Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/NuiYxcbVJgrUZ_22iXqMl0wLJd4.roa
File: NuiYxcbVJgrUZ_22iXqMl0wLJd4.roa (raw, json)
Hash identifier: tABvha2s33Hd2rLEVqNiQwkbKmU1HR4Xw2hDywLntLM=
Subject key identifier: 36:E8:98:C5:C6:D5:26:0A:D4:67:FD:B6:89:7A:8C:97:4C:0B:25:DE
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 0182CAB6D4F7CF4ADB25E372CDEB0E6A1B05
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/NuiYxcbVJgrUZ_22iXqMl0wLJd4.roa
Signing time: Tue 23 Aug 2022 12:39:15 +0000
ROA not before: Tue 23 Aug 2022 12:39:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 157.167.226.0/24 maxlen: 24
157.167.225.0/24 maxlen: 24
157.167.224.0/24 maxlen: 24
157.167.228.0/24 maxlen: 24
157.167.227.0/24 maxlen: 24
157.167.232.0/24 maxlen: 24
157.167.231.0/24 maxlen: 24
157.167.230.0/24 maxlen: 24
157.167.229.0/24 maxlen: 24
157.167.233.0/24 maxlen: 24
157.167.152.0/24 maxlen: 24
157.167.156.0/24 maxlen: 24
157.167.155.0/24 maxlen: 24
157.167.153.0/24 maxlen: 24
157.167.184.0/21 maxlen: 21
157.167.134.0/24 maxlen: 24
157.167.135.0/24 maxlen: 24
157.167.136.0/21 maxlen: 21
157.167.144.0/21 maxlen: 21
85.115.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:b6:d4:f7:cf:4a:db:25:e3:72:cd:eb:0e:6a:1b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Aug 23 12:39:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36e898c5c6d5260ad467fdb6897a8c974c0b25de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bb:01:0f:ed:5c:24:a5:d0:c8:b4:52:82:5a:
fd:42:08:4b:b4:ad:7c:fc:96:af:9d:9e:83:0d:56:
ce:52:f6:c3:ae:7e:8f:16:01:27:e2:d8:e1:c3:de:
71:0b:98:73:11:e8:08:69:9b:bf:d7:be:ed:cd:6d:
63:aa:9c:3b:1c:b7:59:e0:63:ad:bc:3b:7e:20:c2:
8a:0a:7f:04:32:bf:bc:87:62:e8:21:72:e7:53:a9:
5e:53:2b:ce:32:e7:99:bc:6e:5a:ae:87:c5:0f:bb:
9a:71:10:5d:8e:09:65:69:58:7b:fe:77:d7:f8:a4:
20:06:fc:17:3e:fd:ae:6b:67:7c:0b:f7:8d:94:50:
bc:9b:56:7d:e1:64:09:58:3a:da:e9:c5:7d:eb:fe:
ef:fb:e3:0e:5f:03:fb:8e:8a:21:dc:94:25:18:70:
ed:fd:ba:0a:89:eb:08:63:a1:f6:5d:f4:0e:0c:ba:
25:93:fd:19:7e:8d:26:56:33:5b:4b:cf:7f:76:63:
12:b4:23:b2:7e:d1:b9:42:d5:2c:a5:03:bd:6e:c5:
6c:d7:d3:b5:bb:73:36:32:12:4d:0f:5b:c4:da:80:
b9:57:57:33:4a:4c:a5:a6:3d:35:69:a3:4a:8a:c1:
4e:37:66:56:e4:9e:0a:bd:ae:67:33:b2:f2:6a:c7:
7a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E8:98:C5:C6:D5:26:0A:D4:67:FD:B6:89:7A:8C:97:4C:0B:25:DE
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/NuiYxcbVJgrUZ_22iXqMl0wLJd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.38.0/24
