Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nCxp90nCXJaqsn0u5uox3YNlIh0.roa
File: nCxp90nCXJaqsn0u5uox3YNlIh0.roa (raw, json)
Hash identifier: dpqBXHccFQIU96Au05H47wBKih7bqyUh0nl9eoYcN30=
Subject key identifier: 9C:2C:69:F7:49:C2:5C:96:AA:B2:7D:2E:E6:EA:31:DD:83:65:22:1D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185449B87D6D4442CC3A809C9330EF19595
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nCxp90nCXJaqsn0u5uox3YNlIh0.roa
Signing time: Sat 24 Dec 2022 14:48:41 +0000
ROA not before: Sat 24 Dec 2022 14:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 188.253.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:9b:87:d6:d4:44:2c:c3:a8:09:c9:33:0e:f1:95:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 24 14:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c2c69f749c25c96aab27d2ee6ea31dd8365221d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ba:cf:47:b8:2d:43:81:e2:df:88:cb:d4:28:
37:9d:9c:e5:53:df:00:86:07:94:0f:a7:b8:fd:e2:
31:79:ca:2e:25:ae:ef:79:0e:75:87:8c:9f:9c:42:
3a:98:69:53:8a:1e:f5:63:0f:ab:06:4b:a6:a6:28:
8c:ff:41:b0:0c:8b:48:41:03:f4:5f:e6:59:26:3f:
7d:6c:1f:0e:22:cf:d6:3d:ce:2e:67:cf:5f:1a:f8:
40:28:96:a3:eb:38:2f:cd:69:35:66:20:aa:78:5c:
5f:36:24:93:a6:8f:64:bf:64:ca:45:7d:38:25:42:
e3:b2:e0:42:99:a9:87:e8:d9:21:80:ba:9c:1e:7a:
81:f8:f0:a7:77:67:66:0f:f3:b5:da:b1:56:eb:28:
ce:80:e9:91:20:db:22:6f:08:3d:18:ed:f9:b9:02:
2b:12:e4:60:20:5e:76:b7:48:c5:d9:73:99:67:e5:
a9:b9:31:3a:6d:d3:64:e7:6a:be:5a:61:bd:af:5c:
96:71:a4:d6:e5:0a:be:b8:75:fc:a6:2a:82:72:a3:
63:53:1d:7e:0e:de:f1:39:b0:43:de:b2:d0:8f:35:
ec:df:bc:b7:e0:f0:14:26:92:e7:35:af:b0:02:6a:
1d:61:04:fc:55:3d:4d:6b:d2:28:e9:40:f0:09:a6:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2C:69:F7:49:C2:5C:96:AA:B2:7D:2E:E6:EA:31:DD:83:65:22:1D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/nCxp90nCXJaqsn0u5uox3YNlIh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.8.0/21
Signature Algorithm: sha256WithRSAEncryption
50:32:b0:2e:9e:b8:45:21:34:08:af:51:90:9f:85:94:31:d3:
93:87:d5:da:6a:e1:fa:3f:07:2a:7a:e9:ae:a1:00:39:90:5d:
a0:07:3e:07:79:3c:13:ab:2e:e4:cd:50:9a:bd:13:c2:65:e6:
f8:0d:8a:58:12:7f:fe:fb:79:bb:fe:0d:7f:90:8f:55:4c:fe:
6f:9a:58:a2:43:2f:3e:9d:f9:33:62:6b:f2:e1:b0:2d:2e:6d:
a3:07:97:5f:c8:c6:fd:f4:4e:0d:5f:15:7e:60:3f:40:1a:1f:
c7:d3:bd:76:92:53:e3:a1:45:fb:36:89:4b:e0:78:93:47:b8:
ce:7c:8f:48:0a:c1:88:a2:0d:94:fd:a1:f3:49:a3:d0:ba:5e:
2e:0b:fe:78:07:70:0b:9f:c6:42:93:45:cf:c8:d1:65:22:8c:
91:15:27:17:e8:98:ba:45:74:4b:2c:9e:5a:fa:fb:84:a0:cf:
24:ad:46:07:ad:87:f9:7e:f5:c0:5a:5f:87:8e:68:3c:e2:1a:
b5:a4:4c:f5:24:3f:64:c7:0e:6e:12:c9:26:0d:66:91:32:c7:
67:1d:76:3c:89:4d:8a:c3:0a:ed:f1:76:c9:6b:b8:3f:67:98:
cb:f3:59:36:cd:49:8a:c9:22:c0:46:11:ac:71:34:27:dd:87:
05:4f:53:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVEm4fW1EQsw6gJyTMO8ZWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIxMjI0MTQ0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJjNjlmNzQ5YzI1Yzk2YWFiMjdkMmVlNmVhMzFkZDgzNjUyMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbrPR7gtQ4Hi34jL1Cg3nZzlU98A
hgeUD6e4/eIxecouJa7veQ51h4yfnEI6mGlTih71Yw+rBkumpiiM/0GwDItIQQP0
X+ZZJj99bB8OIs/WPc4uZ89fGvhAKJaj6zgvzWk1ZiCqeFxfNiSTpo9kv2TKRX04
JULjsuBCmamH6NkhgLqcHnqB+PCnd2dmD/O12rFW6yjOgOmRINsibwg9GO35uQIr
EuRgIF52t0jF2XOZZ+WpuTE6bdNk52q+WmG9r1yWcaTW5Qq+uHX8piqCcqNjUx1+
Dt7xObBD3rLQjzXs37y34PAUJpLnNa+wAmodYQT8VT1Na9Io6UDwCabkPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwsafdJwlyWqrJ9LubqMd2DZSIdMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbkN4cDkwbkNYSmFxc24wdTV1b3gzWU5sSWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvP0IMA0G
CSqGSIb3DQEBCwUAA4IBAQBQMrAunrhFITQIr1GQn4WUMdOTh9XaauH6Pwcqeumu
oQA5kF2gBz4HeTwTqy7kzVCavRPCZeb4DYpYEn/++3m7/g1/kI9VTP5vmliiQy8+
nfkzYmvy4bAtLm2jB5dfyMb99E4NXxV+YD9AGh/H0712klPjoUX7NolL4HiTR7jO
fI9ICsGIog2U/aHzSaPQul4uC/54B3ALn8ZCk0XPyNFlIoyRFScX6Ji6RXRLLJ5a
+vuEoM8krUYHrYf5fvXAWl+Hjmg84hq1pEz1JD9kxw5uEskmDWaRMsdnHXY8iU2K
wwrt8XbJa7g/Z5jL81k2zUmKySLARhGscTQn3YcFT1Or
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org