Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/nO1JYUd9QGZYSETQhbb0rZfeiYM.roa
File: nO1JYUd9QGZYSETQhbb0rZfeiYM.roa (raw, json)
Hash identifier: XFuQT151NYtuEAfMCIhH5NqpwFM84hO1dJBPizY+yvU=
Subject key identifier: 9C:ED:49:61:47:7D:40:66:58:48:44:D0:85:B6:F4:AD:97:DE:89:83
Certificate issuer: /CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Certificate serial: 02407A71
Authority key identifier: F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/nO1JYUd9QGZYSETQhbb0rZfeiYM.roa
Signing time: Sat 01 Jan 2022 09:01:46 +0000
ROA not before: Sat 01 Jan 2022 09:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211467
IP address blocks: 193.34.83.0/24 maxlen: 24
185.98.216.0/24 maxlen: 24
185.98.219.0/24 maxlen: 24
185.98.217.0/24 maxlen: 24
185.98.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37780081 (0x2407a71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8caa797b900fc355fc2412467751eeb2c1c64be
Validity
Not Before: Jan 1 09:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ced4961477d4066584844d085b6f4ad97de8983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:5b:6b:8d:cd:5d:b3:2b:16:ec:13:ec:d7:d1:
fc:ce:5d:78:07:c3:79:bf:fd:7b:3e:fb:6e:ac:d0:
ec:1b:b1:1b:75:41:c8:ef:46:3b:02:6f:81:e5:44:
e8:fc:a1:44:4b:f6:fc:c5:1d:aa:6a:05:46:fb:e5:
8b:08:ab:d9:bf:34:7d:72:7c:73:38:b6:44:00:b2:
fd:6d:c5:45:4b:dc:19:be:03:6e:55:d1:47:3e:d2:
fb:6f:2f:48:e3:ac:31:2e:76:e7:79:ca:6d:b5:e6:
e4:43:71:52:cc:07:34:00:a3:d1:c6:87:81:62:58:
d3:29:ef:7d:63:fd:6e:af:ac:d4:83:e2:df:2e:0b:
f6:4f:46:d2:0b:6e:4b:92:7f:8a:cb:b6:13:f1:85:
4d:2d:37:7f:bf:7d:31:cf:43:da:ed:1d:d8:05:38:
ee:fe:25:89:4d:08:cd:94:07:dd:24:db:28:8f:4c:
4f:83:4d:8e:62:00:c1:5a:d8:ae:31:9a:98:9c:29:
89:c5:56:6b:e1:e2:da:6f:97:45:93:ac:8c:be:41:
af:1d:d4:e8:24:34:f0:9f:dc:14:7d:13:af:b0:bb:
3c:e3:2c:bc:b7:2e:21:29:29:a7:99:85:f2:a2:66:
a1:bd:60:a1:9d:b8:2d:b6:90:f9:a1:b1:5f:12:27:
1c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:ED:49:61:47:7D:40:66:58:48:44:D0:85:B6:F4:AD:97:DE:89:83
X509v3 Authority Key Identifier:
keyid:F8:CA:A7:97:B9:00:FC:35:5F:C2:41:24:67:75:1E:EB:2C:1C:64:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/nO1JYUd9QGZYSETQhbb0rZfeiYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/1b55cf-be94-49ad-9eb8-9db3d44c6d2f/1/1-Mqnl7kA_DVfwkEkZ3Ue6ywcZL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.216.0/22
193.34.83.0/24
Signature Algorithm: sha256WithRSAEncryption
24:4f:12:da:ea:26:30:73:ff:d8:db:04:d8:d9:fb:da:5b:04:
