Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nkrfH9S-GAhEAPvDF-SK2fWVDeA.roa
File: nkrfH9S-GAhEAPvDF-SK2fWVDeA.roa (raw, json)
Hash identifier: Imi4X29mHJ8SDTN+xFD5NTZeKkRwoirvn7vsWWyoUMI=
Subject key identifier: 9E:4A:DF:1F:D4:BE:18:08:44:00:FB:C3:17:E4:8A:D9:F5:95:0D:E0
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0185577D84A3B7387ADB74D792A333606ECB
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nkrfH9S-GAhEAPvDF-SK2fWVDeA.roa
Signing time: Wed 28 Dec 2022 06:48:41 +0000
ROA not before: Wed 28 Dec 2022 06:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206119
IP address blocks: 78.143.224.0/21 maxlen: 24
82.163.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:7d:84:a3:b7:38:7a:db:74:d7:92:a3:33:60:6e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 28 06:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e4adf1fd4be18084400fbc317e48ad9f5950de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:73:1e:8b:ba:c8:0c:71:00:7d:2e:a7:ec:9a:
f3:57:e3:43:83:27:42:f9:22:7c:3c:80:1b:4c:b6:
1a:26:3a:d5:72:13:d3:27:2e:92:fe:24:f8:ac:cb:
dd:da:6b:85:9a:ba:3c:a9:54:96:79:04:f1:19:69:
fb:3c:2d:e4:39:34:20:cd:24:99:d8:3e:15:1e:00:
46:62:27:d8:25:03:e9:f1:f0:eb:9f:ff:11:9c:62:
f5:cc:e9:1f:65:45:cd:9c:74:8e:6f:9d:c0:45:cc:
4c:d9:84:f5:00:47:e2:62:20:c8:78:93:28:bb:5c:
f1:54:96:c8:78:28:fb:0e:6c:1f:40:8c:06:e2:ad:
d0:02:e1:a8:93:5c:b9:2d:f3:81:9a:c0:6e:90:05:
b9:7c:31:5b:45:58:bc:73:3b:68:99:09:12:b5:c5:
a4:d1:4f:ce:ff:5c:09:ba:09:5c:8d:ee:e7:24:f7:
5d:ae:71:a9:5f:e2:94:ac:48:d4:e0:5a:65:6c:c8:
49:87:58:a6:39:c3:30:ef:de:68:ad:09:45:bb:42:
76:de:6e:2b:ba:10:8c:f1:8c:91:dd:c2:f0:2c:58:
51:ca:1f:22:f8:21:8e:a3:ab:b2:5e:b0:8f:e8:0e:
b7:f0:eb:a5:46:24:4c:ad:d4:8f:7c:7a:5d:f7:b0:
37:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4A:DF:1F:D4:BE:18:08:44:00:FB:C3:17:E4:8A:D9:F5:95:0D:E0
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nkrfH9S-GAhEAPvDF-SK2fWVDeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.143.224.0/21
82.163.104.0/21
Signature Algorithm: sha256WithRSAEncryption
53:57:bc:57:8e:ae:db:41:54:51:b6:4f:64:c6:ed:1b:bd:50:
72:92:dc:0d:65:27:82:24:3a:99:18:08:d2:48:e0:62:2d:79:
c3:71:45:7a:45:73:bd:6c:df:e9:4c:af:37:94:c0:15:02:c3:
57:6f:cc:06:d0:99:14:d9:cb:da:a9:f9:87:b5:c9:e0:de:8c:
78:59:8c:9c:57:4b:fb:dc:e6:92:2d:6b:ba:38:0d:a0:16:f3:
1e:f3:89:84:a2:92:fd:76:9d:6d:07:ef:3d:36:49:39:95:1a:
42:cd:91:b6:2a:65:fa:44:e8:bb:e4:1c:05:f0:ce:89:65:9e:
aa:32:38:c3:82:ca:0b:8f:43:02:3e:cb:73:7a:19:6e:2f:b8:
aa:41:f7:e4:36:f5:98:7f:c2:e1:6e:66:44:72:0a:2b:ef:ca:
5d:79:45:c2:ac:9e:7e:28:cd:a6:08:ba:1b:b2:8f:89:40:29:
6c:ea:ae:04:1b:7b:05:f9:e7:d2:f2:49:5d:b6:39:12:6e:7c:
c4:7c:9e:0c:53:f5:e6:81:e7:f6:a5:ab:43:6b:cd:66:f1:1f:
bc:f7:ef:29:1e:99:cc:78:3d:77:aa:63:da:c8:4b:cc:d4:a1:
16:ee:c5:7d:09:61:1c:26:36:46:70:7c:a2:40:2c:17:05:77:
41:2f:d5:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVXfYSjtzh623TXkqMzYG7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjI4MDY0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRhZGYxZmQ0YmUxODA4NDQwMGZiYzMxN2U0OGFkOWY1OTUwZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnMei7rIDHEAfS6n7JrzV+NDgydC
+SJ8PIAbTLYaJjrVchPTJy6S/iT4rMvd2muFmro8qVSWeQTxGWn7PC3kOTQgzSSZ
2D4VHgBGYifYJQPp8fDrn/8RnGL1zOkfZUXNnHSOb53ARcxM2YT1AEfiYiDIeJMo
u1zxVJbIeCj7DmwfQIwG4q3QAuGok1y5LfOBmsBukAW5fDFbRVi8cztomQkStcWk
0U/O/1wJuglcje7nJPddrnGpX+KUrEjU4FplbMhJh1imOcMw795orQlFu0J23m4r
uhCM8YyR3cLwLFhRyh8i+CGOo6uyXrCP6A638OulRiRMrdSPfHpd97A3KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5K3x/UvhgIRAD7wxfkitn1lQ3gMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbmtyZkg5Uy1HQWhFQVB2REYtU0syZldWRGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTo/gAwQD
UqNoMA0GCSqGSIb3DQEBCwUAA4IBAQBTV7xXjq7bQVRRtk9kxu0bvVByktwNZSeC
JDqZGAjSSOBiLXnDcUV6RXO9bN/pTK83lMAVAsNXb8wG0JkU2cvaqfmHtcng3ox4
WYycV0v73OaSLWu6OA2gFvMe84mEopL9dp1tB+89Nkk5lRpCzZG2KmX6ROi75BwF
8M6JZZ6qMjjDgsoLj0MCPstzehluL7iqQffkNvWYf8LhbmZEcgor78pdeUXCrJ5+
KM2mCLobso+JQCls6q4EG3sF+efS8kldtjkSbnzEfJ4MU/Xmgef2patDa81m8R+8
9+8pHpnMeD13qmPayEvM1KEW7sV9CWEcJjZGcHyiQCwXBXdBL9XF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org