Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NshFwrkR_b3CThefB55-R_Z7eQo.roa
File: NshFwrkR_b3CThefB55-R_Z7eQo.roa (raw, json)
Hash identifier: IHcvnj3eB/ndYS9XGZ5f2nNeRn33TfccQbuFF3vjwbA=
Subject key identifier: 36:C8:45:C2:B9:11:FD:BD:C2:4E:17:9F:07:9E:7E:47:F6:7B:79:0A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183ABEB13967ABFD4044AC2009AB566B9B5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NshFwrkR_b3CThefB55-R_Z7eQo.roa
Signing time: Thu 06 Oct 2022 06:10:53 +0000
ROA not before: Thu 06 Oct 2022 06:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ab:eb:13:96:7a:bf:d4:04:4a:c2:00:9a:b5:66:b9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 6 06:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36c845c2b911fdbdc24e179f079e7e47f67b790a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:83:20:fd:12:bb:0d:c9:a7:1b:bb:81:39:69:
d6:f9:72:01:14:d3:73:0f:3b:e0:84:ef:c0:14:29:
aa:c9:e3:aa:47:63:e4:ce:9d:ea:dd:4b:d2:ed:00:
9c:96:03:5b:91:1a:a7:da:34:05:d2:d8:24:e8:be:
2a:95:59:12:16:ed:a9:ec:a0:72:5e:75:43:2f:f7:
2c:af:40:8b:bb:c1:14:9d:74:04:54:b2:69:d5:c8:
af:ea:90:c3:94:a7:14:ea:6f:81:4d:47:24:11:23:
07:a2:c2:e6:db:f9:6e:26:7a:cd:3b:01:5e:70:92:
7e:fc:b3:f7:5a:0d:8a:ac:be:3c:b5:54:d6:86:fc:
ab:07:de:6a:96:8c:3a:98:94:31:c6:64:68:2a:f5:
02:87:fa:18:4d:81:d6:e8:ab:91:c8:a1:ea:50:87:
83:5e:14:3a:61:bf:f8:61:a3:fd:d9:cc:35:8e:94:
db:07:86:46:4c:6b:f0:9c:7d:11:9c:4d:bc:0d:1a:
69:5c:c7:02:3a:41:a8:49:5d:0a:46:bf:75:e4:e1:
2b:f7:8f:33:5b:b0:a4:58:e6:80:6b:a3:5a:fa:9b:
87:aa:ec:d7:f7:b0:28:d9:1b:2a:7d:24:e6:12:ca:
91:57:ff:04:4d:e6:fd:06:9e:b0:9f:ec:f9:4c:27:
75:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C8:45:C2:B9:11:FD:BD:C2:4E:17:9F:07:9E:7E:47:F6:7B:79:0A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/NshFwrkR_b3CThefB55-R_Z7eQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.64.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:b8:7b:73:86:65:84:c2:2f:04:b8:bd:5f:1a:2b:bd:40:e8:
d0:82:de:41:b2:cc:25:98:0b:0a:4d:04:60:52:a2:35:81:9b:
06:74:ce:22:dd:c2:84:62:10:01:35:0a:31:95:5c:b4:9d:19:
7d:94:1a:fc:58:10:1e:be:8c:44:e2:20:29:43:f1:1a:54:42:
82:8a:8f:ba:f0:b9:75:e4:dd:ce:a3:3d:f9:34:3b:65:42:c6:
dc:40:f9:54:1f:65:89:9b:24:ed:66:00:41:72:56:1c:b7:08:
c3:6a:b2:8b:06:fe:56:f0:ec:f3:d1:24:58:a5:3e:95:29:8f:
fd:4f:12:37:cf:9e:21:14:fb:0a:ff:bf:8c:17:a5:8f:e4:4d:
78:84:92:57:95:70:94:65:96:55:35:79:84:56:81:e9:dc:3e:
de:79:a2:42:2c:b1:85:f3:f3:b9:d9:fe:4d:36:15:1c:bb:79:
c8:94:9e:32:40:f0:ce:2d:ce:6e:5e:89:97:ed:87:36:aa:f1:
eb:c9:d9:be:a2:52:11:52:13:c6:9e:98:02:8d:8a:42:44:38:
dd:fb:a3:c0:e5:41:7b:74:82:6a:cd:53:fb:19:4a:3b:66:99:
45:3c:aa:2b:9b:1d:76:4b:57:5b:9d:8e:f9:85:e0:e4:2e:f4:
bb:f7:d4:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOr6xOWer/UBErCAJq1Zrm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDA2MDYxMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmM4NDVjMmI5MTFmZGJkYzI0ZTE3OWYwNzllN2U0N2Y2N2I3OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIMg/RK7DcmnG7uBOWnW+XIBFNNz
DzvghO/AFCmqyeOqR2Pkzp3q3UvS7QCclgNbkRqn2jQF0tgk6L4qlVkSFu2p7KBy
XnVDL/csr0CLu8EUnXQEVLJp1civ6pDDlKcU6m+BTUckESMHosLm2/luJnrNOwFe
cJJ+/LP3Wg2KrL48tVTWhvyrB95qlow6mJQxxmRoKvUCh/oYTYHW6KuRyKHqUIeD
XhQ6Yb/4YaP92cw1jpTbB4ZGTGvwnH0RnE28DRppXMcCOkGoSV0KRr915OEr948z
W7CkWOaAa6Na+puHquzX97Ao2RsqfSTmEsqRV/8ETeb9Bp6wn+z5TCd1lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbIRcK5Ef29wk4Xnweefkf2e3kKMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTnNoRndya1JfYjNDVGhlZkI1NS1SX1o3ZVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgv9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAOuHtzhmWEwi8EuL1fGiu9QOjQgt5BsswlmAsKTQRg
UqI1gZsGdM4i3cKEYhABNQoxlVy0nRl9lBr8WBAevoxE4iApQ/EaVEKCio+68Ll1
5N3Ooz35NDtlQsbcQPlUH2WJmyTtZgBBclYctwjDarKLBv5W8Ozz0SRYpT6VKY/9
TxI3z54hFPsK/7+MF6WP5E14hJJXlXCUZZZVNXmEVoHp3D7eeaJCLLGF8/O52f5N
NhUcu3nIlJ4yQPDOLc5uXomX7Yc2qvHrydm+olIRUhPGnpgCjYpCRDjd+6PA5UF7
dIJqzVP7GUo7ZplFPKormx12S1dbnY75heDkLvS799Tx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org