Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/NVPnijEJ3c-rIiR456BWWBZXJow.roa
File: NVPnijEJ3c-rIiR456BWWBZXJow.roa (raw, json)
Hash identifier: zRlHAf1I2sSBTNAtbTSYqNa+t+Y6dVneJRb8xtuWnyg=
Subject key identifier: 35:53:E7:8A:31:09:DD:CF:AB:22:24:78:E7:A0:56:58:16:57:26:8C
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 38DEB766
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/NVPnijEJ3c-rIiR456BWWBZXJow.roa
Signing time: Thu 24 Mar 2022 17:14:27 +0000
ROA not before: Thu 24 Mar 2022 17:14:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204897
IP address blocks: 185.236.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 954120038 (0x38deb766)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Mar 24 17:14:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3553e78a3109ddcfab222478e7a056581657268c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:de:08:75:c5:e1:d5:e9:9b:5b:6d:9f:b7:d3:
54:ee:9d:79:9b:33:12:ee:0f:77:d9:6e:92:bd:db:
26:40:30:f4:9d:9e:87:3b:cc:be:be:86:53:ea:a5:
5c:57:81:48:02:02:52:bd:66:44:ab:a7:b2:76:3e:
5c:9d:d5:c0:ce:8c:a6:ab:55:0a:7f:1c:8f:7e:3d:
85:3a:d1:5e:20:bc:b2:d8:91:a3:6d:b6:48:99:95:
32:5d:e6:ab:ba:15:88:5e:75:88:cb:2f:13:63:10:
73:46:1f:0f:41:33:a1:50:aa:c6:43:c2:3d:8b:6a:
9a:97:88:cf:75:9f:f6:8d:29:4b:f2:eb:b0:d4:bc:
84:97:1f:00:e1:dd:70:ad:4c:9d:a2:85:aa:27:b6:
17:ff:0c:a5:49:52:77:0c:47:99:fa:f9:45:04:95:
db:b5:e4:bd:e2:34:41:ac:46:0f:17:1f:80:a7:98:
20:c7:47:79:7f:d9:66:5e:e0:b6:91:b0:d5:bf:36:
2f:c9:63:30:e0:46:4c:bb:d6:f1:9d:d4:59:dd:e2:
7e:bf:22:82:bb:fc:41:d4:1d:66:25:af:86:66:59:
0a:bf:cf:d8:f2:db:00:47:11:95:3e:bc:b2:2b:14:
f3:cd:43:f8:01:6d:5f:23:d4:fd:7c:8c:a4:10:6a:
c3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:53:E7:8A:31:09:DD:CF:AB:22:24:78:E7:A0:56:58:16:57:26:8C
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/NVPnijEJ3c-rIiR456BWWBZXJow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.144.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:b0:fd:65:97:ed:6c:80:36:95:6a:b9:69:c6:46:3a:c8:4e:
42:ca:82:3a:e4:0c:35:be:b0:f9:2e:b2:bb:64:85:f9:cc:9d:
0d:34:0d:41:ae:a1:18:63:08:ce:b8:12:69:88:f9:ac:86:ae:
07:7b:d3:71:87:04:03:92:24:0c:5f:de:fc:ed:b4:62:20:6d:
ad:d7:d3:3e:d2:b1:dc:84:97:5d:ae:c6:a6:53:2a:d1:93:46:
ab:38:72:b7:fb:15:ad:e4:84:1b:49:b2:fa:51:58:87:35:1b:
2a:ed:88:17:73:5b:2f:a8:eb:2e:5a:ef:19:40:c1:9f:af:5a:
9a:9b:80:ef:c4:b3:41:e4:1f:ee:d4:e5:0b:30:6b:64:cd:96:
f7:cf:47:a9:ec:8b:e3:e1:dd:3c:ef:17:03:ca:b8:12:70:97:
79:b5:be:da:22:62:d8:ce:32:25:48:05:c7:cd:fd:1f:18:53:
a8:0b:0f:c5:cb:12:50:31:44:2c:82:d0:4a:7e:b8:95:ca:7e:
93:73:28:3a:00:54:13:89:4c:a1:e2:86:12:d3:14:94:48:d6:
72:db:e6:c2:1a:77:25:c0:cb:77:f5:4a:69:72:f3:84:12:df:
85:e7:42:1a:f3:f6:d4:c2:c0:0c:ae:be:fd:1e:2a:e7:6e:18:
8b:c0:74:ff
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEON63ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGE1YzNhYmE0MjFiNzhhN2Q1ZDA5Yjc1YjRjZTNiZTUyNzNjYWFjMB4XDTIyMDMy
NDE3MTQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU1M2U3OGEzMTA5
ZGRjZmFiMjIyNDc4ZTdhMDU2NTgxNjU3MjY4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHeCHXF4dXpm1ttn7fTVO6deZszEu4Pd9lukr3bJkAw9J2e
hzvMvr6GU+qlXFeBSAICUr1mRKunsnY+XJ3VwM6MpqtVCn8cj349hTrRXiC8stiR
o222SJmVMl3mq7oViF51iMsvE2MQc0YfD0EzoVCqxkPCPYtqmpeIz3Wf9o0pS/Lr
sNS8hJcfAOHdcK1MnaKFqie2F/8MpUlSdwxHmfr5RQSV27XkveI0QaxGDxcfgKeY
IMdHeX/ZZl7gtpGw1b82L8ljMOBGTLvW8Z3UWd3ifr8igrv8QdQdZiWvhmZZCr/P
2PLbAEcRlT68sisU881D+AFtXyPU/XyMpBBqw5UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1U+eKMQndz6siJHjnoFZYFlcmjDAfBgNVHSMEGDAWgBQIpcOrpCG3in1d
CbdbTOO+UnPKrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NLWERxNlFodDRwOVhRbTNXMHpqdmxKenlxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvN2JkOGNmLTJhNjEtNGI3NC04NjBkLTM2NGZhZTdjNzJjNC8x
L05WUG5pakVKM2MtcklpUjQ1NkJXV0JaWEpvdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
N2JkOGNmLTJhNjEtNGI3NC04NjBkLTM2NGZhZTdjNzJjNC8xL0NLWERxNlFodDRw
OVhRbTNXMHpqdmxKenlxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnskDANBgkqhkiG9w0BAQsFAAOC
AQEAH7D9ZZftbIA2lWq5acZGOshOQsqCOuQMNb6w+S6yu2SF+cydDTQNQa6hGGMI
zrgSaYj5rIauB3vTcYcEA5IkDF/e/O20YiBtrdfTPtKx3ISXXa7GplMq0ZNGqzhy
t/sVreSEG0my+lFYhzUbKu2IF3NbL6jrLlrvGUDBn69ampuA78SzQeQf7tTlCzBr
ZM2W989HqeyL4+HdPO8XA8q4EnCXebW+2iJi2M4yJUgFx839HxhTqAsPxcsSUDFE
LILQSn64lcp+k3MoOgBUE4lMoeKGEtMUlEjWctvmwhp3JcDLd/VKaXLzhBLfhedC
GvP21MLADK6+/R4q524Yi8B0/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:56 2024 by rpki-client on console-ams.rpki-client.org