Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/nCvSHNYSLuN3pNymcjQ4gNvbd5w.roa
File: nCvSHNYSLuN3pNymcjQ4gNvbd5w.roa (raw, json)
Hash identifier: GbnWt3NQpJKKLtVlxxT69bMuYy5KCr5ww6X9GwElCCM=
Subject key identifier: 9C:2B:D2:1C:D6:12:2E:E3:77:A4:DC:A6:72:34:38:80:DB:DB:77:9C
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0F9C4FE3
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/nCvSHNYSLuN3pNymcjQ4gNvbd5w.roa
Signing time: Sat 01 Jan 2022 00:51:05 +0000
ROA not before: Sat 01 Jan 2022 00:51:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25938
IP address blocks: 213.86.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261902307 (0xf9c4fe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 00:51:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c2bd21cd6122ee377a4dca672343880dbdb779c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:63:90:1f:2e:9f:b0:c5:65:9f:56:f9:3d:f7:
9b:06:cd:30:10:b4:97:85:d5:97:09:b0:12:05:94:
63:96:fd:26:1c:51:67:95:63:8a:8d:d0:14:52:11:
b0:23:9d:4a:8a:c5:77:32:65:fc:ae:56:a3:10:a1:
57:29:e8:20:23:86:22:7c:42:04:f6:9a:a5:c4:17:
16:20:be:ae:04:34:25:c5:e1:f4:da:49:28:07:2f:
fc:6d:15:4f:b2:df:e7:93:db:ac:29:e5:6a:1b:fe:
65:79:db:c9:66:0e:cc:f9:b6:94:bc:88:ba:f4:b7:
79:19:ad:ee:4c:1a:f0:1c:0e:54:9b:fd:7b:c7:90:
30:24:90:ea:d3:bb:f3:fa:c3:ad:99:99:ad:3d:d0:
80:fd:52:3f:b9:fa:20:ae:7b:3e:c0:e1:fe:09:c3:
0a:41:5b:e5:f2:41:a1:72:99:85:5e:5b:30:f0:69:
5f:04:8f:07:8e:4d:f9:a9:3b:80:4a:d4:13:10:1d:
90:4c:2e:5e:6e:fb:5e:1a:ea:fd:1e:31:f3:00:db:
6a:c1:7d:8b:1a:18:00:e2:af:c4:ed:93:e6:20:b9:
2b:31:f9:9e:6a:5b:7b:5f:2c:ca:96:1b:ee:f7:3b:
63:98:a8:51:0a:b1:ce:07:88:41:ad:96:b8:3b:5e:
2c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2B:D2:1C:D6:12:2E:E3:77:A4:DC:A6:72:34:38:80:DB:DB:77:9C
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/nCvSHNYSLuN3pNymcjQ4gNvbd5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.86.85.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ed:12:43:e5:51:0f:2e:9e:6b:2f:16:12:57:3d:9e:92:3d:
07:e1:f6:e4:c3:c0:9b:6e:41:ec:4a:a9:cc:2a:70:93:60:db:
79:5b:61:af:47:4d:15:34:20:2d:e1:27:9d:0e:ef:ff:7f:97:
7a:12:8a:47:f7:89:df:c5:92:31:bd:83:97:af:29:95:3c:85:
13:77:09:a1:03:29:f5:e5:6d:f0:df:18:47:7e:45:64:f1:a0:
2e:53:ae:6f:e2:2c:8c:32:3d:ea:20:23:de:8f:41:66:76:7e:
ce:16:c6:61:ac:53:ed:f5:ef:81:5c:5c:25:0e:c7:d9:6e:96:
c3:1d:af:30:41:e0:ca:ab:ba:93:51:7c:71:68:48:3b:d0:68:
60:ee:45:96:12:46:88:12:6c:4b:67:be:d1:53:40:14:09:2b:
ea:7b:ed:8d:ea:25:9a:2e:de:5e:0f:04:7f:27:ed:a9:92:45:
7d:e0:c8:bd:04:69:a8:f8:8d:9f:e7:b6:8a:de:65:b1:c4:bc:
82:44:6b:66:52:fa:e7:d0:19:f2:6f:c6:76:58:09:01:26:db:
7b:24:96:7f:51:6b:9f:72:b0:2d:bb:5e:9a:b5:eb:b6:29:20:
fe:20:16:b9:0c:94:9c:56:ef:12:a1:50:66:ea:b6:99:2b:db:
b9:ea:ee:29
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED5xP4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2Y4ZmZjMDg4NTkxZTRmMjQzYmFhZmEyMWI0Mjk4YmZiMzY2MDI2MB4XDTIyMDEw
MTAwNTEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMyYmQyMWNkNjEy
MmVlMzc3YTRkY2E2NzIzNDM4ODBkYmRiNzc5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdjkB8un7DFZZ9W+T33mwbNMBC0l4XVlwmwEgWUY5b9JhxR
Z5Vjio3QFFIRsCOdSorFdzJl/K5WoxChVynoICOGInxCBPaapcQXFiC+rgQ0JcXh
9NpJKAcv/G0VT7Lf55PbrCnlahv+ZXnbyWYOzPm2lLyIuvS3eRmt7kwa8BwOVJv9
e8eQMCSQ6tO78/rDrZmZrT3QgP1SP7n6IK57PsDh/gnDCkFb5fJBoXKZhV5bMPBp
XwSPB45N+ak7gErUExAdkEwuXm77Xhrq/R4x8wDbasF9ixoYAOKvxO2T5iC5KzH5
nmpbe18sypYb7vc7Y5ioUQqxzgeIQa2WuDteLHECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBScK9Ic1hIu43ek3KZyNDiA29t3nDAfBgNVHSMEGDAWgBRM+P/AiFkeTyQ7
qvohtCmL+zZgJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RQal93SWhaSGs4a082cjZJYlFwaV9zMllDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8x
L25DdlNITllTTHVOM3BOeW1jalE0Z052YmQ1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTBhMzljLWJlMDMtNDdiYi1iZGIzLWIzYjc4YjBiNjZlYS8xL1RQal93SWhaSGs4
a082cjZJYlFwaV9zMllDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVWVTANBgkqhkiG9w0BAQsFAAOC
AQEAY+0SQ+VRDy6eay8WElc9npI9B+H25MPAm25B7EqpzCpwk2DbeVthr0dNFTQg
LeEnnQ7v/3+XehKKR/eJ38WSMb2Dl68plTyFE3cJoQMp9eVt8N8YR35FZPGgLlOu
b+IsjDI96iAj3o9BZnZ+zhbGYaxT7fXvgVxcJQ7H2W6Wwx2vMEHgyqu6k1F8cWhI
O9BoYO5FlhJGiBJsS2e+0VNAFAkr6nvtjeolmi7eXg8EfyftqZJFfeDIvQRpqPiN
n+e2it5lscS8gkRrZlL659AZ8m/GdlgJASbbeySWf1Frn3KwLbtemrXrtikg/iAW
uQyUnFbvEqFQZuq2mSvbueruKQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org