Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/nV3XNPnGu5xSfaX2wVy1LV1H4RA.roa
File: nV3XNPnGu5xSfaX2wVy1LV1H4RA.roa (raw, json)
Hash identifier: tXU4hsS44+lVZxuCyLz+CVRVDAQN+FygSk00rZiskuo=
Subject key identifier: 9D:5D:D7:34:F9:C6:BB:9C:52:7D:A5:F6:C1:5C:B5:2D:5D:47:E1:10
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 01838DA5FA3AEF94BF1358B1D95D591E1E2B
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/nV3XNPnGu5xSfaX2wVy1LV1H4RA.roa
Signing time: Fri 30 Sep 2022 09:06:48 +0000
ROA not before: Fri 30 Sep 2022 09:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.107.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8d:a5:fa:3a:ef:94:bf:13:58:b1:d9:5d:59:1e:1e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Sep 30 09:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d5dd734f9c6bb9c527da5f6c15cb52d5d47e110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:21:ac:8f:d3:ff:64:48:ad:d1:6b:e0:f0:a8:
64:58:21:86:9d:50:35:4a:0c:a0:5b:0b:bf:24:d5:
90:a2:0e:61:11:db:58:4d:4e:23:c5:9e:db:ba:a1:
e2:97:13:e1:51:a6:97:c9:7f:3d:91:27:bf:16:ff:
29:f3:b7:b5:0e:22:20:b3:a5:dc:5f:8f:dc:5a:72:
5f:33:99:ca:c0:61:33:38:06:c5:a6:10:61:2e:76:
dd:99:25:01:22:36:0b:cc:f5:f6:01:66:bb:2f:19:
d9:d1:bd:33:36:d2:87:13:14:c3:84:eb:a6:1c:33:
56:6d:bb:87:1c:a7:f9:59:57:e6:bf:04:55:ba:17:
e8:d0:a5:2e:18:1d:04:7e:5a:bb:ab:63:47:86:d1:
6a:47:ca:d2:47:6b:e2:68:fb:c1:bd:4f:2f:2e:81:
b3:9e:3e:a2:fa:3f:05:8a:87:e4:f4:d3:4d:d9:95:
ae:2d:5a:5b:74:07:a8:00:bc:dd:98:f7:b3:52:3f:
40:84:d2:c7:79:da:4e:59:9e:4c:cc:35:83:ca:38:
8b:b9:2f:69:a1:b2:63:bb:45:99:ad:94:c0:1a:20:
6e:c4:88:c3:73:f3:a7:73:11:3a:e5:a6:ff:80:e7:
d2:2c:81:8a:60:66:25:a7:0f:db:b5:be:41:87:e8:
a9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:5D:D7:34:F9:C6:BB:9C:52:7D:A5:F6:C1:5C:B5:2D:5D:47:E1:10
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/nV3XNPnGu5xSfaX2wVy1LV1H4RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:1c:9f:64:44:21:54:95:e6:66:c5:18:de:1d:f0:04:18:de:
27:c3:11:c5:2a:11:35:18:46:dc:24:21:3e:7d:ef:6f:a4:ae:
70:a6:41:f0:b2:e2:91:fb:33:9d:16:29:e6:45:65:32:ee:22:
c4:41:ee:2f:93:31:24:fa:35:ab:f9:c6:36:e1:92:52:9a:49:
1e:5c:ea:04:6e:38:0b:cb:ee:d7:ee:a9:1a:c4:fd:7d:ad:33:
a1:05:1b:f6:6d:a0:33:c3:b7:7b:70:91:1a:ff:2c:25:f6:f9:
6e:eb:f2:2b:79:77:5d:bb:9e:1f:d5:c4:8a:3b:24:98:21:e4:
08:2b:40:17:b1:f8:47:1d:ae:b2:05:ef:89:c8:e0:c7:7b:12:
27:3b:5b:79:81:14:34:a2:83:41:f6:a6:6e:4e:7d:77:a0:72:
d0:de:81:c1:ae:cd:24:d6:2c:46:5e:56:e4:f2:61:42:94:48:
a9:07:29:5f:8a:e5:9b:07:39:b7:85:ef:3e:c8:f9:5a:97:f4:
e7:60:d0:c4:e8:01:ec:ff:48:ba:92:6e:12:64:e9:5b:03:ae:
92:b6:9a:b1:44:01:50:0f:52:91:a3:ce:56:63:4c:7a:f5:39:
39:e5:08:9e:f3:b5:86:68:5f:13:f8:50:83:27:12:66:95:a8:
d4:4b:59:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYONpfo675S/E1ix2V1ZHh4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjIwOTMwMDkwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDVkZDczNGY5YzZiYjljNTI3ZGE1ZjZjMTVjYjUyZDVkNDdlMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSGsj9P/ZEit0Wvg8KhkWCGGnVA1
SgygWwu/JNWQog5hEdtYTU4jxZ7buqHilxPhUaaXyX89kSe/Fv8p87e1DiIgs6Xc
X4/cWnJfM5nKwGEzOAbFphBhLnbdmSUBIjYLzPX2AWa7LxnZ0b0zNtKHExTDhOum
HDNWbbuHHKf5WVfmvwRVuhfo0KUuGB0Eflq7q2NHhtFqR8rSR2viaPvBvU8vLoGz
nj6i+j8Fiofk9NNN2ZWuLVpbdAeoALzdmPezUj9AhNLHedpOWZ5MzDWDyjiLuS9p
obJju0WZrZTAGiBuxIjDc/OncxE65ab/gOfSLIGKYGYlpw/btb5Bh+ipXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1d1zT5xrucUn2l9sFctS1dR+EQMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvblYzWE5Qbkd1NXhTZmFYMndWeTFMVjFINFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmujMA0G
CSqGSIb3DQEBCwUAA4IBAQCmHJ9kRCFUleZmxRjeHfAEGN4nwxHFKhE1GEbcJCE+
fe9vpK5wpkHwsuKR+zOdFinmRWUy7iLEQe4vkzEk+jWr+cY24ZJSmkkeXOoEbjgL
y+7X7qkaxP19rTOhBRv2baAzw7d7cJEa/ywl9vlu6/IreXddu54f1cSKOySYIeQI
K0AXsfhHHa6yBe+JyODHexInO1t5gRQ0ooNB9qZuTn13oHLQ3oHBrs0k1ixGXlbk
8mFClEipBylfiuWbBzm3he8+yPlal/TnYNDE6AHs/0i6km4SZOlbA66StpqxRAFQ
D1KRo85WY0x69Tk55Qie87WGaF8T+FCDJxJmlajUS1mA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:39 2024 by rpki-client on console-ams.rpki-client.org