Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/nnQtJKnP0kmzy47ebmJ7Vu8TVgo.roa
File: nnQtJKnP0kmzy47ebmJ7Vu8TVgo.roa (raw, json)
Hash identifier: TkN6xJkRP6cX2pQejVC3+oLUVV9QT2s42UxUsZh0Evo=
Subject key identifier: 9E:74:2D:24:A9:CF:D2:49:B3:CB:8E:DE:6E:62:7B:56:EF:13:56:0A
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01831E03B8407A8E1A42B9B616E9967C298E
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/nnQtJKnP0kmzy47ebmJ7Vu8TVgo.roa
Signing time: Thu 08 Sep 2022 16:51:43 +0000
ROA not before: Thu 08 Sep 2022 16:51:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.239.236.0/23 maxlen: 24
45.139.196.0/22 maxlen: 24
193.239.196.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1e:03:b8:40:7a:8e:1a:42:b9:b6:16:e9:96:7c:29:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Sep 8 16:51:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e742d24a9cfd249b3cb8ede6e627b56ef13560a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cc:5e:00:44:b9:ff:64:bd:41:67:ad:35:8b:
ad:35:0d:c1:06:fc:3d:82:48:9d:22:64:0b:21:91:
1b:eb:a3:f7:6f:f1:3f:71:5c:91:e8:5e:ea:f1:10:
00:7a:43:07:15:d1:66:bf:2d:a8:d3:e9:07:46:7a:
db:9f:1d:73:1d:8e:93:67:0b:3d:79:a7:f1:35:8c:
e7:a4:bd:ab:e3:b7:de:9f:bd:64:98:06:37:03:f1:
c1:d0:4e:ee:e2:73:9e:bb:22:59:d5:c1:82:4b:00:
8c:7f:cd:9d:c9:5e:b1:9a:7e:e4:59:2b:ff:26:83:
1f:70:db:ed:ce:55:78:45:90:7b:bb:d2:ec:a2:3f:
8e:4b:93:77:82:5f:a9:46:c6:76:62:81:4b:d1:5e:
7e:67:4c:a5:85:aa:f4:e5:e3:bb:38:ad:44:b3:9b:
7f:5e:41:26:37:a2:15:8b:a9:09:59:bc:7c:1b:76:
2f:13:73:ae:e6:d3:60:b6:45:bc:b6:dd:c6:33:18:
8c:21:44:27:47:1f:e9:75:40:79:67:1b:64:b9:f2:
53:25:7b:17:dd:9a:3e:97:94:53:1d:11:a5:6b:35:
a6:81:9d:d0:4c:21:d5:d4:71:b0:0c:c4:8e:05:6b:
b2:8c:41:35:0f:96:21:c1:4b:cd:96:4a:44:7f:54:
0c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:74:2D:24:A9:CF:D2:49:B3:CB:8E:DE:6E:62:7B:56:EF:13:56:0A
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/nnQtJKnP0kmzy47ebmJ7Vu8TVgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.196.0/22
193.239.196.0/23
193.239.236.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:1d:4f:6f:92:3d:42:07:fd:c8:34:62:41:5b:1d:a0:fe:a4:
b2:47:09:9e:f9:6d:50:7d:0a:d4:02:63:ef:48:19:cd:1a:5f:
94:0f:f6:e4:7a:a2:af:e6:d4:0f:f2:84:3f:cf:bf:51:22:3a:
4a:aa:32:df:8b:f6:1d:3c:08:1f:dd:a7:9a:5d:d8:a1:ce:2a:
b8:cc:3c:f4:53:64:ce:ad:0b:51:82:d1:93:b2:23:87:a9:43:
16:c5:02:6a:be:e9:77:8e:05:1c:a1:57:31:cf:3d:36:e6:e3:
c2:a0:a5:64:52:ee:29:ba:45:da:e6:ea:a1:79:de:c6:2e:bd:
56:c5:fd:20:01:00:89:5f:07:7b:a7:f9:b3:f4:ae:f4:52:a9:
15:26:b4:f3:6c:35:bf:94:dc:58:04:f1:80:a2:df:d9:4b:39:
a5:59:6e:a3:fb:cd:6b:17:ee:7e:f9:e2:d3:f5:bd:9b:48:26:
19:3a:3c:a4:23:7a:18:ec:29:f1:14:81:21:4a:73:a7:e9:44:
ad:2c:63:de:a6:d6:5d:28:4e:b5:8c:5b:c2:e7:e4:4d:06:f3:
bd:5c:c2:ea:16:ce:67:01:46:e8:14:5b:f2:0a:3f:58:30:eb:
ed:9c:61:2a:a9:bc:f8:b7:a3:f2:c5:b7:6a:a7:c2:61:71:68:
e9:65:0d:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMeA7hAeo4aQrm2FumWfCmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIwOTA4MTY1MTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTc0MmQyNGE5Y2ZkMjQ5YjNjYjhlZGU2ZTYyN2I1NmVmMTM1NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8xeAES5/2S9QWetNYutNQ3BBvw9
gkidImQLIZEb66P3b/E/cVyR6F7q8RAAekMHFdFmvy2o0+kHRnrbnx1zHY6TZws9
eafxNYznpL2r47fen71kmAY3A/HB0E7u4nOeuyJZ1cGCSwCMf82dyV6xmn7kWSv/
JoMfcNvtzlV4RZB7u9Lsoj+OS5N3gl+pRsZ2YoFL0V5+Z0ylhar05eO7OK1Es5t/
XkEmN6IVi6kJWbx8G3YvE3Ou5tNgtkW8tt3GMxiMIUQnRx/pdUB5ZxtkufJTJXsX
3Zo+l5RTHRGlazWmgZ3QTCHV1HGwDMSOBWuyjEE1D5YhwUvNlkpEf1QMtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ50LSSpz9JJs8uO3m5ie1bvE1YKMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvbm5RdEpLblAwa216eTQ3ZWJtSjdWdThUVmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYvEAwQB
we/EAwQBwe/sMA0GCSqGSIb3DQEBCwUAA4IBAQA8HU9vkj1CB/3INGJBWx2g/qSy
Rwme+W1QfQrUAmPvSBnNGl+UD/bkeqKv5tQP8oQ/z79RIjpKqjLfi/YdPAgf3aea
Xdihziq4zDz0U2TOrQtRgtGTsiOHqUMWxQJqvul3jgUcoVcxzz025uPCoKVkUu4p
ukXa5uqhed7GLr1Wxf0gAQCJXwd7p/mz9K70UqkVJrTzbDW/lNxYBPGAot/ZSzml
WW6j+81rF+5++eLT9b2bSCYZOjykI3oY7CnxFIEhSnOn6UStLGPeptZdKE61jFvC
5+RNBvO9XMLqFs5nAUboFFvyCj9YMOvtnGEqqbz4t6Pyxbdqp8JhcWjpZQ08
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org