88:f2:98:58:eb:2a:54:15:3d:25:6a:21:3a:fc:9c:45:b2:1d:
85:72:f6:19:30:ba:27:d5:fd:e9:4f:50:60:cb:54:eb:90:e5:
2a:6e:dc:34:c4:d7:7e:fd:89:eb:07:90:b2:4e:74:20:4c:72:
0a:31:91:59:bb:e1:a3:06:c6:dd:2a:e5:c2:71:c2:37:2e:19:
c9:70:e8:b3:67:f2:9d:35:11:12:5a:62:2a:5a:11:f1:36:62:
07:c5:92:33:62:86:8c:e5:27:20:27:33:32:66:3e:87:46:0d:
59:fc:ef:79:b2:ad:b9:b1:97:37:c6:88:c9:0d:45:ed:21:65:
ba:36:2d:3e:b7:47:25:12:4f:8e:53:03:c9:d0:fb:4a:ff:b0:
7d:bf:b7:44:8d:0e:c0:d5:e7:5b:f2:64:a0:05:6d:b9:e9:2b:
0f:11:c9:8c:98:1a:8e:3a:35:ee:3e:56:dc:cc:4c:d6:24:00:
75:a6:30:f2:05:9a:02:96:bb:01:7f:df:27:0f:42:f8:f3:91:
f0:68:cf:0e:ea:2c:3c:69:48:e2:db:c8:43:87:31:32:2b:86:
fc:bf:d4:44:fb:cf:d1:92:b5:0c:7c:2a:0f:ea:05:22:1c:26:
52:ba:a8:32
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAkB6cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGNhYTc5N2I5MDBmYzM1NWZjMjQxMjQ2Nzc1MWVlYjJjMWM2NGJlMB4XDTIyMDEw
MTA5MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNlZDQ5NjE0Nzdk
NDA2NjU4NDg0NGQwODViNmY0YWQ5N2RlODk4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPhba43NXbMrFuwT7NfR/M5deAfDeb/9ez77bqzQ7BuxG3VB
yO9GOwJvgeVE6PyhREv2/MUdqmoFRvvliwir2b80fXJ8czi2RACy/W3FRUvcGb4D
blXRRz7S+28vSOOsMS5253nKbbXm5ENxUswHNACj0caHgWJY0ynvfWP9bq+s1IPi
3y4L9k9G0gtuS5J/isu2E/GFTS03f799Mc9D2u0d2AU47v4liU0IzZQH3STbKI9M
T4NNjmIAwVrYrjGamJwpicVWa+Hi2m+XRZOsjL5Brx3U6CQ08J/cFH0Tr7C7POMs
vLcuISkpp5mF8qJmob1goZ24LbaQ+aGxXxInHGkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSc7UlhR31AZlhIRNCFtvStl96JgzAfBgNVHSMEGDAWgBT4yqeXuQD8NV/C
QSRndR7rLBxkvjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtTXFubDdrQV9EVmZ3a0VrWjNVZTZ5d2NaTDQuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ3LzFiNTVjZi1iZTk0LTQ5YWQtOWViOC05ZGIzZDQ0YzZkMmYv
MS9uTzFKWVVkOVFHWllTRVRRaGJiMHJaZmVpWU0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ3
LzFiNTVjZi1iZTk0LTQ5YWQtOWViOC05ZGIzZDQ0YzZkMmYvMS8xLU1xbmw3a0Ff
RFZmd2tFa1ozVWU2eXdjWkw0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWLYAwQAwSJTMA0GCSqGSIb3
DQEBCwUAA4IBAQAkTxLa6iYwc//Y2wTY2fvaWwSI8phY6ypUFT0laiE6/JxFsh2F
cvYZMLon1f3pT1Bgy1TrkOUqbtw0xNd+/YnrB5CyTnQgTHIKMZFZu+GjBsbdKuXC
ccI3LhnJcOizZ/KdNRESWmIqWhHxNmIHxZIzYoaM5ScgJzMyZj6HRg1Z/O95sq25
sZc3xojJDUXtIWW6Ni0+t0clEk+OUwPJ0PtK/7B9v7dEjQ7A1edb8mSgBW256SsP
EcmMmBqOOjXuPlbczEzWJAB1pjDyBZoClrsBf98nD0L485HwaM8O6iw8aUji28hD
hzEyK4b8v9RE+8/RkrUMfCoP6gUiHCZSuqgy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:08 2023 by rpki-client on console-ams.rpki-client.org