Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/nPLLPlyw2wazC6PBeiuCoJ-QNfs.roa
File: nPLLPlyw2wazC6PBeiuCoJ-QNfs.roa (raw, json)
Hash identifier: NIfEpOat3IKLnvvr5BjKH3l7CDc6fT3DCOg8tXlBLnc=
Subject key identifier: 9C:F2:CB:3E:5C:B0:DB:06:B3:0B:A3:C1:7A:2B:82:A0:9F:90:35:FB
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 018570B081845211F03A9D3C8A0EF062FD56
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/nPLLPlyw2wazC6PBeiuCoJ-QNfs.roa
Signing time: Mon 02 Jan 2023 04:14:53 +0000
ROA not before: Mon 02 Jan 2023 04:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42543
IP address blocks: 83.166.80.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:81:84:52:11:f0:3a:9d:3c:8a:0e:f0:62:fd:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jan 2 04:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cf2cb3e5cb0db06b30ba3c17a2b82a09f9035fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2e:0c:e9:67:de:85:6b:52:35:93:54:15:3a:
22:2c:a3:a8:ad:9d:18:dc:ee:e3:6a:fc:94:59:ba:
11:b5:35:eb:8c:c2:cf:d7:b1:d0:17:e3:95:81:5f:
e0:8f:d0:04:0c:54:06:0d:62:4c:5c:07:77:96:1e:
63:86:b1:26:f3:87:49:ba:b6:bb:91:a8:fb:ba:55:
f1:d1:5b:b7:2e:1a:20:a7:20:dd:3c:1b:e7:d4:34:
6c:30:de:8d:7a:b5:4b:a3:50:4d:19:f7:12:85:60:
da:76:d8:47:15:72:9b:f7:db:27:4e:fc:1b:36:d1:
94:2f:ac:a0:cb:38:fa:6f:1d:3b:f5:2f:1b:2d:10:
8f:50:79:bf:f0:02:ca:fa:b5:ea:6b:75:c4:ac:0f:
09:f2:51:af:42:e8:39:3e:35:9c:0f:47:b8:4c:49:
f1:5a:3a:c9:de:12:e7:a3:0d:90:55:73:23:c4:92:
b5:5f:26:b9:ac:46:9d:b9:44:ed:ae:d0:97:d4:e3:
e7:b0:ea:dd:e1:2a:e6:df:38:f1:b5:c5:99:32:db:
17:7c:69:2f:bb:d9:f1:d3:52:f4:b0:42:82:81:b1:
21:c1:77:f7:ee:92:59:8b:66:d1:ca:00:8d:f5:e9:
ef:36:d5:3f:3d:98:16:4b:7f:69:98:3e:90:44:05:
cb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F2:CB:3E:5C:B0:DB:06:B3:0B:A3:C1:7A:2B:82:A0:9F:90:35:FB
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/nPLLPlyw2wazC6PBeiuCoJ-QNfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.80.0/21
Signature Algorithm: sha256WithRSAEncryption
52:f1:9f:25:24:3b:5f:e0:62:76:3a:db:a8:5a:8b:ee:96:66:
52:fb:01:a5:3c:01:bf:30:86:a4:ff:27:e8:96:05:de:fb:6c:
01:4f:f6:33:62:fd:52:8c:ac:b3:21:5b:1c:23:b4:f7:e8:01:
dd:28:b0:85:73:80:cf:89:dd:ba:12:6d:f9:d9:dd:b9:1d:28:
90:20:8a:52:3a:49:a8:0d:f4:13:03:24:f5:d3:62:c6:bb:0c:
88:37:85:17:e0:92:0c:f1:13:3a:75:69:94:b4:c0:de:4e:12:
81:6d:01:99:14:e0:0c:75:67:d5:44:c8:1f:e6:6a:bc:92:10:
0c:fc:6f:9f:c3:a8:9b:d5:51:d4:03:cc:fc:61:96:f0:98:04:
e0:23:94:5e:ea:f7:03:66:a0:02:20:99:f7:89:d1:2c:4c:14:
ce:47:c5:7a:df:e9:53:bd:09:b6:bb:22:8f:93:55:ff:25:91:
69:0d:5f:04:fd:c6:49:8f:36:44:b4:cc:85:a4:02:ad:fe:e4:
f1:aa:b9:ac:e2:8c:2a:9c:97:df:a8:c2:a1:bc:73:51:d9:4b:
ee:8b:44:2b:08:09:56:63:33:50:f4:e1:18:6d:fd:2e:b9:9d:
37:0c:9d:cd:cc:fd:55:41:0f:80:f8:6d:7a:ea:2f:ad:27:a9:
85:55:b9:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwsIGEUhHwOp08ig7wYv1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2YyY2IzZTVjYjBkYjA2YjMwYmEzYzE3YTJiODJhMDlmOTAzNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy4M6WfehWtSNZNUFToiLKOorZ0Y
3O7javyUWboRtTXrjMLP17HQF+OVgV/gj9AEDFQGDWJMXAd3lh5jhrEm84dJura7
kaj7ulXx0Vu3LhogpyDdPBvn1DRsMN6NerVLo1BNGfcShWDadthHFXKb99snTvwb
NtGUL6ygyzj6bx079S8bLRCPUHm/8ALK+rXqa3XErA8J8lGvQug5PjWcD0e4TEnx
WjrJ3hLnow2QVXMjxJK1Xya5rEaduUTtrtCX1OPnsOrd4Srm3zjxtcWZMtsXfGkv
u9nx01L0sEKCgbEhwXf37pJZi2bRygCN9envNtU/PZgWS39pmD6QRAXLsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzyyz5csNsGswujwXorgqCfkDX7MB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvblBMTFBseXcyd2F6QzZQQmVpdUNvSi1RTmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU6ZQMA0G
CSqGSIb3DQEBCwUAA4IBAQBS8Z8lJDtf4GJ2OtuoWovulmZS+wGlPAG/MIak/yfo
lgXe+2wBT/YzYv1SjKyzIVscI7T36AHdKLCFc4DPid26Em352d25HSiQIIpSOkmo
DfQTAyT102LGuwyIN4UX4JIM8RM6dWmUtMDeThKBbQGZFOAMdWfVRMgf5mq8khAM
/G+fw6ib1VHUA8z8YZbwmATgI5Re6vcDZqACIJn3idEsTBTOR8V63+lTvQm2uyKP
k1X/JZFpDV8E/cZJjzZEtMyFpAKt/uTxqrms4owqnJffqMKhvHNR2Uvui0QrCAlW
YzNQ9OEYbf0uuZ03DJ3NzP1VQQ+A+G166i+tJ6mFVbmi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:38 2025 by rpki-client