Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/naTN_nTHBejkXpmgSuEI7C4D9s8.roa
File: naTN_nTHBejkXpmgSuEI7C4D9s8.roa (raw, json)
Hash identifier: 5HwEINRqkoVD3i9CzTMF/q4xdjFjK9GtT0ELo3fhJ7M=
Subject key identifier: 9D:A4:CD:FE:74:C7:05:E8:E4:5E:99:A0:4A:E1:08:EC:2E:03:F6:CF
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AB8D653
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/naTN_nTHBejkXpmgSuEI7C4D9s8.roa
Signing time: Sat 01 Jan 2022 16:03:09 +0000
ROA not before: Sat 01 Jan 2022 16:03:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60146
IP address blocks: 213.14.250.0/24 maxlen: 24
85.153.145.0/24 maxlen: 24
213.74.242.0/24 maxlen: 24
213.14.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448321107 (0x1ab8d653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9da4cdfe74c705e8e45e99a04ae108ec2e03f6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:08:0a:ab:21:66:4a:85:c1:0f:b0:19:06:
0e:b1:d5:f6:92:84:58:29:10:bd:fe:a7:b4:cd:0c:
82:53:45:9f:f4:f7:8f:88:86:7d:54:e5:13:6e:72:
1a:f8:a5:b3:81:90:6e:bd:ed:ec:68:e9:0f:93:47:
d4:ae:63:e2:79:c6:b1:d5:a0:3e:24:13:4c:77:bf:
a4:24:d2:78:75:1d:6a:1e:d4:89:f7:90:87:42:b5:
c8:4b:d5:f9:f0:80:ed:1d:c8:72:ee:e2:16:0a:8c:
a5:50:56:17:0c:e7:4b:ef:45:61:e1:42:69:f6:30:
9e:63:f4:c4:b7:38:f9:b2:46:28:39:ba:d3:9b:e1:
19:c9:c1:cb:f8:4e:48:71:6e:38:fa:18:fe:68:ec:
3d:16:7b:9a:4b:5b:34:cc:16:47:13:15:b6:c5:7d:
09:f4:04:4d:3b:fe:66:5e:23:65:54:fe:fe:65:06:
1f:6e:26:b7:3a:db:71:89:f5:09:15:95:34:c0:06:
5d:87:89:8a:dd:fd:b0:98:f2:2c:63:af:13:f8:21:
0d:9c:c1:f5:51:11:28:a9:c7:8e:24:9c:be:57:37:
b1:a3:cb:bf:69:c1:99:4b:ed:5e:c5:d0:7b:3d:cf:
2f:b1:23:04:d3:0d:36:48:76:46:2c:e3:d9:63:90:
33:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A4:CD:FE:74:C7:05:E8:E4:5E:99:A0:4A:E1:08:EC:2E:03:F6:CF
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/naTN_nTHBejkXpmgSuEI7C4D9s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.145.0/24
213.14.223.0/24
213.14.250.0/24
213.74.242.0/24
Signature Algorithm: sha256WithRSAEncryption
03:0f:7a:c1:e7:80:c1:e7:c1:60:a8:c5:07:71:61:70:9f:38:
9b:00:ec:fa:f3:ed:3d:4a:6d:80:3e:f2:07:c2:95:8e:37:c3:
5d:52:62:b8:c6:79:7b:f6:ff:c4:12:2b:20:fd:f6:7e:c3:42:
0c:43:8f:a9:e3:44:14:15:57:6a:4b:36:cb:cf:0c:e7:9c:97:
a4:8f:7c:50:4b:b5:ae:f4:99:df:58:01:27:43:de:33:fa:91:
6d:5d:e9:0f:67:6f:a1:96:99:ad:7c:cd:c2:99:7d:20:9c:6f:
6f:d7:ec:32:7b:b6:4f:f0:80:3c:56:82:f3:22:9f:d4:19:64:
7c:fb:36:34:85:21:a2:c3:e2:cf:ac:64:e3:1c:62:e1:b7:39:
14:b5:c7:2a:eb:59:ba:e3:76:fc:d7:dd:9f:15:58:02:c1:8a:
28:1f:95:63:05:6d:98:84:67:e8:6b:6d:52:f6:09:58:ed:7c:
de:7f:1f:57:4d:2a:c0:22:b8:3d:28:30:43:6b:92:fc:38:df:
43:69:fc:b5:9e:9b:ba:23:f4:79:8f:6d:bd:22:77:a3:91:f4:
4b:60:d1:7d:9b:f9:a5:c2:d6:ae:27:8b:66:3c:e1:0d:f4:56:
3f:55:de:fb:8a:9a:ca:67:6a:92:05:f6:9a:46:47:f0:18:3f:
9d:08:a2:b2
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGrjWUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRhNGNkZmU3NGM3
MDVlOGU0NWU5OWEwNGFlMTA4ZWMyZTAzZjZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKa3CAqrIWZKhcEPsBkGDrHV9pKEWCkQvf6ntM0MglNFn/T3
j4iGfVTlE25yGvils4GQbr3t7GjpD5NH1K5j4nnGsdWgPiQTTHe/pCTSeHUdah7U
ifeQh0K1yEvV+fCA7R3Icu7iFgqMpVBWFwznS+9FYeFCafYwnmP0xLc4+bJGKDm6
05vhGcnBy/hOSHFuOPoY/mjsPRZ7mktbNMwWRxMVtsV9CfQETTv+Zl4jZVT+/mUG
H24mtzrbcYn1CRWVNMAGXYeJit39sJjyLGOvE/ghDZzB9VERKKnHjiScvlc3saPL
v2nBmUvtXsXQez3PL7EjBNMNNkh2Rizj2WOQM+UCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSdpM3+dMcF6ORemaBK4QjsLgP2zzAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L25hVE5fblRIQmVqa1hwbWdTdUVJN0M0RDlzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFWZkQMEANUO3wMEANUO+gMEANVK
8jANBgkqhkiG9w0BAQsFAAOCAQEAAw96weeAwefBYKjFB3FhcJ84mwDs+vPtPUpt
gD7yB8KVjjfDXVJiuMZ5e/b/xBIrIP32fsNCDEOPqeNEFBVXaks2y88M55yXpI98
UEu1rvSZ31gBJ0PeM/qRbV3pD2dvoZaZrXzNwpl9IJxvb9fsMnu2T/CAPFaC8yKf
1BlkfPs2NIUhosPiz6xk4xxi4bc5FLXHKutZuuN2/NfdnxVYAsGKKB+VYwVtmIRn
6GttUvYJWO183n8fV00qwCK4PSgwQ2uS/DjfQ2n8tZ6buiP0eY9tvSJ3o5H0S2DR
fZv5pcLWrieLZjzhDfRWP1Xe+4qaymdqkgX2mkZH8Bg/nQiisg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org