Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nJav02zrcZ7O-NNYav6DwgC3pWE.roa
File: nJav02zrcZ7O-NNYav6DwgC3pWE.roa (raw, json)
Hash identifier: fKxH8U9BE7h88ovcunoEUAjLCAh2dAthfwvHKxSSQyE=
Subject key identifier: 9C:96:AF:D3:6C:EB:71:9E:CE:F8:D3:58:6A:FE:83:C2:00:B7:A5:61
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018264A88E0BE2D098C9E4C053FA6AC92749
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nJav02zrcZ7O-NNYav6DwgC3pWE.roa
Signing time: Wed 03 Aug 2022 17:02:24 +0000
ROA not before: Wed 03 Aug 2022 17:02:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210442
IP address blocks: 146.120.185.0/24 maxlen: 24
95.46.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:a8:8e:0b:e2:d0:98:c9:e4:c0:53:fa:6a:c9:27:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 3 17:02:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c96afd36ceb719ecef8d3586afe83c200b7a561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:12:4d:50:42:86:e6:f7:fb:d2:3d:a0:40:7c:
a6:e2:25:33:bf:27:ca:7c:14:f8:72:f1:aa:68:75:
d8:bd:5b:82:c6:c9:f8:a1:01:96:09:7e:9c:3e:3b:
ba:34:62:96:fa:b7:99:e0:9d:82:4f:91:fe:30:58:
a5:c3:bb:57:27:6f:cf:24:f9:1e:78:38:4a:e0:fa:
23:48:06:9d:a5:fc:ad:12:11:e5:b7:f9:cf:c5:da:
49:2a:24:e4:1e:a8:b1:8a:76:6e:2f:d7:f7:ad:b8:
3c:6e:16:88:a4:ea:42:83:31:7c:d2:63:50:a2:fb:
bc:79:35:6c:92:e7:8d:d5:73:b7:e5:c9:18:47:59:
37:de:07:2b:11:fc:91:46:c0:5b:c1:d8:05:b0:b6:
68:8f:f7:bb:6f:68:0a:d5:a0:53:ed:75:0b:e8:72:
3f:a2:ae:7d:e2:e9:d5:74:85:42:c6:9d:4f:61:86:
ac:3d:48:d4:69:c9:8c:39:9f:50:d7:a2:b0:3e:e4:
1d:9e:21:81:bf:a7:6d:3c:05:7d:24:80:24:fc:a0:
6f:26:74:e7:af:21:22:4d:59:38:bb:b7:89:f4:be:
1c:ce:ab:1e:76:39:8d:21:7a:3a:7e:99:c4:3d:9a:
a8:36:6e:7e:71:19:19:03:ae:bf:59:ce:66:39:ba:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:96:AF:D3:6C:EB:71:9E:CE:F8:D3:58:6A:FE:83:C2:00:B7:A5:61
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nJav02zrcZ7O-NNYav6DwgC3pWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.46.72.0/24
146.120.185.0/24
Signature Algorithm: sha256WithRSAEncryption
28:fc:03:5a:1c:a0:a3:9a:5b:63:c4:03:01:d2:63:5f:e1:85:
01:94:a1:d2:45:46:de:ea:8b:a5:f6:b3:62:6b:02:ad:2d:03:
ba:6e:a9:48:0c:7f:14:b4:87:0a:3d:ca:8d:40:82:00:16:e8:
6d:42:2b:ec:06:76:a8:49:a8:6c:03:cc:06:cd:64:3c:c0:71:
fd:57:ec:7f:a9:26:f1:e3:74:b6:d0:be:85:ee:ec:7c:92:47:
0d:8b:4f:3a:9c:63:53:8c:e3:04:c1:a3:0a:53:8b:27:88:13:
1b:9b:b1:c8:1c:44:ac:23:75:69:22:7e:4f:64:34:4c:e0:56:
6a:6e:ef:fd:b4:9a:59:0e:2f:3c:5d:c9:9e:5c:1e:18:74:b9:
f2:bf:26:27:68:49:70:db:4c:6b:0c:14:ec:64:d6:54:2d:23:
2b:47:64:b4:e8:fe:ca:ba:32:7e:bf:45:2b:21:67:89:a2:84:
61:d5:ef:ff:fd:c1:34:98:5f:95:eb:f7:29:18:4b:25:0d:12:
b9:d7:f9:1b:90:eb:18:7c:8c:dc:ea:be:b8:48:0e:a5:4d:a7:
3d:56:90:11:53:c5:9e:bb:12:61:a5:37:4f:73:02:93:5d:93:
1d:8b:b7:e4:d1:70:66:30:a4:bb:bf:ba:8e:62:48:ff:6c:5f:
48:d4:27:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJkqI4L4tCYyeTAU/pqySdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIwODAzMTcwMjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk2YWZkMzZjZWI3MTllY2VmOGQzNTg2YWZlODNjMjAwYjdhNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxJNUEKG5vf70j2gQHym4iUzvyfK
fBT4cvGqaHXYvVuCxsn4oQGWCX6cPju6NGKW+reZ4J2CT5H+MFilw7tXJ2/PJPke
eDhK4PojSAadpfytEhHlt/nPxdpJKiTkHqixinZuL9f3rbg8bhaIpOpCgzF80mNQ
ovu8eTVskueN1XO35ckYR1k33gcrEfyRRsBbwdgFsLZoj/e7b2gK1aBT7XUL6HI/
oq594unVdIVCxp1PYYasPUjUacmMOZ9Q16KwPuQdniGBv6dtPAV9JIAk/KBvJnTn
ryEiTVk4u7eJ9L4czqsedjmNIXo6fpnEPZqoNm5+cRkZA66/Wc5mObq1SQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyWr9Ns63GezvjTWGr+g8IAt6VhMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbkphdjAyenJjWjdPLU5OWWF2NkR3Z0MzcFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXy5IAwQA
kni5MA0GCSqGSIb3DQEBCwUAA4IBAQAo/ANaHKCjmltjxAMB0mNf4YUBlKHSRUbe
6oul9rNiawKtLQO6bqlIDH8UtIcKPcqNQIIAFuhtQivsBnaoSahsA8wGzWQ8wHH9
V+x/qSbx43S20L6F7ux8kkcNi086nGNTjOMEwaMKU4sniBMbm7HIHESsI3VpIn5P
ZDRM4FZqbu/9tJpZDi88XcmeXB4YdLnyvyYnaElw20xrDBTsZNZULSMrR2S06P7K
ujJ+v0UrIWeJooRh1e///cE0mF+V6/cpGEslDRK51/kbkOsYfIzc6r64SA6lTac9
VpARU8WeuxJhpTdPcwKTXZMdi7fk0XBmMKS7v7qOYkj/bF9I1Cck
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:42 2023 by rpki-client on console-fra.rpki-client.org