Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NKBsOtJnKKWSBlk66OTg6WonfyQ.roa
File: NKBsOtJnKKWSBlk66OTg6WonfyQ.roa (raw, json)
Hash identifier: jMfKZSqbwhF8bROZ4FvXVR4rcY8RQyGi467I14zJMVY=
Subject key identifier: 34:A0:6C:3A:D2:67:28:A5:92:06:59:3A:E8:E4:E0:E9:6A:27:7F:24
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0182820ACB78BAC5459FAF401E044C169DBA
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NKBsOtJnKKWSBlk66OTg6WonfyQ.roa
Signing time: Tue 09 Aug 2022 09:58:41 +0000
ROA not before: Tue 09 Aug 2022 09:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 91.226.58.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:0a:cb:78:ba:c5:45:9f:af:40:1e:04:4c:16:9d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Aug 9 09:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a06c3ad26728a59206593ae8e4e0e96a277f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8d:12:c5:ae:d0:cb:5d:87:4c:dc:16:19:52:
08:49:de:80:6b:5e:0f:e6:4c:90:e7:8b:79:51:25:
32:5f:e5:74:0e:b8:c5:04:3d:cf:7d:4e:d9:ff:5d:
c5:ed:c9:35:0e:84:b5:4f:14:cf:42:86:e9:f2:d7:
78:01:1a:4b:73:20:21:54:91:88:d1:34:1e:4d:d3:
93:0c:9b:f9:df:0a:d1:96:d2:c7:c9:9b:b2:1f:8f:
cc:20:26:a7:e4:58:e3:b1:04:da:1e:4a:32:9e:3b:
2a:14:a6:07:ed:8d:aa:a7:1e:82:80:50:ff:05:9e:
ad:41:ed:6c:a6:a6:19:ff:f9:a8:aa:fe:e4:ae:45:
1b:c7:5e:42:bd:2a:30:18:00:08:01:80:c7:f9:a9:
f2:29:4f:33:ac:e9:66:bc:22:6b:ed:1e:1b:45:e7:
8f:a6:24:e5:f4:f4:45:76:8d:db:8c:fa:82:86:a7:
57:92:84:5c:36:f3:3f:20:04:a3:fe:ae:0c:5e:81:
7e:fb:2c:d2:d0:6a:d2:b5:6b:36:65:a9:fc:6f:ca:
1e:6d:38:fa:16:37:99:85:31:cc:47:db:28:f1:01:
f9:03:39:79:91:03:60:43:79:13:6a:78:90:9d:96:
44:85:75:d6:a2:27:96:fd:5e:c8:9a:25:4b:ef:e5:
53:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A0:6C:3A:D2:67:28:A5:92:06:59:3A:E8:E4:E0:E9:6A:27:7F:24
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/NKBsOtJnKKWSBlk66OTg6WonfyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.58.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:ef:ed:d5:01:e5:b4:5e:19:ac:70:5d:f9:f1:9c:1e:16:cb:
48:b2:66:3c:0a:8e:04:ea:ae:7b:2a:39:4a:84:f9:cc:aa:3c:
77:02:a1:68:63:db:19:5e:29:6b:d2:cd:c8:77:82:6d:6e:e5:
08:eb:8b:bc:93:2d:6b:ff:0d:80:b5:c1:2d:47:80:5f:71:03:
34:f4:e3:5a:59:ab:a9:6b:25:f5:62:47:ab:6e:8a:52:cc:ff:
0b:28:6a:92:d5:e6:3a:0b:9e:90:d7:86:8e:31:04:9b:e8:8f:
c0:a1:2e:4f:2a:9f:3c:75:a5:25:78:23:22:d5:41:21:ae:f5:
3e:6e:59:24:b6:b4:df:e4:2f:00:1c:f4:ee:77:2c:9b:ef:9f:
25:ab:ba:c7:ed:e5:ba:bd:9f:c4:58:7f:8e:b4:fc:25:46:a1:
06:18:2f:73:29:92:25:d3:41:dc:fe:d8:cd:b6:a1:81:59:d4:
43:9c:fc:fb:b1:5d:aa:bc:0b:8d:16:e1:fd:c1:3d:f5:9b:bb:
20:5d:1c:60:fb:7b:3c:e5:1a:59:07:6b:c2:bf:95:9c:57:19:
68:92:da:2e:30:73:26:c4:6c:46:97:70:82:c2:06:7f:69:97:
dd:28:51:b1:7c:6a:02:07:b7:03:aa:99:b4:25:5e:16:f8:e2:
c5:a6:24:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKCCst4usVFn69AHgRMFp26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIwODA5MDk1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGEwNmMzYWQyNjcyOGE1OTIwNjU5M2FlOGU0ZTBlOTZhMjc3ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY0Sxa7Qy12HTNwWGVIISd6Aa14P
5kyQ54t5USUyX+V0DrjFBD3PfU7Z/13F7ck1DoS1TxTPQobp8td4ARpLcyAhVJGI
0TQeTdOTDJv53wrRltLHyZuyH4/MICan5FjjsQTaHkoynjsqFKYH7Y2qpx6CgFD/
BZ6tQe1spqYZ//moqv7krkUbx15CvSowGAAIAYDH+anyKU8zrOlmvCJr7R4bReeP
piTl9PRFdo3bjPqChqdXkoRcNvM/IASj/q4MXoF++yzS0GrStWs2Zan8b8oebTj6
FjeZhTHMR9so8QH5Azl5kQNgQ3kTaniQnZZEhXXWoieW/V7ImiVL7+VTzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSgbDrSZyilkgZZOujk4OlqJ38kMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvTktCc090Sm5LS1dTQmxrNjZPVGc2V29uZnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+I6MA0G
CSqGSIb3DQEBCwUAA4IBAQCd7+3VAeW0XhmscF358ZweFstIsmY8Co4E6q57KjlK
hPnMqjx3AqFoY9sZXilr0s3Id4JtbuUI64u8ky1r/w2AtcEtR4BfcQM09ONaWaup
ayX1YkerbopSzP8LKGqS1eY6C56Q14aOMQSb6I/AoS5PKp88daUleCMi1UEhrvU+
blkktrTf5C8AHPTudyyb758lq7rH7eW6vZ/EWH+OtPwlRqEGGC9zKZIl00Hc/tjN
tqGBWdRDnPz7sV2qvAuNFuH9wT31m7sgXRxg+3s85RpZB2vCv5WcVxloktouMHMm
xGxGl3CCwgZ/aZfdKFGxfGoCB7cDqpm0JV4W+OLFpiSd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org