157.167.134.0-157.167.153.255
157.167.155.0-157.167.156.255
157.167.184.0/21
157.167.224.0-157.167.233.255
Signature Algorithm: sha256WithRSAEncryption
a1:d3:26:6a:20:e1:a5:4a:36:d8:fb:fc:2c:7c:d7:f5:e9:67:
3b:c0:dd:da:12:91:3f:e6:3f:ae:f7:52:0c:32:b5:14:f5:4b:
2c:7d:ce:27:5e:48:55:5c:bc:ae:4e:0c:fb:c7:38:f6:58:a1:
57:8d:e5:a2:0e:fc:2b:43:f2:ef:8d:b3:05:f5:1e:89:59:11:
66:60:7b:8e:b0:eb:1f:63:99:71:2b:08:7b:a1:fd:aa:47:70:
c2:22:17:8a:14:e1:bc:8c:e3:e3:84:30:0f:83:bb:ec:ba:2e:
cc:7a:6d:7f:4c:49:78:72:d6:75:bd:4e:65:46:76:34:40:31:
10:d2:15:b5:1f:14:6c:36:50:89:dc:2d:ac:23:d4:80:25:a3:
81:a0:b8:b0:31:73:fe:e6:93:f6:b5:b3:de:73:1f:89:69:1b:
e5:83:71:c2:74:19:4c:80:56:af:9c:45:26:c4:c7:d8:5b:17:
b3:88:ba:1c:b4:db:c2:7d:bd:55:42:41:7e:a2:74:f7:eb:35:
ab:a0:5e:3c:6d:ed:16:4e:f5:40:da:3a:ab:a5:47:03:da:0e:
03:b4:3d:8b:83:b4:b4:90:ec:6a:51:b8:42:11:cb:3b:84:fd:
0f:d3:f5:50:b1:9b:f9:84:d1:69:14:19:52:4f:94:5b:f9:ee:
7e:a0:26:61
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYLKttT3z0rbJeNyzesOahsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjIwODIzMTIzOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmU4OThjNWM2ZDUyNjBhZDQ2N2ZkYjY4OTdhOGM5NzRjMGIyNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrsBD+1cJKXQyLRSglr9QghLtK18
/JavnZ6DDVbOUvbDrn6PFgEn4tjhw95xC5hzEegIaZu/177tzW1jqpw7HLdZ4GOt
vDt+IMKKCn8EMr+8h2LoIXLnU6leUyvOMueZvG5arofFD7uacRBdjgllaVh7/nfX
+KQgBvwXPv2ua2d8C/eNlFC8m1Z94WQJWDra6cV96/7v++MOXwP7jooh3JQlGHDt
/boKiesIY6H2XfQODLolk/0Zfo0mVjNbS89/dmMStCOyftG5QtUspQO9bsVs19O1
u3M2MhJND1vE2oC5V1czSkylpj01aaNKisFON2ZW5J4Kva5nM7Lyasd6iwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDbomMXG1SYK1Gf9tol6jJdMCyXeMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvTnVpWXhjYlZKZ3JVWl8yMmlYcU1sMHdMSmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVXMmMAwD
BAGdp4YDBAGdp5gwDAMEAJ2nmwMEAJ2nnAMEA52nuDAMAwQFnafgAwQBnafoMA0G
CSqGSIb3DQEBCwUAA4IBAQCh0yZqIOGlSjbY+/wsfNf16Wc7wN3aEpE/5j+u91IM
MrUU9Ussfc4nXkhVXLyuTgz7xzj2WKFXjeWiDvwrQ/LvjbMF9R6JWRFmYHuOsOsf
Y5lxKwh7of2qR3DCIheKFOG8jOPjhDAPg7vsui7Mem1/TEl4ctZ1vU5lRnY0QDEQ
0hW1HxRsNlCJ3C2sI9SAJaOBoLiwMXP+5pP2tbPecx+JaRvlg3HCdBlMgFavnEUm
xMfYWxeziLoctNvCfb1VQkF+onT36zWroF48be0WTvVA2jqrpUcD2g4DtD2Lg7S0
kOxqUbhCEcs7hP0P0/VQsZv5hNFpFBlST5Rb+e5+oCZh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:27 2024 by rpki-client on console-ams.rpki-client.org