Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/nQnBk8u95UaYYD65NQjEPDeExe4.roa
File: nQnBk8u95UaYYD65NQjEPDeExe4.roa (raw, json)
Hash identifier: mzCOYTQor1hjc70rEGMaVfDHv/Ox5+Gk5xApbr1NKEw=
Subject key identifier: 9D:09:C1:93:CB:BD:E5:46:98:60:3E:B9:35:08:C4:3C:37:84:C5:EE
Certificate issuer: /CN=37891a4724aac6b5da0005329aa3a5abe87779d6
Certificate serial: 067231F5
Authority key identifier: 37:89:1A:47:24:AA:C6:B5:DA:00:05:32:9A:A3:A5:AB:E8:77:79:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4kaRySqxrXaAAUymqOlq-h3edY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/nQnBk8u95UaYYD65NQjEPDeExe4.roa
Signing time: Sat 01 Jan 2022 08:53:31 +0000
ROA not before: Sat 01 Jan 2022 08:53:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207767
IP address blocks: 176.119.209.0/24 maxlen: 24
185.90.44.0/22 maxlen: 22
2a0f:ffc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108147189 (0x67231f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37891a4724aac6b5da0005329aa3a5abe87779d6
Validity
Not Before: Jan 1 08:53:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d09c193cbbde54698603eb93508c43c3784c5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:65:06:fc:57:03:4d:8e:a3:7b:90:6b:93:c2:
15:79:6e:3f:05:7d:be:6b:bb:ac:2f:a3:ac:3f:c0:
45:1c:dd:35:64:5a:5b:0b:e6:51:40:9b:2f:74:51:
43:c1:a7:8a:b9:7f:2f:b9:62:b5:08:9a:a8:cb:58:
58:43:1f:42:ea:21:ab:1c:56:72:60:70:f6:7c:0f:
19:df:d9:cd:a7:11:a7:3a:54:d9:c5:3a:df:1f:68:
3e:75:ea:e0:a6:fd:6e:a2:47:8a:04:6c:68:8a:2f:
a8:53:a0:83:ea:47:6c:18:3c:ed:fb:ed:4f:97:67:
4e:3b:79:84:a8:cb:64:35:56:df:58:f6:5f:ad:a4:
03:6c:84:d6:8d:6c:24:03:ff:3c:06:a2:a9:e7:5d:
86:1b:aa:d4:0e:67:37:36:fb:e1:fd:ee:30:cf:20:
b6:f2:3f:4b:f3:04:fc:95:c3:54:bf:2d:83:71:bf:
87:d8:e0:43:5b:d6:84:e3:48:27:e9:8b:53:8f:ff:
9f:6c:f2:9e:a4:d0:95:f3:30:14:cb:9d:54:4d:63:
42:c4:ce:16:39:ff:83:a9:e3:e4:61:1e:4e:84:dd:
99:31:ce:df:e5:79:75:97:3f:75:c9:36:d5:d9:45:
21:58:57:4b:40:9f:4b:26:ea:93:0f:d7:73:3c:a8:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:09:C1:93:CB:BD:E5:46:98:60:3E:B9:35:08:C4:3C:37:84:C5:EE
X509v3 Authority Key Identifier:
keyid:37:89:1A:47:24:AA:C6:B5:DA:00:05:32:9A:A3:A5:AB:E8:77:79:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4kaRySqxrXaAAUymqOlq-h3edY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/nQnBk8u95UaYYD65NQjEPDeExe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/N4kaRySqxrXaAAUymqOlq-h3edY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.209.0/24
185.90.44.0/22
IPv6:
2a0f:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
