Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/nzyrxh1WUK-Rdy-iBxhQdO5wxIE.roa
File: nzyrxh1WUK-Rdy-iBxhQdO5wxIE.roa (raw, json)
Hash identifier: 5Os2YUA5djrjU4F6LM1T/NWBFstuovePD1qM8EM+9NE=
Subject key identifier: 9F:3C:AB:C6:1D:56:50:AF:91:77:2F:A2:07:18:50:74:EE:70:C4:81
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0DB92D42
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/nzyrxh1WUK-Rdy-iBxhQdO5wxIE.roa
Signing time: Wed 09 Mar 2022 15:25:15 +0000
ROA not before: Wed 09 Mar 2022 15:25:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209479
IP address blocks: 85.14.154.0/23 maxlen: 23
217.171.24.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230239554 (0xdb92d42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Mar 9 15:25:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f3cabc61d5650af91772fa207185074ee70c481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:c3:87:bb:76:e9:3c:ab:0e:4f:16:94:6d:
25:4f:8f:04:8a:c5:ea:ed:be:64:35:57:70:18:82:
43:64:9a:14:5e:4d:f5:0b:95:8c:99:65:8b:85:99:
eb:40:e4:f0:e2:09:98:ea:8d:da:4f:92:dc:93:5a:
84:2b:52:07:0e:e2:11:4e:71:c1:a7:38:05:aa:e0:
88:23:64:62:fe:c2:74:74:45:8b:81:8b:38:80:84:
cb:58:a6:80:17:1e:ce:d6:48:d1:23:d6:59:56:dd:
d6:04:f0:95:d0:a7:1a:50:1f:5a:29:0c:6c:07:a5:
6b:9f:c7:59:36:f9:91:47:ec:36:45:2e:81:10:30:
dc:0a:94:52:15:2d:84:e2:ae:76:d2:8e:ae:85:28:
fa:40:b5:c3:7f:b1:04:d2:d0:81:ea:0a:ae:77:66:
a1:a1:68:fa:63:ff:81:e5:49:4a:b8:61:43:0d:e9:
b7:de:8c:d1:58:f3:72:e8:9e:67:c5:f4:71:fd:cb:
1d:e0:52:d6:47:b7:e4:67:ae:bd:9f:e9:ae:1d:e0:
8d:a9:bd:ad:99:09:8d:c8:99:81:58:ea:23:e5:62:
10:85:d7:8d:8e:91:5d:66:46:d9:da:77:96:cb:e4:
64:81:20:72:07:71:72:f1:00:f7:01:f3:28:e6:93:
dd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3C:AB:C6:1D:56:50:AF:91:77:2F:A2:07:18:50:74:EE:70:C4:81
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/nzyrxh1WUK-Rdy-iBxhQdO5wxIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.154.0/23
217.171.24.0/23
Signature Algorithm: sha256WithRSAEncryption
15:70:20:d2:0e:c1:e6:31:10:83:53:86:72:9c:ad:cf:3a:64:
f8:e4:80:45:0d:f4:1d:0b:d4:b0:ad:3a:de:58:2f:d0:6f:c5:
c9:26:2d:7d:cf:39:e3:82:37:04:52:1e:3f:11:6d:79:98:7d:
7b:21:a0:d5:7b:5f:c8:ff:d2:d3:39:39:74:03:d6:9b:1e:9b:
6b:cc:d6:25:f6:ee:84:57:15:3c:6e:ac:a0:79:9a:7a:40:d2:
e5:0b:99:d0:2f:e0:ad:80:1a:c6:87:54:d8:1f:40:40:f0:b9:
de:04:30:2f:93:0f:2e:92:a5:02:85:a5:60:1d:95:ba:cf:28:
78:5f:b6:65:d6:c9:cc:f6:7b:f7:e8:13:f3:f3:d7:6c:99:b4:
dc:b7:77:ba:ce:4d:9e:b3:ee:56:d4:72:2b:01:33:2c:9a:99:
c6:c3:5d:9c:4c:12:6a:23:9c:80:13:1b:45:5b:16:58:60:fa:
32:b6:f2:c8:af:c5:12:e9:89:69:a2:f3:aa:f9:22:90:24:87:
e2:49:e1:72:66:0e:d8:27:60:27:81:74:22:31:8f:d5:df:7d:
b9:b3:82:f0:f5:cb:0c:21:5a:a2:1b:d5:76:30:8c:a3:de:f4:
fa:10:db:04:e3:11:6c:d7:b0:25:24:f3:5c:c2:87:54:12:21:
65:b3:c7:35
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDbktQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDdkODg3YzAyZTA3YzllNDc0ZDFmOGUyMTA0OWNhYTZjZTNmYmQzMB4XDTIyMDMw
OTE1MjUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYzY2FiYzYxZDU2
NTBhZjkxNzcyZmEyMDcxODUwNzRlZTcwYzQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEMw4e7duk8qw5PFpRtJU+PBIrF6u2+ZDVXcBiCQ2SaFF5N
9QuVjJlli4WZ60Dk8OIJmOqN2k+S3JNahCtSBw7iEU5xwac4BargiCNkYv7CdHRF
i4GLOICEy1imgBceztZI0SPWWVbd1gTwldCnGlAfWikMbAela5/HWTb5kUfsNkUu
gRAw3AqUUhUthOKudtKOroUo+kC1w3+xBNLQgeoKrndmoaFo+mP/geVJSrhhQw3p
t96M0VjzcuieZ8X0cf3LHeBS1ke35GeuvZ/prh3gjam9rZkJjciZgVjqI+ViEIXX
jY6RXWZG2dp3lsvkZIEgcgdxcvEA9wHzKOaT3Y0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSfPKvGHVZQr5F3L6IHGFB07nDEgTAfBgNVHSMEGDAWgBQwfYh8AuB8nkdN
H44hBJyqbOP70zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01IMklmQUxnZko1SFRSLU9JUVNjcW16ai05TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8x
L256eXJ4aDFXVUstUmR5LWlCeGhRZE81d3hJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8xL01IMklmQUxnZko1
SFRSLU9JUVNjcW16ai05TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVUOmgMEAdmrGDANBgkqhkiG9w0B
AQsFAAOCAQEAFXAg0g7B5jEQg1OGcpytzzpk+OSARQ30HQvUsK063lgv0G/FySYt
fc8544I3BFIePxFteZh9eyGg1XtfyP/S0zk5dAPWmx6ba8zWJfbuhFcVPG6soHma
ekDS5QuZ0C/grYAaxodU2B9AQPC53gQwL5MPLpKlAoWlYB2Vus8oeF+2ZdbJzPZ7
9+gT8/PXbJm03Ld3us5NnrPuVtRyKwEzLJqZxsNdnEwSaiOcgBMbRVsWWGD6Mrby
yK/FEumJaaLzqvkikCSH4knhcmYO2CdgJ4F0IjGP1d99ubOC8PXLDCFaohvVdjCM
o970+hDbBOMRbNewJSTzXMKHVBIhZbPHNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:35 2024 by rpki-client on console-fra.rpki-client.org