Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/nNmjTQy_ArX990QNXQP3sDEuiWM.roa
File: nNmjTQy_ArX990QNXQP3sDEuiWM.roa (raw, json)
Hash identifier: 4PEjsPfMQihZNzHTxO9BioQaDeT5XPlCB9ELmqTIzNg=
Subject key identifier: 9C:D9:A3:4D:0C:BF:02:B5:FD:F7:44:0D:5D:03:F7:B0:31:2E:89:63
Certificate issuer: /CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
Certificate serial: 0184BE2F97E378E6F2C60B347E5727BF5D80
Authority key identifier: 3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/nNmjTQy_ArX990QNXQP3sDEuiWM.roa
Signing time: Mon 28 Nov 2022 12:21:40 +0000
ROA not before: Mon 28 Nov 2022 12:21:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 194.49.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:2f:97:e3:78:e6:f2:c6:0b:34:7e:57:27:bf:5d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
Validity
Not Before: Nov 28 12:21:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cd9a34d0cbf02b5fdf7440d5d03f7b0312e8963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:7b:96:c7:47:49:0c:65:c1:25:68:11:90:
c8:a8:0c:d7:5d:0a:52:8f:bb:b1:04:42:5f:69:c7:
6d:69:c4:4b:fc:d6:bb:d8:2c:90:e5:c5:d5:ec:ca:
bf:55:e5:2c:c4:67:f4:7c:73:a1:c9:27:f3:68:1e:
b7:78:8e:6e:22:5b:2a:a4:dd:92:d3:a0:38:08:36:
3f:d8:8e:21:a2:25:c1:ed:4e:a7:c7:20:ea:fe:05:
e3:9c:76:69:3a:e9:a2:ac:91:52:42:ca:3d:5d:48:
c4:52:24:d2:7f:8e:e3:b5:77:09:b4:82:5a:fc:2f:
27:83:15:41:6c:1f:10:9e:4c:a4:f8:12:f5:5d:4b:
c4:66:c3:f4:8c:a4:e2:48:75:98:f8:09:40:e1:88:
09:44:b3:f1:9f:1a:a9:8f:4d:34:ba:fb:5f:75:85:
d9:f2:c1:38:f4:32:bc:bb:ea:57:19:20:87:c6:c7:
ab:fb:12:36:ce:a3:5b:8f:07:fc:d8:f9:0a:45:81:
2b:c0:f7:62:ff:14:6f:29:f5:db:d6:1f:d3:68:91:
21:f4:06:da:f6:38:5d:87:96:c7:2d:c1:38:56:d5:
52:4a:45:a4:2b:e1:9b:c5:be:5f:80:bc:d4:aa:1b:
ba:41:90:c5:a9:a6:3f:66:f0:93:46:e6:66:89:f1:
b5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D9:A3:4D:0C:BF:02:B5:FD:F7:44:0D:5D:03:F7:B0:31:2E:89:63
X509v3 Authority Key Identifier:
keyid:3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/nNmjTQy_ArX990QNXQP3sDEuiWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/PfopNoyL5pyO3Vqhk1V_y6Klfsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.59.0/24
Signature Algorithm: sha256WithRSAEncryption
31:55:db:79:ab:fd:b1:56:3f:8b:c4:6e:58:14:6e:28:92:c4:
18:c6:32:ec:9f:ce:a6:c6:9a:b1:62:a0:d4:a3:5f:ca:4b:1e:
5a:7e:c2:9a:5d:03:d9:af:cb:e0:e1:62:b5:91:59:8e:c6:44:
bf:71:13:57:ae:d2:d7:98:2b:df:42:16:e2:c9:69:eb:ea:6f:
58:61:6b:0f:89:e6:6b:19:03:3e:03:6f:49:a8:93:b9:0b:b5:
be:c8:4e:3f:c9:2e:67:57:01:ad:f0:2e:ee:ee:84:02:96:14:
2d:6c:ff:1c:72:5e:2a:ca:30:ce:09:f4:db:5b:83:8a:69:af:
02:04:e7:bb:0e:ea:f9:86:4e:03:d9:57:bf:8a:3d:ed:7f:14:
8c:98:6a:9a:85:65:d1:f2:ab:08:08:4a:0b:68:eb:a2:18:c5:
e4:c5:c7:bb:c9:11:84:96:2d:fe:07:a3:6d:cf:87:d4:5b:8c:
d1:7f:23:52:38:9a:3d:75:27:29:20:ee:15:12:9d:ab:31:ed:
3f:3b:13:2b:04:72:5c:77:b4:69:e5:3b:dc:0e:1d:5d:08:ba:
1d:7f:58:0c:f0:18:26:f7:58:9b:04:fa:48:0a:b7:d4:34:ad:
e8:0e:70:86:0e:4a:5c:f0:96:b9:69:56:6f:76:07:4c:8d:a8:
22:01:cc:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+L5fjeObyxgs0flcnv12AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZmEyOTM2OGM4YmU2OWM4ZWRkNWFhMTkzNTU3ZmNiYTJh
NTdlYzgwHhcNMjIxMTI4MTIyMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q5YTM0ZDBjYmYwMmI1ZmRmNzQ0MGQ1ZDAzZjdiMDMxMmU4OTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTB7lsdHSQxlwSVoEZDIqAzXXQpS
j7uxBEJfacdtacRL/Na72CyQ5cXV7Mq/VeUsxGf0fHOhySfzaB63eI5uIlsqpN2S
06A4CDY/2I4hoiXB7U6nxyDq/gXjnHZpOumirJFSQso9XUjEUiTSf47jtXcJtIJa
/C8ngxVBbB8Qnkyk+BL1XUvEZsP0jKTiSHWY+AlA4YgJRLPxnxqpj000uvtfdYXZ
8sE49DK8u+pXGSCHxser+xI2zqNbjwf82PkKRYErwPdi/xRvKfXb1h/TaJEh9Aba
9jhdh5bHLcE4VtVSSkWkK+Gbxb5fgLzUqhu6QZDFqaY/ZvCTRuZmifG1xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzZo00MvwK1/fdEDV0D97AxLoljMB8GA1UdIwQY
MBaAFD36KTaMi+acjt1aoZNVf8uipX7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODkt
YmQ1OGQwMDIxYTA5LzEvbk5talRReV9Bclg5OTBRTlhRUDNzREV1aVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODktYmQ1OGQwMDIxYTA5
LzEvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjE7MA0G
CSqGSIb3DQEBCwUAA4IBAQAxVdt5q/2xVj+LxG5YFG4oksQYxjLsn86mxpqxYqDU
o1/KSx5afsKaXQPZr8vg4WK1kVmOxkS/cRNXrtLXmCvfQhbiyWnr6m9YYWsPieZr
GQM+A29JqJO5C7W+yE4/yS5nVwGt8C7u7oQClhQtbP8ccl4qyjDOCfTbW4OKaa8C
BOe7Dur5hk4D2Ve/ij3tfxSMmGqahWXR8qsICEoLaOuiGMXkxce7yRGEli3+B6Nt
z4fUW4zRfyNSOJo9dScpIO4VEp2rMe0/OxMrBHJcd7Rp5TvcDh1dCLodf1gM8Bgm
91ibBPpICrfUNK3oDnCGDkpc8Ja5aVZvdgdMjagiAcxO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:33 2024 by rpki-client on console-ams.rpki-client.org