Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/NcrjXjrmf4piPeZCHi0Ig-gyKiA.roa
File: NcrjXjrmf4piPeZCHi0Ig-gyKiA.roa (raw, json)
Hash identifier: oET5+x1LpPnTZ8vza3hKabinhuag50hxS91PQg4BHfk=
Subject key identifier: 35:CA:E3:5E:3A:E6:7F:8A:62:3D:E6:42:1E:2D:08:83:E8:32:2A:20
Certificate issuer: /CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Certificate serial: 4D0202
Authority key identifier: 1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/NcrjXjrmf4piPeZCHi0Ig-gyKiA.roa
Signing time: Sat 01 Jan 2022 00:55:22 +0000
ROA not before: Sat 01 Jan 2022 00:55:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41737
IP address blocks: 193.110.144.0/24 maxlen: 24
193.110.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5046786 (0x4d0202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4d0923ec10667760ad882e6af9a15699c05ef8
Validity
Not Before: Jan 1 00:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35cae35e3ae67f8a623de6421e2d0883e8322a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:39:20:b4:bf:ee:8d:29:b0:d1:d0:1d:d5:9a:
5c:e8:e1:b7:2a:2e:a3:cf:7d:1b:ef:a6:d9:77:f2:
b8:3a:bd:15:d6:1e:b1:42:6c:2a:10:31:a3:bf:39:
6e:94:c3:2d:d5:05:9f:44:c3:1c:20:20:1a:9b:7d:
88:47:0a:1a:e3:77:32:07:f9:3a:b2:f0:b2:14:6f:
8a:73:8a:ab:59:0a:0e:0a:67:44:e3:48:ec:02:66:
48:3c:a5:46:82:8a:39:b5:eb:5d:ab:f5:95:83:77:
12:ff:d0:bb:54:04:06:81:b3:fa:97:dd:81:9d:08:
7b:f4:8c:56:68:66:cf:7b:4c:72:7f:b8:63:09:98:
96:d6:79:01:a2:ab:dd:92:27:49:53:a9:36:66:ea:
9b:4a:f1:a7:40:74:05:87:78:bf:76:24:72:8a:fb:
46:38:dc:38:94:cf:f4:b5:7a:9e:de:81:de:b3:42:
49:36:e9:7e:e9:a3:b2:a6:ad:56:a5:53:34:8e:82:
75:38:e1:4a:a4:26:b6:ae:3f:66:76:d2:da:1d:52:
a3:b4:57:bd:61:ab:65:c9:b9:f8:6d:04:c2:65:b1:
02:22:c8:16:89:9f:cc:ae:f6:df:90:ec:10:da:57:
eb:90:ad:2e:78:e3:25:0f:a3:dd:27:26:39:49:94:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CA:E3:5E:3A:E6:7F:8A:62:3D:E6:42:1E:2D:08:83:E8:32:2A:20
X509v3 Authority Key Identifier:
keyid:1A:4D:09:23:EC:10:66:77:60:AD:88:2E:6A:F9:A1:56:99:C0:5E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk0JI-wQZndgrYguavmhVpnAXvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/NcrjXjrmf4piPeZCHi0Ig-gyKiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3564e7-11d4-4d7a-8bcc-a953768fde2f/1/Gk0JI-wQZndgrYguavmhVpnAXvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.110.144.0/24
193.110.168.0/23
Signature Algorithm: sha256WithRSAEncryption
69:fe:f1:0b:e6:f4:1e:26:44:36:88:6d:a2:d8:e8:1a:f0:ce:
61:03:0c:eb:3d:f2:b9:59:b9:87:02:9d:91:2e:da:25:88:1a:
21:00:3d:eb:61:7a:64:af:e6:e3:91:bf:0c:94:a4:6c:ab:ac:
75:74:24:44:61:58:ca:29:3b:81:cc:27:de:12:d3:ec:f2:a1:
ec:36:76:e0:67:0c:d5:2d:a2:d7:ff:b4:77:29:01:5f:9d:7c:
6e:96:45:24:b3:21:22:8e:a5:af:ec:96:f2:1c:df:c0:d9:f8:
ea:c2:ee:3f:d8:8f:58:37:37:5c:51:e1:f2:ea:df:98:2a:83:
e5:b1:04:23:11:f6:79:d7:70:d6:11:25:2e:6f:73:31:b4:fb:
5d:05:63:b0:fc:52:90:39:b0:63:1c:bb:3c:5f:54:53:00:d8:
44:61:87:ef:5d:15:d6:61:5a:14:dc:d0:62:7e:5b:14:5d:b9:
e2:7f:31:36:6f:8b:24:e2:ae:b5:a2:b5:ac:5f:14:cc:7d:c9:
5b:59:59:61:e5:ba:8a:f7:f0:c2:3d:28:64:cc:7d:cc:d2:3e:
78:a4:1e:f7:66:e4:4f:18:88:9c:96:1c:e5:8d:9d:7a:3a:3f:
74:46:b7:2c:4a:69:f8:21:29:85:42:15:77:e0:89:62:73:59:
09:dd:2d:3a
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDTQICMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
NGQwOTIzZWMxMDY2Nzc2MGFkODgyZTZhZjlhMTU2OTljMDVlZjgwHhcNMjIwMTAx
MDA1NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNWNhZTM1ZTNhZTY3
ZjhhNjIzZGU2NDIxZTJkMDg4M2U4MzIyYTIwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7DkgtL/ujSmw0dAd1Zpc6OG3Ki6jz30b76bZd/K4Or0V1h6x
QmwqEDGjvzlulMMt1QWfRMMcICAam32IRwoa43cyB/k6svCyFG+Kc4qrWQoOCmdE
40jsAmZIPKVGgoo5tetdq/WVg3cS/9C7VAQGgbP6l92BnQh79IxWaGbPe0xyf7hj
CZiW1nkBoqvdkidJU6k2ZuqbSvGnQHQFh3i/diRyivtGONw4lM/0tXqe3oHes0JJ
Nul+6aOypq1WpVM0joJ1OOFKpCa2rj9mdtLaHVKjtFe9Yatlybn4bQTCZbECIsgW
iZ/MrvbfkOwQ2lfrkK0ueOMlD6PdJyY5SZRwVQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFDXK41465n+KYj3mQh4tCIPoMiogMB8GA1UdIwQYMBaAFBpNCSPsEGZ3YK2I
Lmr5oVaZwF74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R2swSkktd1FabmRncllndWF2bWhWcG5BWHZnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81ZS8zNTY0ZTctMTFkNC00ZDdhLThiY2MtYTk1Mzc2OGZkZTJmLzEv
TmNyalhqcm1mNHBpUGVaQ0hpMElnLWd5S2lBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8z
NTY0ZTctMTFkNC00ZDdhLThiY2MtYTk1Mzc2OGZkZTJmLzEvR2swSkktd1FabmRn
cllndWF2bWhWcG5BWHZnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW6QAwQBwW6oMA0GCSqGSIb3DQEB
CwUAA4IBAQBp/vEL5vQeJkQ2iG2i2Oga8M5hAwzrPfK5WbmHAp2RLtoliBohAD3r
YXpkr+bjkb8MlKRsq6x1dCREYVjKKTuBzCfeEtPs8qHsNnbgZwzVLaLX/7R3KQFf
nXxulkUksyEijqWv7JbyHN/A2fjqwu4/2I9YNzdcUeHy6t+YKoPlsQQjEfZ513DW
ESUub3MxtPtdBWOw/FKQObBjHLs8X1RTANhEYYfvXRXWYVoU3NBiflsUXbnifzE2
b4sk4q61orWsXxTMfclbWVlh5bqK9/DCPShkzH3M0j54pB73ZuRPGIiclhzljZ16
Oj90RrcsSmn4ISmFQhV34Ilic1kJ3S06
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:22 2024 by rpki-client on console-ams.rpki-client.org