a8:f3:11:de:71:bc:5a:67:ac:80:8c:66:fa:b1:2e:88:27:89:
fc:8d:3c:6d:4e:de:d6:d0:cc:2c:03:e2:05:be:c2:3f:ed:b2:
67:f9:56:46:9d:ce:71:5d:ac:f7:67:c3:cb:2b:17:df:2e:f5:
b6:6a:95:b2:ff:95:ec:aa:49:61:9d:16:4d:3e:e9:7c:fc:9e:
1f:bd:13:18:b6:12:6e:46:62:59:68:76:a5:10:e4:cd:6d:b6:
8b:16:0a:a5:e4:a3:26:f3:88:31:16:0a:58:db:4d:9a:cb:9e:
1f:68:34:ef:94:dc:65:06:eb:21:56:04:d2:26:38:ef:f6:4c:
c4:dd:1f:cf:4c:5e:e7:26:b3:25:f6:e4:43:49:44:3d:e2:1c:
ee:d9:cb:86:9a:98:89:cc:c6:5b:cc:7f:40:8d:30:98:9d:cf:
2a:42:06:99:03:82:ae:f7:a8:ec:88:b1:da:89:2f:ed:e9:9d:
17:70:64:31:e0:a4:09:ba:b6:9f:a5:1c:6f:a5:76:95:63:5f:
43:1c:68:b8:33:6c:d9:07:83:08:b5:8c:13:87:80:d9:12:da:
16:14:86:4c:f7:5d:16:34:72:f2:06:bb:bd:d9:1b:93:e7:2e:
b4:7e:4d:c7:b7:86:ed:11:53:3e:28:47:31:6e:a1:8a:c4:fb:
70:17:eb:ff
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBnIx9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Nzg5MWE0NzI0YWFjNmI1ZGEwMDA1MzI5YWEzYTVhYmU4Nzc3OWQ2MB4XDTIyMDEw
MTA4NTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQwOWMxOTNjYmJk
ZTU0Njk4NjAzZWI5MzUwOGM0M2MzNzg0YzVlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI9lBvxXA02Oo3uQa5PCFXluPwV9vmu7rC+jrD/ARRzdNWRa
WwvmUUCbL3RRQ8Gnirl/L7litQiaqMtYWEMfQuohqxxWcmBw9nwPGd/ZzacRpzpU
2cU63x9oPnXq4Kb9bqJHigRsaIovqFOgg+pHbBg87fvtT5dnTjt5hKjLZDVW31j2
X62kA2yE1o1sJAP/PAaiqeddhhuq1A5nNzb74f3uMM8gtvI/S/ME/JXDVL8tg3G/
h9jgQ1vWhONIJ+mLU4//n2zynqTQlfMwFMudVE1jQsTOFjn/g6nj5GEeToTdmTHO
3+V5dZc/dck21dlFIVhXS0CfSybqkw/XczyoMwsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSdCcGTy73lRphgPrk1CMQ8N4TF7jAfBgNVHSMEGDAWgBQ3iRpHJKrGtdoA
BTKao6Wr6Hd51jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L040a2FSeVNxeHJYYUFBVXltcU9scS1oM2VkWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvZTEyOGUwLTAwYTYtNDY4OS05NWJlLTUyNGMyMTA5Y2IwNS8x
L25RbkJrOHU5NVVhWVlENjVOUWpFUERlRXhlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ZTEyOGUwLTAwYTYtNDY4OS05NWJlLTUyNGMyMTA5Y2IwNS8xL040a2FSeVNxeHJY
YUFBVXltcU9scS1oM2VkWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEALB30QMEArlaLDANBAIAAjAHAwUD
Kg//wDANBgkqhkiG9w0BAQsFAAOCAQEAqPMR3nG8WmesgIxm+rEuiCeJ/I08bU7e
1tDMLAPiBb7CP+2yZ/lWRp3OcV2s92fDyysX3y71tmqVsv+V7KpJYZ0WTT7pfPye
H70TGLYSbkZiWWh2pRDkzW22ixYKpeSjJvOIMRYKWNtNmsueH2g075TcZQbrIVYE
0iY47/ZMxN0fz0xe5yazJfbkQ0lEPeIc7tnLhpqYiczGW8x/QI0wmJ3PKkIGmQOC
rveo7Iix2okv7emdF3BkMeCkCbq2n6Ucb6V2lWNfQxxouDNs2QeDCLWME4eA2RLa
FhSGTPddFjRy8ga7vdkbk+cutH5Nx7eG7RFTPihHMW6hisT7cBfr/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:05 2024 by rpki-client on console-ams.rpki-client.org