Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/nq_jh-Mr6szt63aBlKNI78TFWIU.roa
File: nq_jh-Mr6szt63aBlKNI78TFWIU.roa (raw, json)
Hash identifier: nF7a6nd/uvo9mk+uy9Nj31DgHWvrCMbtJwdR0/rXyB4=
Subject key identifier: 9E:AF:E3:87:E3:2B:EA:CC:ED:EB:76:81:94:A3:48:EF:C4:C5:58:85
Certificate issuer: /CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Certificate serial: 0184AF34E917AD34376DA043DC06A62454E3
Authority key identifier: CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/nq_jh-Mr6szt63aBlKNI78TFWIU.roa
Signing time: Fri 25 Nov 2022 14:33:10 +0000
ROA not before: Fri 25 Nov 2022 14:33:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20529
IP address blocks: 217.147.192.0/20 maxlen: 24
217.147.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:34:e9:17:ad:34:37:6d:a0:43:dc:06:a6:24:54:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Validity
Not Before: Nov 25 14:33:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eafe387e32beaccedeb768194a348efc4c55885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a6:93:7a:6f:a2:62:d9:88:23:ac:6b:bc:1c:
9f:b0:15:b5:9e:7f:14:fe:e4:9a:49:7e:ea:b4:cc:
ff:f0:59:21:55:6d:a6:0e:85:09:d6:34:40:e6:14:
49:51:42:32:05:b5:2d:4f:bb:be:31:d4:a0:71:4b:
1c:98:cd:b8:4d:bb:c8:2d:5e:e1:9f:61:01:a9:97:
56:6a:22:ef:a7:14:52:1a:e5:96:a0:49:03:8d:65:
a6:14:69:fa:32:71:3c:e7:29:0d:cc:44:66:1c:7c:
f1:4c:24:11:44:74:6f:fe:40:9a:49:bb:72:28:09:
d2:d8:17:5a:ff:2b:95:2f:b9:24:c0:10:a3:01:7d:
cb:fb:52:fd:d1:d0:dd:e2:54:2f:4a:a1:07:7e:01:
cb:7f:b0:c0:67:fb:01:5f:ba:43:5e:d8:b7:e9:c5:
89:69:fb:ce:cb:a3:a9:1d:d6:02:9a:ff:c7:1c:7d:
11:02:92:84:5c:1b:4c:56:5c:fc:e5:0b:30:3b:1d:
fd:27:39:ca:58:6c:77:5c:80:48:f9:1c:f3:61:92:
14:24:a5:2c:23:8a:77:42:4f:f0:cd:9f:6a:93:9c:
0b:cf:23:b0:da:69:9e:c8:08:e2:cb:59:15:be:8c:
41:73:c2:39:45:ec:4b:5d:00:3a:2f:0a:39:47:a5:
e1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AF:E3:87:E3:2B:EA:CC:ED:EB:76:81:94:A3:48:EF:C4:C5:58:85
X509v3 Authority Key Identifier:
keyid:CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/nq_jh-Mr6szt63aBlKNI78TFWIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/ypHELfpq-8EeeO6d4ueF-KILUEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.192.0/20
Signature Algorithm: sha256WithRSAEncryption
00:aa:6c:31:1d:24:d7:97:f7:05:c2:a5:5e:d9:50:46:35:04:
85:2a:54:38:7b:f6:9a:82:36:ba:fc:62:d2:e4:35:fc:84:52:
a5:70:cf:c1:81:af:39:e7:0c:d9:b9:1b:11:a0:f1:0a:d6:cb:
8d:1a:35:af:3b:96:77:1d:26:bd:1a:92:ca:66:8c:25:bd:26:
fe:b3:7e:4c:af:26:bd:cb:c3:0d:97:03:2f:27:8b:5f:81:1a:
0b:d0:86:4c:22:f9:ef:06:12:bf:15:ec:ee:17:3e:3e:18:aa:
09:5e:3f:10:6a:69:38:94:dd:37:dc:c9:5d:3e:2c:01:7a:28:
1c:8b:54:68:5c:ff:5d:34:60:d2:7a:50:c3:45:43:dc:4a:32:
88:de:d1:0a:47:d2:0b:06:63:89:83:81:1a:d7:1e:68:35:9e:
d4:1d:2e:d4:cf:8d:3f:3c:19:8d:a8:68:58:74:0e:5b:a1:16:
c9:c0:f4:8e:d2:93:97:8a:8a:fc:05:75:06:91:ac:b1:5b:5d:
f5:23:8c:3b:14:8c:a9:58:7b:56:2d:11:ec:b5:d1:54:f7:f6:
b1:55:17:8c:78:df:f2:b6:52:86:7e:d4:89:e1:18:f0:9f:9b:
57:7f:69:82:3c:41:03:2c:63:b3:26:0e:f5:09:c3:e8:7e:c4:
b5:f6:f5:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSvNOkXrTQ3baBD3AamJFTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTFjNDJkZmE2YWZiYzExZTc4ZWU5ZGUyZTc4NWY4YTIw
YjUwNDMwHhcNMjIxMTI1MTQzMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFmZTM4N2UzMmJlYWNjZWRlYjc2ODE5NGEzNDhlZmM0YzU1ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6aTem+iYtmII6xrvByfsBW1nn8U
/uSaSX7qtMz/8FkhVW2mDoUJ1jRA5hRJUUIyBbUtT7u+MdSgcUscmM24TbvILV7h
n2EBqZdWaiLvpxRSGuWWoEkDjWWmFGn6MnE85ykNzERmHHzxTCQRRHRv/kCaSbty
KAnS2Bda/yuVL7kkwBCjAX3L+1L90dDd4lQvSqEHfgHLf7DAZ/sBX7pDXti36cWJ
afvOy6OpHdYCmv/HHH0RApKEXBtMVlz85QswOx39JznKWGx3XIBI+RzzYZIUJKUs
I4p3Qk/wzZ9qk5wLzyOw2mmeyAjiy1kVvoxBc8I5RexLXQA6Lwo5R6Xh7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6v44fjK+rM7et2gZSjSO/ExViFMB8GA1UdIwQY
MBaAFMqRxC36avvBHnjuneLnhfiiC1BDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjIt
ZDU4NjUwNDFhMTRmLzEvbnFfamgtTXI2c3p0NjNhQmxLTkk3OFRGV0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjItZDU4NjUwNDFhMTRm
LzEveXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAAqmwxHSTXl/cFwqVe2VBGNQSFKlQ4e/aagja6/GLS
5DX8hFKlcM/Bga855wzZuRsRoPEK1suNGjWvO5Z3HSa9GpLKZowlvSb+s35Mrya9
y8MNlwMvJ4tfgRoL0IZMIvnvBhK/FezuFz4+GKoJXj8Qamk4lN033MldPiwBeigc
i1RoXP9dNGDSelDDRUPcSjKI3tEKR9ILBmOJg4Ea1x5oNZ7UHS7Uz40/PBmNqGhY
dA5boRbJwPSO0pOXior8BXUGkayxW131I4w7FIypWHtWLRHstdFU9/axVReMeN/y
tlKGftSJ4Rjwn5tXf2mCPEEDLGOzJg71CcPofsS19vVv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org