Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/nJfdW-22DrvgCwwdvy9t_RdrXjo.roa
File: nJfdW-22DrvgCwwdvy9t_RdrXjo.roa (raw, json)
Hash identifier: wRcJigaXJdlqjG+8UNtD0+6lzsvOQJZ2aSlywR+3FjM=
Subject key identifier: 9C:97:DD:5B:ED:B6:0E:BB:E0:0B:0C:1D:BF:2F:6D:FD:17:6B:5E:3A
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 07E9FA61
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/nJfdW-22DrvgCwwdvy9t_RdrXjo.roa
Signing time: Thu 24 Mar 2022 23:23:59 +0000
ROA not before: Thu 24 Mar 2022 23:23:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208041
IP address blocks: 193.160.10.0/23 maxlen: 23
193.160.14.0/23 maxlen: 23
109.197.32.0/23 maxlen: 23
2a0f:d181::/32 maxlen: 32
2a0f:d180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132774497 (0x7e9fa61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: Mar 24 23:23:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c97dd5bedb60ebbe00b0c1dbf2f6dfd176b5e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:18:7a:f3:ea:6e:8e:8e:a3:42:b1:3d:72:
70:af:13:0f:1e:aa:23:6a:0d:d1:0f:6e:77:00:67:
be:7a:21:b5:2f:f1:64:a0:3a:9b:30:65:39:0b:c4:
a6:76:ab:99:d4:75:36:85:67:4b:d7:12:a5:7c:a3:
13:ff:bd:d1:89:e1:16:ef:db:8b:6a:fa:10:72:01:
7a:56:99:dd:c8:61:62:f4:73:d6:6b:3b:1e:e9:c6:
e7:1c:8c:e2:5c:14:f4:2b:51:cf:34:59:e5:98:5c:
19:d9:ce:4b:c9:2b:28:73:bf:a9:83:93:e4:91:e0:
65:5a:19:cc:fc:b4:03:43:7e:72:84:5e:2d:fe:46:
b6:09:dd:4e:fa:38:da:a4:86:2b:45:40:81:3f:18:
a1:58:6c:ca:5d:85:5f:18:5f:fa:00:8b:d0:79:b5:
b8:8a:47:10:c5:31:3b:48:a3:f5:e4:21:20:fe:57:
6d:28:bc:90:87:c5:ff:b1:e6:ac:c5:d3:8e:df:01:
c0:76:1a:01:26:6f:14:40:ab:5d:dc:5b:9e:71:ab:
00:4f:a8:c0:c5:34:69:3a:d9:88:91:20:4b:ea:82:
80:83:d9:20:23:60:2d:db:92:be:bc:49:79:41:4b:
48:48:fe:32:87:d1:d3:e9:c8:11:db:8a:2b:d9:da:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:97:DD:5B:ED:B6:0E:BB:E0:0B:0C:1D:BF:2F:6D:FD:17:6B:5E:3A
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/nJfdW-22DrvgCwwdvy9t_RdrXjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.32.0/23
193.160.10.0/23
193.160.14.0/23
IPv6:
2a0f:d180::/31
Signature Algorithm: sha256WithRSAEncryption
74:95:94:e0:95:71:d1:14:1c:f8:5a:99:75:6d:a8:54:f9:ad:
3e:ee:57:79:e3:6b:16:98:08:8f:e6:e9:e5:e3:10:16:c3:d8:
58:97:31:f3:9f:aa:0e:b5:14:d1:f7:36:9c:16:81:ee:87:e5:
a5:9b:4c:61:1a:fb:0e:58:a4:fe:5c:7d:b3:ed:44:71:24:ce:
f7:ac:78:87:82:65:a4:e2:b2:de:01:8a:b9:d7:9e:21:21:3a:
53:b3:13:d3:7f:90:77:87:2f:27:b9:b1:c8:83:24:7b:5a:3f:
29:8f:9d:93:61:06:a5:a3:78:6d:ad:c5:94:fa:3f:37:e5:82:
c2:92:b7:9a:e7:d3:ea:a4:61:18:27:33:64:bc:f1:54:fe:6d:
a3:6f:2a:13:54:9d:fa:ce:1a:ce:bd:79:e8:2f:cd:5c:7d:a7:
3b:78:fc:e9:bb:68:29:12:90:ea:d0:0c:4d:d2:db:98:dd:c5:
57:21:33:92:56:d8:cf:6d:80:c7:a6:52:15:35:61:98:ac:70:
0c:ec:82:3e:4a:fd:8e:af:6c:81:f9:bb:41:9a:fc:de:dc:9f:
59:63:58:5b:12:a9:21:77:08:db:ce:83:26:e0:4c:4e:52:c0:
9f:97:32:28:07:bf:0d:de:09:e6:f4:08:86:0b:ad:1b:8a:56:
7a:f4:a5:e2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEB+n6YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODFlY2MxYTc0Y2Y5MmFiNjE5YzVmNzEwMTIzOTM3Y2U1MGQ5YzQzMB4XDTIyMDMy
NDIzMjM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWM5N2RkNWJlZGI2
MGViYmUwMGIwYzFkYmYyZjZkZmQxNzZiNWUzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIOGHrz6m6OjqNCsT1ycK8TDx6qI2oN0Q9udwBnvnohtS/x
ZKA6mzBlOQvEpnarmdR1NoVnS9cSpXyjE/+90YnhFu/bi2r6EHIBelaZ3chhYvRz
1ms7HunG5xyM4lwU9CtRzzRZ5ZhcGdnOS8krKHO/qYOT5JHgZVoZzPy0A0N+coRe
Lf5GtgndTvo42qSGK0VAgT8YoVhsyl2FXxhf+gCL0Hm1uIpHEMUxO0ij9eQhIP5X
bSi8kIfF/7HmrMXTjt8BwHYaASZvFECrXdxbnnGrAE+owMU0aTrZiJEgS+qCgIPZ
ICNgLduSvrxJeUFLSEj+MofR0+nIEduKK9naIO0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBScl91b7bYOu+ALDB2/L239F2teOjAfBgNVHSMEGDAWgBRYHswadM+Sq2Gc
X3EBI5N85Q2cQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dCN01HblRQa3F0aG5GOXhBU09UZk9VTm5FTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvYzcxZGFmLWRkNjYtNDFkOC1iMDRmLWRhODhiNmJkYjMxNi8x
L25KZmRXLTIyRHJ2Z0N3d2R2eTl0X1Jkclhqby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
YzcxZGFmLWRkNjYtNDFkOC1iMDRmLWRhODhiNmJkYjMxNi8xL1dCN01HblRQa3F0
aG5GOXhBU09UZk9VTm5FTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAW3FIAMEAcGgCgMEAcGgDjANBAIA
AjAHAwUBKg/RgDANBgkqhkiG9w0BAQsFAAOCAQEAdJWU4JVx0RQc+FqZdW2oVPmt
Pu5XeeNrFpgIj+bp5eMQFsPYWJcx85+qDrUU0fc2nBaB7oflpZtMYRr7Dlik/lx9
s+1EcSTO96x4h4JlpOKy3gGKudeeISE6U7MT03+Qd4cvJ7mxyIMke1o/KY+dk2EG
paN4ba3FlPo/N+WCwpK3mufT6qRhGCczZLzxVP5to28qE1Sd+s4azr156C/NXH2n
O3j86btoKRKQ6tAMTdLbmN3FVyEzklbYz22Ax6ZSFTVhmKxwDOyCPkr9jq9sgfm7
QZr83tyfWWNYWxKpIXcI286DJuBMTlLAn5cyKAe/Dd4J5vQIhgutG4pWevSl4g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:45 2023 by rpki-client on console-ams.rpki-client.org