Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/nnMgm33gSErknef8ekRCRQg1HcY.roa
File: nnMgm33gSErknef8ekRCRQg1HcY.roa (raw, json)
Hash identifier: QNkGtHFHRL1Jtuw/2WU7BYs2PdVw8xBK7LDBIegyOpg=
Subject key identifier: 9E:73:20:9B:7D:E0:48:4A:E4:9D:E7:FC:7A:44:42:45:08:35:1D:C6
Certificate issuer: /CN=097b6035e5717fc93a83e3e3ec817e6607643844
Certificate serial: 0D0936D5
Authority key identifier: 09:7B:60:35:E5:71:7F:C9:3A:83:E3:E3:EC:81:7E:66:07:64:38:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/nnMgm33gSErknef8ekRCRQg1HcY.roa
Signing time: Sat 01 Jan 2022 03:52:18 +0000
ROA not before: Sat 01 Jan 2022 03:52:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24904
IP address blocks: 185.238.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218707669 (0xd0936d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097b6035e5717fc93a83e3e3ec817e6607643844
Validity
Not Before: Jan 1 03:52:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e73209b7de0484ae49de7fc7a44424508351dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:be:9f:2d:ab:a0:18:c3:4e:0b:b4:9a:28:37:
21:43:8e:c8:fa:8a:4e:9d:da:21:9b:02:61:5f:d9:
bb:1a:02:bd:88:52:57:fe:61:51:a6:5b:df:3d:78:
58:68:74:b2:0a:76:b8:d4:a9:ea:0a:d4:5f:cb:7b:
97:15:88:30:28:de:6c:bd:69:73:5e:75:fb:e5:fb:
6a:83:a6:b6:d1:a3:5c:29:78:96:72:40:b2:8d:68:
3a:74:5c:75:9e:52:92:9a:86:5b:d3:20:d7:18:5a:
44:f2:8d:61:c8:ce:da:57:b6:3f:67:b0:72:00:1a:
a5:4d:05:b6:b2:f5:e2:d7:af:f2:90:8d:fa:e2:b2:
8f:de:c8:d5:f1:ff:d4:20:22:cf:9e:f6:a1:2a:62:
f5:cb:58:d8:ba:86:46:71:4c:a7:dd:fd:4f:8c:1e:
6e:27:20:79:6b:a5:e0:b7:34:68:a5:cd:92:7c:94:
ec:e1:7e:aa:26:c6:d8:60:66:63:cd:4b:07:79:0d:
12:11:9f:23:33:b2:54:87:d9:9f:f2:e9:25:2f:64:
23:ae:89:6c:3d:6e:f7:9a:20:49:35:86:e1:17:3c:
ed:51:60:a8:e5:76:15:4e:21:00:ec:1f:55:8b:97:
58:db:0c:ed:f9:c5:74:e0:21:58:ef:0c:81:5a:fe:
de:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:73:20:9B:7D:E0:48:4A:E4:9D:E7:FC:7A:44:42:45:08:35:1D:C6
X509v3 Authority Key Identifier:
keyid:09:7B:60:35:E5:71:7F:C9:3A:83:E3:E3:EC:81:7E:66:07:64:38:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/nnMgm33gSErknef8ekRCRQg1HcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.4.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:40:13:3c:6d:f2:5c:ac:60:03:7f:2d:44:84:ed:da:71:fb:
d9:b6:35:65:a8:00:ca:5e:98:71:69:38:b9:14:42:8a:60:a4:
b9:cc:28:e0:76:bb:c8:14:2f:fd:54:1e:d2:53:7d:b9:00:73:
bc:f1:3c:60:6a:d0:ca:19:02:23:4b:ab:ff:8f:9b:76:29:fa:
be:df:fb:72:ed:e2:7c:1a:8c:f6:05:6a:f0:e8:de:02:77:0a:
1c:41:15:80:a2:7e:7a:90:06:5d:64:f5:5d:28:86:e3:96:be:
44:c7:2b:aa:61:cf:77:3f:5d:ce:19:dd:85:2b:6a:2f:27:13:
58:33:b8:6d:85:15:30:b3:88:7b:2a:db:52:66:2e:f3:d4:f6:
fa:32:0b:20:fd:d2:9b:70:e2:92:0d:8f:58:11:88:74:43:ef:
d6:10:d4:e3:92:5c:a2:1e:ac:0c:d1:1a:9e:0c:d6:5b:9c:2c:
f4:0c:84:04:15:8b:ed:9f:c2:cf:4e:64:7b:9f:eb:86:71:6b:
ce:ec:01:1f:a3:b0:9a:36:cc:74:a7:51:10:6e:91:be:11:05:
5d:ed:14:ee:02:53:29:66:16:86:50:9d:ce:5b:91:a6:4e:dc:
1d:e1:85:1b:97:6e:9a:c9:6f:bb:ef:12:47:74:84:b1:42:9f:
31:a1:63:69
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDQk21TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTdiNjAzNWU1NzE3ZmM5M2E4M2UzZTNlYzgxN2U2NjA3NjQzODQ0MB4XDTIyMDEw
MTAzNTIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU3MzIwOWI3ZGUw
NDg0YWU0OWRlN2ZjN2E0NDQyNDUwODM1MWRjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALO+ny2roBjDTgu0mig3IUOOyPqKTp3aIZsCYV/ZuxoCvYhS
V/5hUaZb3z14WGh0sgp2uNSp6grUX8t7lxWIMCjebL1pc151++X7aoOmttGjXCl4
lnJAso1oOnRcdZ5SkpqGW9Mg1xhaRPKNYcjO2le2P2ewcgAapU0FtrL14tev8pCN
+uKyj97I1fH/1CAiz572oSpi9ctY2LqGRnFMp939T4webicgeWul4Lc0aKXNknyU
7OF+qibG2GBmY81LB3kNEhGfIzOyVIfZn/LpJS9kI66JbD1u95ogSTWG4Rc87VFg
qOV2FU4hAOwfVYuXWNsM7fnFdOAhWO8MgVr+3tUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSecyCbfeBISuSd5/x6REJFCDUdxjAfBgNVHSMEGDAWgBQJe2A15XF/yTqD
4+PsgX5mB2Q4RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NYdGdOZVZ4ZjhrNmctUGo3SUYtWmdka09FUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMGRiODI5LTZlYmUtNDgyYS1hNDEyLTYxZmQxZGY5NTcyNy8x
L25uTWdtMzNnU0Vya25lZjhla1JDUlFnMUhjWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MGRiODI5LTZlYmUtNDgyYS1hNDEyLTYxZmQxZGY5NTcyNy8xL0NYdGdOZVZ4Zjhr
NmctUGo3SUYtWmdka09FUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnuBDANBgkqhkiG9w0BAQsFAAOC
AQEAvUATPG3yXKxgA38tRITt2nH72bY1ZagAyl6YcWk4uRRCimCkucwo4Ha7yBQv
/VQe0lN9uQBzvPE8YGrQyhkCI0ur/4+bdin6vt/7cu3ifBqM9gVq8OjeAncKHEEV
gKJ+epAGXWT1XSiG45a+RMcrqmHPdz9dzhndhStqLycTWDO4bYUVMLOIeyrbUmYu
89T2+jILIP3Sm3Dikg2PWBGIdEPv1hDU45Jcoh6sDNEangzWW5ws9AyEBBWL7Z/C
z05ke5/rhnFrzuwBH6OwmjbMdKdREG6RvhEFXe0U7gJTKWYWhlCdzluRpk7cHeGF
G5dumslvu+8SR3SEsUKfMaFjaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:48 2024 by rpki-client on console-ams.rpki-client.org