Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/NCQDbm8TvS9x5x64U1G75oD_8uQ.roa
File: NCQDbm8TvS9x5x64U1G75oD_8uQ.roa (raw, json)
Hash identifier: HaDxRclflNKbZ6bmc12C3SF61bIGNUK511DDnsqqwS8=
Subject key identifier: 34:24:03:6E:6F:13:BD:2F:71:E7:1E:B8:53:51:BB:E6:80:FF:F2:E4
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 05743319
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/NCQDbm8TvS9x5x64U1G75oD_8uQ.roa
Signing time: Sat 01 Jan 2022 15:07:25 +0000
ROA not before: Sat 01 Jan 2022 15:07:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395111
IP address blocks: 85.203.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91501337 (0x5743319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3424036e6f13bd2f71e71eb85351bbe680fff2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:99:92:0f:59:a2:2a:84:27:7b:ca:1b:a8:
50:3d:a4:85:71:1d:a8:d9:33:81:f6:83:3e:31:16:
da:30:c9:46:22:a6:a8:bf:0b:5b:b6:b7:ca:21:6f:
8f:72:47:62:81:ba:b3:12:da:f8:d3:f2:0b:e1:a5:
cd:cb:6a:89:53:73:a3:4d:76:77:62:99:f7:58:e9:
bf:5d:b8:a2:ab:b5:4a:f9:59:13:bf:6c:5c:61:70:
82:46:b5:96:02:d6:71:b4:a1:56:ad:70:b0:09:00:
b9:d3:4b:fc:23:0c:79:d9:4a:58:3a:bf:4c:6d:0f:
fb:fb:61:ca:58:a0:0e:72:32:41:01:b1:91:2b:a1:
f8:a9:b8:94:f0:04:b0:6d:e5:be:1f:72:5b:94:1f:
dc:96:35:10:bd:20:b0:e7:24:36:c5:bd:b1:f2:0a:
6d:bc:1a:91:1b:f3:c0:7e:a4:22:a2:61:92:aa:01:
f3:c0:2d:58:c1:e0:ac:95:2b:92:28:6e:28:ad:4c:
0b:06:8e:3e:34:91:42:17:91:2a:4e:53:c3:2a:e8:
d7:c8:b3:a4:ca:a8:4b:e3:e3:9a:ba:96:1b:2a:9b:
69:bc:33:33:9a:c0:2d:bf:40:c0:b4:0f:7f:06:65:
27:30:33:6f:81:1a:90:a4:74:89:39:80:8d:bc:75:
04:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:24:03:6E:6F:13:BD:2F:71:E7:1E:B8:53:51:BB:E6:80:FF:F2:E4
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/NCQDbm8TvS9x5x64U1G75oD_8uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.27.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:83:7a:e0:38:a9:a9:4b:c4:28:7c:46:a4:a2:ca:bb:bb:cd:
6c:ce:0e:e0:2a:71:bc:d3:70:72:d7:3e:60:56:e4:02:c4:7a:
c1:d9:e1:2a:eb:d2:cf:20:81:5a:57:03:f4:e8:eb:e2:a6:9e:
ba:91:4b:45:3d:b5:ae:12:46:aa:be:9a:95:23:66:e4:97:2b:
18:a2:25:72:d5:35:31:ed:7c:3b:8b:21:51:d5:3c:e6:b4:35:
e0:24:d0:4f:02:1f:86:3f:58:1a:6b:db:07:46:ca:e1:75:9b:
38:98:d4:6d:13:0c:82:5b:7f:5a:ff:a1:72:64:1f:24:02:b5:
eb:70:70:b1:01:1b:a4:6e:6f:35:3d:d0:58:01:79:04:3c:2b:
d7:3c:dc:04:c9:bc:b7:77:c2:fb:20:60:3a:e1:be:11:db:fa:
24:0e:84:d2:bc:8d:85:ad:e0:30:46:f0:dd:f9:e6:ee:9b:ca:
d4:99:51:35:76:0b:40:61:8f:a8:a9:e3:3e:20:99:c0:bd:56:
ff:20:69:9c:4c:d8:81:32:d9:4a:0d:94:6c:a6:42:d3:b0:e0:
6c:96:f8:90:7f:bc:9b:90:80:2b:75:96:1f:6a:2b:fb:29:53:
d7:02:ff:fe:bc:01:8e:a3:f8:64:98:14:3e:80:1d:99:89:bc:
19:05:a8:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXQzGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQyNDAzNmU2ZjEz
YmQyZjcxZTcxZWI4NTM1MWJiZTY4MGZmZjJlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJImZIPWaIqhCd7yhuoUD2khXEdqNkzgfaDPjEW2jDJRiKm
qL8LW7a3yiFvj3JHYoG6sxLa+NPyC+GlzctqiVNzo012d2KZ91jpv124oqu1SvlZ
E79sXGFwgka1lgLWcbShVq1wsAkAudNL/CMMedlKWDq/TG0P+/thyligDnIyQQGx
kSuh+Km4lPAEsG3lvh9yW5Qf3JY1EL0gsOckNsW9sfIKbbwakRvzwH6kIqJhkqoB
88AtWMHgrJUrkihuKK1MCwaOPjSRQheRKk5Twyro18izpMqoS+PjmrqWGyqbabwz
M5rALb9AwLQPfwZlJzAzb4EakKR0iTmAjbx1BGECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0JANubxO9L3HnHrhTUbvmgP/y5DAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L05DUURibThUdlM5eDV4NjRVMUc3NW9EXzh1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXLGzANBgkqhkiG9w0BAQsFAAOC
AQEAL4N64DipqUvEKHxGpKLKu7vNbM4O4CpxvNNwctc+YFbkAsR6wdnhKuvSzyCB
WlcD9Ojr4qaeupFLRT21rhJGqr6alSNm5JcrGKIlctU1Me18O4shUdU85rQ14CTQ
TwIfhj9YGmvbB0bK4XWbOJjUbRMMglt/Wv+hcmQfJAK163BwsQEbpG5vNT3QWAF5
BDwr1zzcBMm8t3fC+yBgOuG+Edv6JA6E0ryNha3gMEbw3fnm7pvK1JlRNXYLQGGP
qKnjPiCZwL1W/yBpnEzYgTLZSg2UbKZC07DgbJb4kH+8m5CAK3WWH2or+ylT1wL/
/rwBjqP4ZJgUPoAdmYm8GQWobA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:50 2023 by rpki-client on console-ams.rpki-client.org