Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/N1IN8lxwbldqLnsuG9shO81U7TM.roa
File: N1IN8lxwbldqLnsuG9shO81U7TM.roa (raw, json)
Hash identifier: PIxCJY9V+ecY6H5szarufVy5HaVckZnlqG4xKjf1aUo=
Subject key identifier: 37:52:0D:F2:5C:70:6E:57:6A:2E:7B:2E:1B:DB:21:3B:CD:54:ED:33
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01837776F5CB2E1549DB27782934329EF850
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/N1IN8lxwbldqLnsuG9shO81U7TM.roa
Signing time: Mon 26 Sep 2022 01:43:48 +0000
ROA not before: Mon 26 Sep 2022 01:43:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 188.209.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:77:76:f5:cb:2e:15:49:db:27:78:29:34:32:9e:f8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Sep 26 01:43:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37520df25c706e576a2e7b2e1bdb213bcd54ed33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:06:ca:21:7a:ff:9b:2d:9f:da:46:d1:e6:30:
1a:48:0d:c9:74:a9:28:25:67:9e:4a:b0:be:4b:35:
6e:8b:18:d8:ca:1c:e6:a2:a2:c2:04:69:09:d4:d7:
c4:5c:37:27:ab:51:e6:71:af:e2:61:bc:b0:27:34:
89:b3:d9:5c:5a:26:a4:18:80:38:53:0d:e7:b4:cf:
b2:d0:10:fd:17:26:21:b2:d9:42:e7:90:3c:cd:76:
ca:2b:1a:d1:c8:d0:66:bb:80:08:30:09:08:22:d9:
e6:a8:f8:5a:f9:09:b2:7f:a7:a5:4e:90:39:a4:89:
8b:a8:c0:d0:f0:db:35:1f:54:6b:b0:05:24:b2:68:
c9:7e:69:36:7f:9a:ae:94:b6:63:44:aa:55:b2:e1:
fa:94:39:fa:8e:84:31:b7:1f:34:bc:1e:53:e1:43:
93:b7:b4:50:ef:33:cf:cb:8f:ae:2f:4b:d4:26:ad:
73:10:e1:d2:aa:bf:05:7d:d7:36:17:d2:09:e2:39:
31:0f:fb:74:87:13:01:14:08:60:91:a0:f3:c3:28:
4b:26:16:71:18:7d:31:f2:65:31:68:30:8a:66:b9:
c4:10:87:0a:4a:a4:95:20:fe:11:7f:f2:5b:ba:d9:
93:4f:ec:66:21:fb:70:15:af:eb:db:cb:42:ac:48:
08:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:52:0D:F2:5C:70:6E:57:6A:2E:7B:2E:1B:DB:21:3B:CD:54:ED:33
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/N1IN8lxwbldqLnsuG9shO81U7TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.136.0/22
Signature Algorithm: sha256WithRSAEncryption
07:07:e4:08:95:b2:e5:92:08:a7:1e:6e:38:25:5e:40:73:1c:
2e:e2:45:2d:34:6a:b1:42:ab:a3:ef:13:c2:d5:b1:7d:ce:08:
19:3f:9d:c5:b3:cc:89:6f:2a:2e:4e:e3:d3:23:08:2d:cc:44:
cb:86:3b:3f:65:14:c2:19:36:61:2c:d0:ec:4a:99:cd:5c:13:
f6:b3:1f:9f:e6:73:4e:5e:6c:7f:05:4b:ac:4d:b3:66:a6:b3:
db:b6:58:bd:4e:18:52:a6:c6:28:e7:e4:81:13:96:43:39:5c:
92:f2:03:36:9a:c2:d4:4c:b5:98:ee:67:6c:50:56:c2:9b:ff:
be:ae:f8:a8:f1:7e:32:a2:58:59:58:4c:55:55:a5:1b:6b:74:
af:47:52:ec:57:52:b1:1c:c0:b7:e4:ed:0a:58:2f:31:01:98:
4e:38:65:c2:77:a5:22:4c:b3:57:17:a1:8a:66:0d:72:95:26:
49:de:9e:18:98:83:85:db:58:ab:33:3e:64:f1:70:35:37:c0:
15:47:05:2f:9a:98:3d:21:10:a2:d9:69:63:dc:99:c4:5f:85:
da:40:fa:cc:86:4f:89:55:fc:2d:e4:cd:05:c3:2b:da:7b:dc:
49:89:43:18:2c:4d:57:6d:00:1d:53:84:5f:69:94:1a:4b:42:
09:ca:18:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN3dvXLLhVJ2yd4KTQynvhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIwOTI2MDE0MzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUyMGRmMjVjNzA2ZTU3NmEyZTdiMmUxYmRiMjEzYmNkNTRlZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggbKIXr/my2f2kbR5jAaSA3JdKko
JWeeSrC+SzVuixjYyhzmoqLCBGkJ1NfEXDcnq1Hmca/iYbywJzSJs9lcWiakGIA4
Uw3ntM+y0BD9FyYhstlC55A8zXbKKxrRyNBmu4AIMAkIItnmqPha+Qmyf6elTpA5
pImLqMDQ8Ns1H1RrsAUksmjJfmk2f5qulLZjRKpVsuH6lDn6joQxtx80vB5T4UOT
t7RQ7zPPy4+uL0vUJq1zEOHSqr8Ffdc2F9IJ4jkxD/t0hxMBFAhgkaDzwyhLJhZx
GH0x8mUxaDCKZrnEEIcKSqSVIP4Rf/JbutmTT+xmIftwFa/r28tCrEgIDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDdSDfJccG5Xai57LhvbITvNVO0zMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTjFJTjhseHdibGRxTG5zdUc5c2hPODFVN1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGIMA0G
CSqGSIb3DQEBCwUAA4IBAQAHB+QIlbLlkginHm44JV5Acxwu4kUtNGqxQquj7xPC
1bF9zggZP53Fs8yJbyouTuPTIwgtzETLhjs/ZRTCGTZhLNDsSpnNXBP2sx+f5nNO
Xmx/BUusTbNmprPbtli9ThhSpsYo5+SBE5ZDOVyS8gM2msLUTLWY7mdsUFbCm/++
rvio8X4yolhZWExVVaUba3SvR1LsV1KxHMC35O0KWC8xAZhOOGXCd6UiTLNXF6GK
Zg1ylSZJ3p4YmIOF21irMz5k8XA1N8AVRwUvmpg9IRCi2Wlj3JnEX4XaQPrMhk+J
Vfwt5M0Fwyvae9xJiUMYLE1XbQAdU4RfaZQaS0IJyhik
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org