Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/NgerkYPp-BJNZLFBIDcb6HHyaPc.roa
File: NgerkYPp-BJNZLFBIDcb6HHyaPc.roa (raw, json)
Hash identifier: FLr+HIo8fxgmxrOysCPI50RnsABYVSuKGW8+LV/DY6A=
Subject key identifier: 36:07:AB:91:83:E9:F8:12:4D:64:B1:41:20:37:1B:E8:71:F2:68:F7
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 098B12EA
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/NgerkYPp-BJNZLFBIDcb6HHyaPc.roa
Signing time: Sat 01 Jan 2022 05:04:01 +0000
ROA not before: Sat 01 Jan 2022 05:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33881
IP address blocks: 5.154.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160109290 (0x98b12ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3607ab9183e9f8124d64b14120371be871f268f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:8a:db:45:95:bb:cc:72:ff:0b:70:e6:99:
7b:05:bd:0f:9b:17:39:b1:fa:b6:60:6b:af:f6:a2:
39:12:20:d1:7d:25:db:8c:2d:e9:13:00:10:24:f5:
41:5f:31:25:7b:59:c5:00:46:cc:fc:c0:f0:5d:15:
76:98:19:ba:c8:83:c0:35:86:2c:15:ff:11:8f:26:
7a:36:c2:30:4f:b9:78:52:90:2d:8f:2c:81:f6:f9:
f9:29:56:de:72:de:21:25:37:44:a5:03:9d:91:a0:
41:c4:b5:b9:83:30:be:9e:8b:0f:fd:c8:67:ad:96:
df:eb:bb:ae:d0:29:da:89:5a:c9:8e:f5:71:02:e1:
c9:04:59:85:3c:78:f2:3c:92:7c:4c:01:f9:16:60:
39:a4:ed:f1:8f:69:0b:f4:74:c7:79:0a:9a:ea:1f:
b0:de:46:86:26:33:fd:11:2b:c3:35:97:3c:13:25:
bf:d7:2f:f6:6a:7f:6f:1b:4d:fd:f2:44:b0:06:db:
d7:b4:a8:1b:94:42:ea:0d:65:d4:30:ae:2c:06:d3:
08:a8:e8:4b:be:83:ff:e4:e5:92:3d:40:90:d4:fd:
80:a4:78:51:76:32:fe:b6:0f:f5:9c:5b:be:df:6e:
fa:45:26:e2:54:7f:61:fe:d6:02:81:b3:53:19:97:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:07:AB:91:83:E9:F8:12:4D:64:B1:41:20:37:1B:E8:71:F2:68:F7
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/NgerkYPp-BJNZLFBIDcb6HHyaPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.172.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:fe:6a:d2:f1:73:a1:eb:48:eb:ce:92:ae:fa:23:7a:eb:f4:
c9:e0:1b:7d:b5:0d:c2:1f:26:8d:5e:61:73:d7:18:99:be:3f:
f0:8c:59:15:62:fa:3c:09:96:e5:b6:4e:46:9f:72:bc:5a:43:
49:9a:6a:64:70:18:fb:3f:49:e2:d9:4c:fc:9b:55:d6:14:a0:
08:f8:d4:61:0b:64:07:2b:8d:c0:03:b0:b7:c2:87:5c:ea:de:
7d:47:18:ad:98:51:c1:e9:32:c5:d7:65:d1:68:c3:97:a7:fc:
14:62:3c:97:9c:20:79:ef:2b:2d:3e:cb:23:c4:2b:ae:58:f5:
4a:f4:6f:7c:e7:9f:b4:00:89:f5:48:9f:e8:7f:34:7e:14:1a:
25:fd:57:07:a4:f1:5a:99:09:0d:7d:30:7f:4d:8f:d4:da:7c:
f7:d5:89:f0:06:db:21:42:56:c4:f6:72:e5:7d:b1:2e:de:a7:
b5:1a:9d:70:5a:24:8b:2a:be:51:6b:80:44:9f:50:5b:2b:df:
75:d7:f9:36:79:cd:fa:b3:4a:69:f8:f3:91:01:0c:b8:cf:5a:
bf:b4:f9:85:91:b0:f0:19:d0:0e:dd:5e:e6:d2:2d:9b:a5:50:
1a:3e:b9:a2:10:6f:6d:06:b3:7f:3f:c2:b7:9b:a0:0e:c1:8c:
a0:87:4e:12
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECYsS6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzYwN2FiOTE4M2U5
ZjgxMjRkNjRiMTQxMjAzNzFiZTg3MWYyNjhmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3WittFlbvMcv8LcOaZewW9D5sXObH6tmBrr/aiORIg0X0l
24wt6RMAECT1QV8xJXtZxQBGzPzA8F0VdpgZusiDwDWGLBX/EY8mejbCME+5eFKQ
LY8sgfb5+SlW3nLeISU3RKUDnZGgQcS1uYMwvp6LD/3IZ62W3+u7rtAp2olayY71
cQLhyQRZhTx48jySfEwB+RZgOaTt8Y9pC/R0x3kKmuofsN5GhiYz/RErwzWXPBMl
v9cv9mp/bxtN/fJEsAbb17SoG5RC6g1l1DCuLAbTCKjoS76D/+Tlkj1AkNT9gKR4
UXYy/rYP9Zxbvt9u+kUm4lR/Yf7WAoGzUxmX3H0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ2B6uRg+n4Ek1ksUEgNxvocfJo9zAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L05nZXJrWVBwLUJKTlpMRkJJRGNiNkhIeWFQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWarDANBgkqhkiG9w0BAQsFAAOC
AQEA0f5q0vFzoetI686Srvojeuv0yeAbfbUNwh8mjV5hc9cYmb4/8IxZFWL6PAmW
5bZORp9yvFpDSZpqZHAY+z9J4tlM/JtV1hSgCPjUYQtkByuNwAOwt8KHXOrefUcY
rZhRwekyxddl0WjDl6f8FGI8l5wgee8rLT7LI8Qrrlj1SvRvfOeftACJ9Uif6H80
fhQaJf1XB6TxWpkJDX0wf02P1Np899WJ8AbbIUJWxPZy5X2xLt6ntRqdcFokiyq+
UWuARJ9QWyvfddf5NnnN+rNKafjzkQEMuM9av7T5hZGw8BnQDt1e5tItm6VQGj65
ohBvbQazfz/Ct5ugDsGMoIdOEg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org