Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NUXKDYK5wDzOQGnMd_gOHlBjSXg.roa
File: NUXKDYK5wDzOQGnMd_gOHlBjSXg.roa (raw, json)
Hash identifier: PjnuHjQHUgcBnNKFj3H2Rb6ZF55uC9Q76PzNUj3kLbE=
Subject key identifier: 35:45:CA:0D:82:B9:C0:3C:CE:40:69:CC:77:F8:0E:1E:50:63:49:78
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 084C511F
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NUXKDYK5wDzOQGnMd_gOHlBjSXg.roa
Signing time: Sat 01 Jan 2022 13:06:41 +0000
ROA not before: Sat 01 Jan 2022 13:06:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25084
IP address blocks: 212.87.240.0/23 maxlen: 23
212.87.244.0/22 maxlen: 22
2a01:699::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139219231 (0x84c511f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 13:06:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3545ca0d82b9c03cce4069cc77f80e1e50634978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:64:12:e3:e2:96:ef:07:3f:b1:b4:2a:b1:93:
72:93:04:11:cd:48:d1:12:57:51:8a:d7:75:13:5c:
02:58:f1:a0:75:86:b6:28:77:0d:78:82:1b:4b:cd:
13:a9:71:8f:95:a4:33:48:57:66:b1:40:bc:03:d0:
63:93:c2:be:b9:ef:80:ea:ef:1e:a2:dd:ec:e0:fd:
d7:78:15:69:49:e7:e0:ef:0f:50:a5:7e:8e:a7:49:
19:81:79:85:63:eb:d5:1a:e1:ce:12:5e:06:44:64:
2e:ed:00:9d:4b:66:65:93:e7:12:8a:d5:56:dc:fa:
67:67:a7:bd:a4:66:0f:0f:e8:52:cd:99:54:d5:ac:
8c:32:5c:6d:1b:67:94:99:51:de:7b:09:c4:d3:f3:
50:db:78:86:d6:cc:ee:fe:67:38:05:0e:e4:68:62:
87:96:52:65:9b:d0:c3:58:bb:e0:e4:b9:38:28:6b:
f8:6d:e2:91:70:2c:ce:9e:76:7a:de:8a:fe:90:cf:
76:59:69:fd:25:2a:71:37:ca:07:7c:57:90:36:8c:
ef:48:7c:94:4f:fa:c3:2b:4e:18:0a:55:d4:22:17:
93:68:19:ae:36:50:7d:04:28:fc:71:4e:fd:07:47:
b4:ac:9b:dd:33:50:8c:5c:af:51:a2:39:bf:03:13:
67:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:45:CA:0D:82:B9:C0:3C:CE:40:69:CC:77:F8:0E:1E:50:63:49:78
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NUXKDYK5wDzOQGnMd_gOHlBjSXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.240.0/23
212.87.244.0/22
IPv6:
2a01:699::/32
Signature Algorithm: sha256WithRSAEncryption
44:4b:da:bd:e1:72:a8:f3:35:73:73:10:15:32:96:ca:ad:8c:
37:02:7c:11:f5:37:66:d2:15:a7:c0:dc:83:eb:d0:59:53:60:
35:c8:a7:1f:4b:0b:f3:6d:e5:11:9d:3a:10:5d:33:27:ed:ad:
98:cd:67:49:9f:83:99:d1:e4:24:45:9e:d6:53:28:0a:9a:7e:
6e:f8:dc:a5:ad:cd:98:15:fe:0f:cb:37:d9:b1:b6:d7:69:75:
27:ac:c5:bb:f9:60:67:00:1c:03:50:6e:dc:c0:de:80:a9:e8:
a9:e3:e2:fe:a3:bf:9e:cb:37:e9:ab:0a:da:0c:14:41:5c:12:
c5:ea:fd:6d:e7:c2:7a:19:11:f6:53:54:d3:19:b9:10:08:d8:
20:7d:dd:00:7a:17:06:1e:94:99:b4:74:ce:80:44:a2:fe:4b:
35:f4:f6:85:a7:22:71:13:91:6d:bc:df:d9:a6:c4:27:0f:55:
cc:35:7a:0d:68:b6:82:4f:7b:ae:e3:38:cb:de:9a:b8:6f:ec:
9c:6a:ca:4d:5e:1c:0e:4f:33:c7:96:2b:1d:e3:89:ce:44:80:
ff:aa:aa:a1:58:90:e7:7f:d6:5d:26:7c:a3:9c:62:e7:ec:37:
59:71:c8:9e:5e:29:4e:34:39:8d:36:cf:6c:98:2c:bf:c1:01:
02:74:3c:e5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECExRHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDJhYTk2MWI0NzdkNTQyM2Q4NWI3ZDQzZjNlZmEyNjMyNmQ3MDkwMB4XDTIyMDEw
MTEzMDY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU0NWNhMGQ4MmI5
YzAzY2NlNDA2OWNjNzdmODBlMWU1MDYzNDk3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1kEuPilu8HP7G0KrGTcpMEEc1I0RJXUYrXdRNcAljxoHWG
tih3DXiCG0vNE6lxj5WkM0hXZrFAvAPQY5PCvrnvgOrvHqLd7OD913gVaUnn4O8P
UKV+jqdJGYF5hWPr1RrhzhJeBkRkLu0AnUtmZZPnEorVVtz6Z2envaRmDw/oUs2Z
VNWsjDJcbRtnlJlR3nsJxNPzUNt4htbM7v5nOAUO5Ghih5ZSZZvQw1i74OS5OChr
+G3ikXAszp52et6K/pDPdllp/SUqcTfKB3xXkDaM70h8lE/6wytOGApV1CIXk2gZ
rjZQfQQo/HFO/QdHtKyb3TNQjFyvUaI5vwMTZ8sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ1RcoNgrnAPM5Aacx3+A4eUGNJeDAfBgNVHSMEGDAWgBSwKqlhtHfVQj2F
t9Q/PvomMm1wkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NDcXBZYlIzMVVJOWhiZlVQejc2SmpKdGNKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzgvMDE0ODRjLTVmMjgtNDJmNS1iOWVhLTA3ODdhNTAzY2E2OS8x
L05VWEtEWUs1d0R6T1FHbk1kX2dPSGxCalNYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzgv
MDE0ODRjLTVmMjgtNDJmNS1iOWVhLTA3ODdhNTAzY2E2OS8xL3NDcXBZYlIzMVVJ
OWhiZlVQejc2SmpKdGNKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAdRX8AMEAtRX9DANBAIAAjAHAwUA
KgEGmTANBgkqhkiG9w0BAQsFAAOCAQEAREvaveFyqPM1c3MQFTKWyq2MNwJ8EfU3
ZtIVp8Dcg+vQWVNgNcinH0sL823lEZ06EF0zJ+2tmM1nSZ+DmdHkJEWe1lMoCpp+
bvjcpa3NmBX+D8s32bG212l1J6zFu/lgZwAcA1Bu3MDegKnoqePi/qO/nss36asK
2gwUQVwSxer9befCehkR9lNU0xm5EAjYIH3dAHoXBh6UmbR0zoBEov5LNfT2haci
cRORbbzf2abEJw9VzDV6DWi2gk97ruM4y96auG/snGrKTV4cDk8zx5YrHeOJzkSA
/6qqoViQ53/WXSZ8o5xi5+w3WXHInl4pTjQ5jTbPbJgsv8EBAnQ85Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-fra.rpki-client.org