Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/nvQhWY8bjL5qMeaT-3hjw7dQkvM.roa
File: nvQhWY8bjL5qMeaT-3hjw7dQkvM.roa (raw, json)
Hash identifier: n2Yngo107RUmpbjwyBkUt5XohYv3Z5Ly7gSwdl7mKKI=
Subject key identifier: 9E:F4:21:59:8F:1B:8C:BE:6A:31:E6:93:FB:78:63:C3:B7:50:92:F3
Certificate issuer: /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial: 01852F325720AC54D287ACB63D95CB262C22
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/nvQhWY8bjL5qMeaT-3hjw7dQkvM.roa
Signing time: Tue 20 Dec 2022 11:01:46 +0000
ROA not before: Tue 20 Dec 2022 11:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12349
IP address blocks: 164.59.128.0/23 maxlen: 24
164.59.130.0/24 maxlen: 24
164.59.136.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:32:57:20:ac:54:d2:87:ac:b6:3d:95:cb:26:2c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Validity
Not Before: Dec 20 11:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ef421598f1b8cbe6a31e693fb7863c3b75092f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:97:c1:8e:89:a3:2d:85:92:fe:3b:e9:f7:53:
3f:3d:d4:33:5d:e9:c6:18:55:f8:71:a6:01:17:54:
23:bb:a1:0b:40:1b:8a:99:77:61:50:74:1f:79:92:
7a:b8:9f:5f:cf:53:39:74:ae:87:e2:de:6b:d0:8c:
c0:25:49:ed:b4:f1:e6:28:3b:55:43:0a:97:21:17:
98:af:fc:0b:ac:11:d8:8a:44:6d:91:51:7e:13:e8:
4b:5e:08:85:04:10:c9:6b:12:7d:97:30:2f:1f:a8:
81:96:55:0d:b4:1b:b2:b5:20:98:1f:ec:13:73:59:
e8:94:2a:a2:3d:38:77:4b:52:69:a2:9f:ff:6e:95:
df:86:3c:89:5f:16:5c:e0:86:0c:1c:e3:a2:44:f8:
be:29:57:ad:e5:c5:3b:5c:05:c0:c7:8e:8e:2e:6e:
a5:12:60:c7:5a:29:c4:34:c8:c9:e2:a5:29:82:e7:
61:b3:45:85:f1:82:f6:34:65:b0:ca:1c:20:fa:70:
0c:6d:a2:35:07:08:f4:89:8a:b5:72:de:71:52:c2:
2c:08:1a:0e:15:fa:1f:df:70:60:0b:e9:78:79:69:
7c:a8:4f:70:81:46:fd:b6:12:88:29:f4:74:4d:e7:
bd:6c:0b:54:93:2d:b0:b0:ec:38:c6:5e:ff:4d:ec:
95:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F4:21:59:8F:1B:8C:BE:6A:31:E6:93:FB:78:63:C3:B7:50:92:F3
X509v3 Authority Key Identifier:
keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/nvQhWY8bjL5qMeaT-3hjw7dQkvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.59.128.0-164.59.130.255
164.59.136.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:de:ca:19:60:e6:6d:d9:4e:79:25:5d:6c:39:44:9c:29:64:
cf:4b:ff:81:14:95:9a:4b:1c:33:fe:b0:a3:d3:b3:d0:c7:c8:
90:08:9b:1c:3d:79:e9:67:eb:63:f5:21:b2:56:b2:e9:e9:f5:
6b:e2:d1:41:32:b9:1f:18:c3:98:a7:7f:b2:28:d4:f0:a9:e3:
a9:ac:6e:01:ad:93:bd:7d:5d:99:b5:d9:6a:80:fa:75:c9:f3:
b9:d5:e9:0e:94:90:35:57:99:3a:60:9f:d9:91:bc:f9:2d:72:
fa:c0:2a:ca:fd:c4:1d:7a:97:db:ed:25:02:e6:17:14:6d:07:
f0:a4:f9:bd:2f:57:51:65:27:be:e3:80:1c:6c:ba:c8:7d:e5:
74:9d:58:cb:00:a9:3b:e5:5e:e7:9f:04:10:a7:0f:ff:b8:30:
36:e2:77:3f:16:e6:c8:91:05:8a:a3:1a:2e:53:45:07:bd:e5:
f3:6b:33:1d:75:75:6c:2f:4f:16:a7:5f:b9:2a:c9:eb:3f:ae:
5d:41:30:07:32:18:5f:99:9b:10:04:31:a5:47:a5:18:44:f1:
e8:60:1c:81:14:ab:bf:41:0e:3e:9a:fb:58:21:9b:90:67:83:
68:b7:8d:ba:d1:73:8b:7f:c9:52:a3:3b:90:e8:b6:f4:77:d2:
39:25:3d:a4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYUvMlcgrFTSh6y2PZXLJiwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjIxMjIwMTEwMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWY0MjE1OThmMWI4Y2JlNmEzMWU2OTNmYjc4NjNjM2I3NTA5MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5fBjomjLYWS/jvp91M/PdQzXenG
GFX4caYBF1Qju6ELQBuKmXdhUHQfeZJ6uJ9fz1M5dK6H4t5r0IzAJUnttPHmKDtV
QwqXIReYr/wLrBHYikRtkVF+E+hLXgiFBBDJaxJ9lzAvH6iBllUNtBuytSCYH+wT
c1nolCqiPTh3S1Jpop//bpXfhjyJXxZc4IYMHOOiRPi+KVet5cU7XAXAx46OLm6l
EmDHWinENMjJ4qUpgudhs0WF8YL2NGWwyhwg+nAMbaI1Bwj0iYq1ct5xUsIsCBoO
Ffof33BgC+l4eWl8qE9wgUb9thKIKfR0Tee9bAtUky2wsOw4xl7/TeyVpQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ70IVmPG4y+ajHmk/t4Y8O3UJLzMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvbnZRaFdZOGJqTDVxTWVhVC0zaGp3N2RRa3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAekO4AD
BACkO4IDBAOkO4gwDQYJKoZIhvcNAQELBQADggEBAKveyhlg5m3ZTnklXWw5RJwp
ZM9L/4EUlZpLHDP+sKPTs9DHyJAImxw9eeln62P1IbJWsunp9Wvi0UEyuR8Yw5in
f7Io1PCp46msbgGtk719XZm12WqA+nXJ87nV6Q6UkDVXmTpgn9mRvPktcvrAKsr9
xB16l9vtJQLmFxRtB/Ck+b0vV1FlJ77jgBxsush95XSdWMsAqTvlXuefBBCnD/+4
MDbidz8W5siRBYqjGi5TRQe95fNrMx11dWwvTxanX7kqyes/rl1BMAcyGF+ZmxAE
MaVHpRhE8ehgHIEUq79BDj6a+1ghm5Bng2i3jbrRc4t/yVKjO5DotvR30jklPaQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:33 2024 by rpki-client on console-ams.rpki-client.org