Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/NskIAQiYVBp5VCsWgL79tjAYdE4.roa
File: NskIAQiYVBp5VCsWgL79tjAYdE4.roa (raw, json)
Hash identifier: 8/q1/TI/+HSgpbIG/rjW0UjCwWOtHL/QzUjv50Usfmc=
Subject key identifier: 36:C9:08:01:08:98:54:1A:79:54:2B:16:80:BE:FD:B6:30:18:74:4E
Certificate issuer: /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial: C8EB73
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/NskIAQiYVBp5VCsWgL79tjAYdE4.roa
Signing time: Sat 01 Jan 2022 02:54:06 +0000
ROA not before: Sat 01 Jan 2022 02:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39918
IP address blocks: 85.112.73.0/24 maxlen: 24
212.98.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13167475 (0xc8eb73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Validity
Not Before: Jan 1 02:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36c908010898541a79542b1680befdb63018744e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:49:6e:cd:a9:eb:93:16:a4:32:98:9e:97:2e:
5f:38:d5:a6:fb:df:ce:93:7a:40:81:02:08:dd:be:
17:8f:df:7d:82:3a:f6:3a:4e:b1:03:28:b7:9f:5d:
ef:ae:e1:85:cf:03:38:20:c5:89:b7:ad:b6:80:b2:
c0:21:00:04:dc:58:11:11:92:38:99:b9:2e:0e:4c:
19:4a:9f:83:83:51:39:e3:ee:36:c2:59:75:1c:6f:
e3:47:79:36:54:7f:17:39:e6:57:b1:6c:64:d8:8a:
35:ab:4c:a0:b6:1c:ab:0e:0e:c2:48:17:02:2a:6c:
a3:fe:da:35:b6:ba:ad:62:59:c1:1b:9b:58:6b:3b:
93:1f:d8:0d:f0:b0:bc:55:bb:28:f8:84:02:c4:c7:
3c:0e:e0:70:c7:b8:41:39:55:98:b2:44:d4:f4:bd:
0f:63:d9:10:ff:e2:8c:9f:f5:74:69:91:0e:51:92:
d7:25:84:30:5d:9f:3a:99:a1:1f:90:f1:47:0e:ca:
0e:8b:4c:ad:b3:b1:db:44:44:80:36:f8:0f:4a:87:
6d:f3:3f:c1:b4:ae:87:f5:27:0b:18:a6:98:24:58:
03:96:3e:8b:b4:0c:30:45:31:bf:48:29:9d:c0:d6:
94:d1:66:7f:c2:63:70:c6:8a:c0:25:47:8d:74:03:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C9:08:01:08:98:54:1A:79:54:2B:16:80:BE:FD:B6:30:18:74:4E
X509v3 Authority Key Identifier:
keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/NskIAQiYVBp5VCsWgL79tjAYdE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.112.73.0/24
212.98.128.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d2:ba:e2:e2:17:8c:26:cf:03:f9:27:8a:41:c1:f8:40:5d:
a7:eb:93:65:0c:b5:22:6d:21:6b:bd:d7:8d:31:99:58:12:b4:
7a:32:a8:43:ce:8c:6f:04:26:65:01:f3:4c:af:9a:65:50:1e:
b0:50:5d:65:47:17:f2:c3:56:05:d8:6d:7f:20:b3:62:64:b2:
f8:09:d5:9c:1a:07:63:7c:4f:36:0d:84:cd:8d:bd:f7:a1:08:
f2:78:c7:8c:31:78:6c:1b:75:7c:07:05:f0:0a:85:0d:9b:07:
27:d8:96:fd:af:29:68:90:79:29:5a:8c:8e:24:49:b7:04:26:
4b:94:ea:dc:2b:a4:db:fe:f2:db:c6:3e:52:b3:fe:48:a1:46:
ef:94:c6:e2:c4:bc:33:9a:48:2a:57:62:00:f3:03:10:24:32:
6c:96:69:06:ea:b4:34:3f:73:b5:34:60:e6:97:1c:dc:ff:d6:
31:bb:ee:03:2f:39:7e:ac:c6:92:c6:1f:3d:c1:50:56:be:05:
db:a0:64:d9:78:0c:48:a1:8d:f2:3e:b6:30:b1:30:d3:8e:90:
1f:dc:8e:66:39:26:04:fe:de:7e:db:a6:63:c1:dd:20:7a:88:
31:f5:85:08:f3:14:cc:2d:00:c5:cb:ed:7c:8f:dc:70:24:20:
49:a3:85:a4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAMjrczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZWNkNjRjOTc4MzdkN2JmYWMwNjYzN2RkOTUyYmRlZGUwYzI1ZDg1MB4XDTIyMDEw
MTAyNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZjOTA4MDEwODk4
NTQxYTc5NTQyYjE2ODBiZWZkYjYzMDE4NzQ0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBJbs2p65MWpDKYnpcuXzjVpvvfzpN6QIECCN2+F4/ffYI6
9jpOsQMot59d767hhc8DOCDFibettoCywCEABNxYERGSOJm5Lg5MGUqfg4NROePu
NsJZdRxv40d5NlR/FznmV7FsZNiKNatMoLYcqw4OwkgXAipso/7aNba6rWJZwRub
WGs7kx/YDfCwvFW7KPiEAsTHPA7gcMe4QTlVmLJE1PS9D2PZEP/ijJ/1dGmRDlGS
1yWEMF2fOpmhH5DxRw7KDotMrbOx20REgDb4D0qHbfM/wbSuh/UnCximmCRYA5Y+
i7QMMEUxv0gpncDWlNFmf8JjcMaKwCVHjXQD/HsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ2yQgBCJhUGnlUKxaAvv22MBh0TjAfBgNVHSMEGDAWgBSuzWTJeDfXv6wG
Y33ZUr3t4MJdhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JzMWt5WGczMTctc0JtTjkyVks5N2VEQ1hZVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8x
L05za0lBUWlZVkJwNVZDc1dnTDc5dGpBWWRFNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NTkyZDRmLWQ3MWUtNGU4Yi1hNjMyLTFlY2RlMTc5MTUxMS8xL3JzMWt5WGczMTct
c0JtTjkyVks5N2VEQ1hZVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFVwSQMEANRigDANBgkqhkiG9w0B
AQsFAAOCAQEAWdK64uIXjCbPA/knikHB+EBdp+uTZQy1Im0ha73XjTGZWBK0ejKo
Q86MbwQmZQHzTK+aZVAesFBdZUcX8sNWBdhtfyCzYmSy+AnVnBoHY3xPNg2EzY29
96EI8njHjDF4bBt1fAcF8AqFDZsHJ9iW/a8paJB5KVqMjiRJtwQmS5Tq3Cuk2/7y
28Y+UrP+SKFG75TG4sS8M5pIKldiAPMDECQybJZpBuq0ND9ztTRg5pcc3P/WMbvu
Ay85fqzGksYfPcFQVr4F26Bk2XgMSKGN8j62MLEw046QH9yOZjkmBP7eftumY8Hd
IHqIMfWFCPMUzC0AxcvtfI/ccCQgSaOFpA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:47 2023 by rpki-client on console-ams.rpki-client.org