Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/NyfbJlctZ4JqsVdxsgp0YdsKH9g.roa
File: NyfbJlctZ4JqsVdxsgp0YdsKH9g.roa (raw, json)
Hash identifier: l82rmLmIBZHdrxX+wRiHMl0/Q4oS8viZLtq6EJ/5dDg=
Subject key identifier: 37:27:DB:26:57:2D:67:82:6A:B1:57:71:B2:0A:74:61:DB:0A:1F:D8
Certificate issuer: /CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Certificate serial: 01827FCF81B63B5A6DB57411798D7844B8EF
Authority key identifier: 7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/NyfbJlctZ4JqsVdxsgp0YdsKH9g.roa
Signing time: Mon 08 Aug 2022 23:34:41 +0000
ROA not before: Mon 08 Aug 2022 23:34:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 194.54.157.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7f:cf:81:b6:3b:5a:6d:b5:74:11:79:8d:78:44:b8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Validity
Not Before: Aug 8 23:34:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3727db26572d67826ab15771b20a7461db0a1fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e7:9a:80:b9:58:01:5e:f0:d0:25:78:f6:d1:
7f:09:ad:e9:6f:89:34:9f:e9:d9:c3:ad:a7:2d:02:
e3:5a:c7:54:e8:d3:09:67:05:d7:aa:52:f5:29:23:
4c:0a:d9:53:d3:c7:e2:3f:ab:95:d6:b6:bc:b2:9f:
7b:a9:73:be:0f:60:14:27:a2:6f:01:80:3c:56:a4:
cf:ff:c1:55:0a:71:f8:dd:e9:49:07:d1:e1:0b:9a:
b8:69:af:63:54:23:bf:3f:bd:72:2b:f4:be:cd:92:
e4:1f:6d:9c:f5:ad:2d:51:8e:96:de:fa:1c:62:a5:
a4:e2:37:78:6e:d0:90:50:17:f4:10:b7:95:06:28:
bd:e9:52:c5:3f:85:61:30:97:40:35:f0:35:7a:b2:
ba:1b:ad:91:4f:ad:e9:2c:c7:c9:f4:54:8e:69:5c:
d8:2e:2f:e5:13:91:89:a1:37:b5:1f:ac:dd:b6:3f:
85:3b:bc:fe:67:5a:c6:c3:3b:b8:d1:38:bd:4e:99:
0f:2a:e0:b7:9c:1f:a3:81:81:c2:f6:9d:5e:5a:09:
20:a7:b4:e4:c7:db:1e:89:37:f5:0f:66:ad:5d:56:
79:da:0a:b0:38:e6:7a:f5:12:02:10:5e:0e:34:3c:
69:25:40:89:57:72:ae:7f:17:04:82:2d:03:3a:fe:
fb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:27:DB:26:57:2D:67:82:6A:B1:57:71:B2:0A:74:61:DB:0A:1F:D8
X509v3 Authority Key Identifier:
keyid:7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/NyfbJlctZ4JqsVdxsgp0YdsKH9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/fNbAI2_01gUJBpV__TgLOHnm7W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.156.0-194.54.158.255
Signature Algorithm: sha256WithRSAEncryption
91:ee:6c:0d:fc:86:49:03:5c:16:f4:b8:cd:3b:97:da:ae:76:
4f:4c:d8:fe:ed:d7:15:d3:26:52:be:21:2e:2f:48:c0:e4:e6:
08:3e:84:02:c1:f9:af:e6:d2:f9:ad:8a:f5:90:79:33:28:33:
03:fc:14:3b:fe:c6:ee:4f:d5:65:f8:5f:13:bf:a7:9c:b9:66:
ae:97:4d:ea:e5:01:14:c2:8e:96:f7:3e:28:3d:cf:d4:a3:1e:
8e:41:41:64:05:b1:22:cc:e3:ef:b2:d8:b4:ff:82:4d:8c:6d:
70:c4:ae:f2:74:e7:ba:09:2e:c1:03:65:fa:5a:9f:78:0e:53:
5e:68:7c:e9:ef:af:9e:33:2b:a1:f3:c8:9d:a1:94:87:15:cf:
45:24:8d:7a:a5:e6:49:a5:2c:61:0e:ee:ab:63:2d:73:fa:3f:
24:22:45:f9:b1:ba:8f:6d:74:6e:56:f5:51:d4:71:d3:91:75:
38:38:43:4b:7f:4f:ca:40:46:03:ac:1a:86:b1:b7:1e:aa:4e:
11:16:82:27:50:2f:fa:6f:6b:46:00:1c:9d:14:0b:89:c0:f5:
bd:94:81:17:47:2c:24:91:3d:6e:01:37:de:8e:7d:84:c4:7d:
bb:cd:1f:02:db:0a:18:db:90:69:03:44:69:7e:d7:7f:a1:5e:
53:81:ff:05
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJ/z4G2O1pttXQReY14RLjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDZjMDIzNmZmNGQ2MDUwOTA2OTU3ZmZkMzgwYjM4Nzll
NmVkNmUwHhcNMjIwODA4MjMzNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzI3ZGIyNjU3MmQ2NzgyNmFiMTU3NzFiMjBhNzQ2MWRiMGExZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ueagLlYAV7w0CV49tF/Ca3pb4k0
n+nZw62nLQLjWsdU6NMJZwXXqlL1KSNMCtlT08fiP6uV1ra8sp97qXO+D2AUJ6Jv
AYA8VqTP/8FVCnH43elJB9HhC5q4aa9jVCO/P71yK/S+zZLkH22c9a0tUY6W3voc
YqWk4jd4btCQUBf0ELeVBii96VLFP4VhMJdANfA1erK6G62RT63pLMfJ9FSOaVzY
Li/lE5GJoTe1H6zdtj+FO7z+Z1rGwzu40Ti9TpkPKuC3nB+jgYHC9p1eWgkgp7Tk
x9seiTf1D2atXVZ52gqwOOZ69RICEF4ONDxpJUCJV3KufxcEgi0DOv77CwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDcn2yZXLWeCarFXcbIKdGHbCh/YMB8GA1UdIwQY
MBaAFHzWwCNv9NYFCQaVf/04Czh55u1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEt
YzgwYzI4OGViZWVhLzEvTnlmYkpsY3RaNEpxc1ZkeHNncDBZZHNLSDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEtYzgwYzI4OGViZWVh
LzEvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCNpwD
BADCNp4wDQYJKoZIhvcNAQELBQADggEBAJHubA38hkkDXBb0uM07l9qudk9M2P7t
1xXTJlK+IS4vSMDk5gg+hALB+a/m0vmtivWQeTMoMwP8FDv+xu5P1WX4XxO/p5y5
Zq6XTerlARTCjpb3Pig9z9SjHo5BQWQFsSLM4++y2LT/gk2MbXDErvJ057oJLsED
Zfpan3gOU15ofOnvr54zK6HzyJ2hlIcVz0UkjXql5kmlLGEO7qtjLXP6PyQiRfmx
uo9tdG5W9VHUcdORdTg4Q0t/T8pARgOsGoaxtx6qThEWgidQL/pva0YAHJ0UC4nA
9b2UgRdHLCSRPW4BN96OfYTEfbvNHwLbChjbkGkDRGl+13+hXlOB/wU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:09 2024 by rpki-client on console-fra.rpki-client.org