Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NDScLG1bW7Hv3tiUKxeGW4l3t4E.roa
File: NDScLG1bW7Hv3tiUKxeGW4l3t4E.roa (raw, json)
Hash identifier: kzuFZh+OJ+PH9Wt3NRwzeDKDC3GUeKGdddbTW3PyFz0=
Subject key identifier: 34:34:9C:2C:6D:5B:5B:B1:EF:DE:D8:94:2B:17:86:5B:89:77:B7:81
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01850FDE1F4EF3BE05D4ACF81F91519B30A9
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NDScLG1bW7Hv3tiUKxeGW4l3t4E.roa
Signing time: Wed 14 Dec 2022 09:01:33 +0000
ROA not before: Wed 14 Dec 2022 09:01:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.90.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:de:1f:4e:f3:be:05:d4:ac:f8:1f:91:51:9b:30:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Dec 14 09:01:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34349c2c6d5b5bb1efded8942b17865b8977b781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c5:5a:53:dc:26:38:61:95:9c:aa:16:75:f1:
c4:a4:a4:75:2b:2d:51:e3:be:47:a7:43:51:a0:84:
fa:82:0d:db:c3:1c:ca:62:87:f3:71:77:47:4c:9c:
a1:72:59:9a:e4:5e:46:b8:38:72:71:cd:67:5b:fb:
82:45:85:4e:f9:0d:4c:a0:74:6c:6c:b7:c6:76:e2:
d6:3b:14:b5:82:5e:db:22:13:35:2f:d8:55:ca:b8:
4d:5c:70:c9:91:c6:0a:8c:9a:95:31:4d:73:6e:5c:
a1:7c:2d:68:39:db:e4:5f:e5:9a:49:38:d9:38:53:
ba:5e:ea:dc:72:7a:04:1e:64:57:a2:ec:b2:8c:6f:
e5:e1:7f:6e:97:0f:2b:20:1a:de:9b:87:ca:13:e9:
96:4e:c8:9a:2c:7a:b7:8f:7c:0f:dd:bc:bb:7b:80:
b1:8a:a4:18:ea:b8:5e:65:e3:61:ab:2b:70:cf:98:
44:88:5d:46:a2:ac:e4:e0:53:8e:ad:45:06:ce:34:
20:27:c7:3a:6d:b3:c4:b3:b1:2e:60:e5:b4:dd:05:
2d:fe:51:75:69:1f:2f:fe:51:cc:b9:3e:09:a4:e6:
45:7f:2e:b3:79:59:ab:b1:6f:80:e7:63:63:4d:55:
18:38:91:32:0f:a5:d2:71:7c:36:42:a6:0c:7a:2e:
22:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:34:9C:2C:6D:5B:5B:B1:EF:DE:D8:94:2B:17:86:5B:89:77:B7:81
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/NDScLG1bW7Hv3tiUKxeGW4l3t4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.138.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:30:3c:a8:30:d8:53:ae:82:a6:e6:3a:36:00:5c:2e:a6:16:
26:a6:c3:c2:88:f8:3d:d6:86:b9:11:64:18:29:ba:ea:8c:b0:
13:ad:51:7e:d3:7c:63:88:ac:ee:45:15:a3:26:05:7c:7e:a7:
8b:78:d1:4c:a6:de:72:b4:61:23:7f:67:ac:09:2e:81:ce:10:
8b:d9:58:d1:48:48:cb:29:ad:8d:a6:37:fe:4e:94:e3:d9:32:
a6:1b:cb:a0:0b:53:34:26:a3:a2:81:87:1e:89:89:5e:11:67:
05:c8:32:c5:d7:bf:e1:02:f1:6d:6f:24:a1:d1:63:33:b4:df:
a1:c9:49:38:28:69:37:b0:34:4a:0b:18:e8:86:4c:65:22:66:
10:1f:04:a5:68:32:89:01:07:54:d3:bf:fa:d0:05:76:59:ab:
8a:75:b0:00:8f:db:14:e3:de:73:c8:75:dd:b7:92:4c:17:d2:
a4:5b:cb:31:22:e6:2f:87:5f:5c:d7:1f:6d:a3:1a:f2:4e:39:
ef:17:70:ee:73:95:e3:4b:09:80:80:b3:55:4f:7e:9f:ca:c5:
a2:05:9a:50:e8:fd:97:e6:52:c1:cb:ab:fd:ae:02:32:51:a6:
35:d0:c9:50:c9:d7:08:3b:67:55:bd:3d:1c:f1:b8:73:5e:19:
35:20:2c:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUP3h9O874F1Kz4H5FRmzCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjIxMjE0MDkwMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM0OWMyYzZkNWI1YmIxZWZkZWQ4OTQyYjE3ODY1Yjg5NzdiNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsVaU9wmOGGVnKoWdfHEpKR1Ky1R
475Hp0NRoIT6gg3bwxzKYofzcXdHTJyhclma5F5GuDhycc1nW/uCRYVO+Q1MoHRs
bLfGduLWOxS1gl7bIhM1L9hVyrhNXHDJkcYKjJqVMU1zblyhfC1oOdvkX+WaSTjZ
OFO6XurccnoEHmRXouyyjG/l4X9ulw8rIBrem4fKE+mWTsiaLHq3j3wP3by7e4Cx
iqQY6rheZeNhqytwz5hEiF1Goqzk4FOOrUUGzjQgJ8c6bbPEs7EuYOW03QUt/lF1
aR8v/lHMuT4JpOZFfy6zeVmrsW+A52NjTVUYOJEyD6XScXw2QqYMei4ijwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQ0nCxtW1ux797YlCsXhluJd7eBMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvTkRTY0xHMWJXN0h2M3RpVUt4ZUdXNGwzdDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqKMA0G
CSqGSIb3DQEBCwUAA4IBAQBuMDyoMNhTroKm5jo2AFwuphYmpsPCiPg91oa5EWQY
KbrqjLATrVF+03xjiKzuRRWjJgV8fqeLeNFMpt5ytGEjf2esCS6BzhCL2VjRSEjL
Ka2Npjf+TpTj2TKmG8ugC1M0JqOigYceiYleEWcFyDLF17/hAvFtbySh0WMztN+h
yUk4KGk3sDRKCxjohkxlImYQHwSlaDKJAQdU07/60AV2WauKdbAAj9sU495zyHXd
t5JMF9KkW8sxIuYvh19c1x9toxryTjnvF3Duc5XjSwmAgLNVT36fysWiBZpQ6P2X
5lLBy6v9rgIyUaY10MlQydcIO2dVvT0c8bhzXhk1ICxl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:08 2023 by rpki-client on console-ams.rpki-client.org