9a:94:c6:3b:d7:
06:e5:fd:a3:43:2d:db:5a:f4:a4:c9:66:27:2c:81:
f0:55:a7:4f:e7:ea:f1:d5:fb:d3:b0:46:f3:35:b9:
32:9f:f6:d4:84:80:6a:21:53:87:e8:7d:a9:a9:10:
63:cf:a7:ee:23:88:58:cf:82:96:c1:4f:60:95:f4:
4a:f9:66:60:b8:cd:59:f7:bd:f9:6c:fc:55:9a:0f:
1a:60:9c:4f:ae:56:e1:51:e2:6a:49:fb:d8:06:0e:
a2:18:92:4e:8f:a5:e4:ba:3f:fe:9b:61:da:05:6d:
36:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:38:47:9F:AC:07:0C:D6:E6:A0:CF:4A:3B:26:A1:A3:9B:49:E9:AA
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/nzhHn6wHDNbmoM9KOyaho5tJ6ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.208.0/22
91.243.36.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:06:19:0f:4c:93:ab:e5:c1:83:cf:56:bd:f8:5f:fa:11:00:
9c:f5:99:36:b2:0d:a9:87:d0:7f:c3:3a:0d:e9:61:e5:97:1d:
47:44:7d:2e:75:4f:bf:82:5c:bd:77:b4:e4:81:ce:12:bb:8e:
1e:9e:ea:96:60:96:56:96:69:6d:d1:b0:b4:39:4b:b3:f7:56:
1e:99:f0:99:2f:db:d4:c8:91:ee:c2:a4:5f:4b:17:cb:1d:5f:
20:90:fb:53:ac:d7:40:68:ef:90:a8:f3:bd:52:4c:f1:5d:ed:
18:ed:5e:a4:e5:96:ff:c4:a6:01:fb:cf:a2:0e:33:46:a7:06:
c5:08:b4:29:32:5f:dd:81:51:49:5a:39:38:d5:0c:ce:4b:62:
ae:cd:d3:47:47:67:99:1d:12:b6:2c:12:6e:25:89:60:0e:4d:
7e:df:23:77:c4:d2:a8:06:39:89:09:4b:b1:52:b6:fe:0a:e6:
f2:10:d5:5f:f2:e4:c5:21:fd:ba:d9:53:5b:58:11:97:2b:ac:
4d:3a:17:19:ff:82:41:6d:3e:ef:c1:c3:75:63:85:ec:44:3f:
46:76:0a:94:a9:f5:1f:4e:9d:5f:09:7a:f5:cb:56:68:03:6e:
09:98:f3:e1:35:5c:15:4f:89:e2:b3:4c:ed:f3:ef:2c:07:43:
e8:11:6b:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVZvzZynBjQPPDSyLdsUjdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMjI4MTcxOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM4NDc5ZmFjMDcwY2Q2ZTZhMGNmNGEzYjI2YTFhMzliNDllOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRflu3csvca66iY3qOkLiQtjdG+C
1ZRLLtTKiXzcsS+bTup61okkBVhV2Z9Bi+1ZntiU1UW7AWrHS5YCVfy8MZOnXIZr
ysDyZGc0fmCIkfIIzhe0+eeb+MbHEKFVXM3WIPdtVbvVdXjjAoiri2LNySpyuk4e
7R/Ec0mnDIvNbVIZBiOpJVI6NFbpcNZk3VkHmpTGO9cG5f2jQy3bWvSkyWYnLIHw
VadP5+rx1fvTsEbzNbkyn/bUhIBqIVOH6H2pqRBjz6fuI4hYz4KWwU9glfRK+WZg
uM1Z9735bPxVmg8aYJxPrlbhUeJqSfvYBg6iGJJOj6Xkuj/+m2HaBW02NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ84R5+sBwzW5qDPSjsmoaObSemqMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvbnpoSG42d0hETmJtb005S095YWhvNXRKNmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWXQAwQC
W/MkMA0GCSqGSIb3DQEBCwUAA4IBAQCrBhkPTJOr5cGDz1a9+F/6EQCc9Zk2sg2p
h9B/wzoN6WHllx1HRH0udU+/gly9d7Tkgc4Su44enuqWYJZWlmlt0bC0OUuz91Ye
mfCZL9vUyJHuwqRfSxfLHV8gkPtTrNdAaO+QqPO9UkzxXe0Y7V6k5Zb/xKYB+8+i
DjNGpwbFCLQpMl/dgVFJWjk41QzOS2KuzdNHR2eZHRK2LBJuJYlgDk1+3yN3xNKo
BjmJCUuxUrb+CubyENVf8uTFIf262VNbWBGXK6xNOhcZ/4JBbT7vwcN1Y4XsRD9G
dgqUqfUfTp1fCXr1y1ZoA24JmPPhNVwVT4nis0zt8+8sB0PoEWuJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:44 2023 by rpki-client on console-ams.rpki-client.org