Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/NVHO5AV7tvfRJ52exyAzG9kKRNQ.roa
File: NVHO5AV7tvfRJ52exyAzG9kKRNQ.roa (raw, json)
Hash identifier: TXzH+nm+xIAl6b7eQFGch4edqrEexLXWb2dIVh6qb6Y=
Subject key identifier: 35:51:CE:E4:05:7B:B6:F7:D1:27:9D:9E:C7:20:33:1B:D9:0A:44:D4
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 0185057BDA2E695F8D00D7B22986C0B6112C
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/NVHO5AV7tvfRJ52exyAzG9kKRNQ.roa
Signing time: Mon 12 Dec 2022 08:38:00 +0000
ROA not before: Mon 12 Dec 2022 08:38:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 178.21.144.0/22 maxlen: 22
2a02:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:7b:da:2e:69:5f:8d:00:d7:b2:29:86:c0:b6:11:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Dec 12 08:38:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3551cee4057bb6f7d1279d9ec720331bd90a44d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:dc:a1:45:53:6d:33:2d:58:83:05:bd:11:
e6:88:b9:c2:96:ce:b8:f8:9c:cc:56:44:4f:54:40:
ee:74:04:3a:be:78:e4:5f:15:6c:99:c5:ea:b7:68:
46:42:24:d8:34:fd:8a:94:a3:c8:d2:33:be:76:f3:
2d:e8:7d:d3:b7:11:c7:ec:72:27:35:77:b1:a7:6a:
50:d5:09:5c:ab:0d:d8:bb:13:74:25:50:1d:c9:ea:
dc:9e:75:0b:d2:bd:64:da:ef:f2:22:83:bf:70:d3:
8f:51:1d:ac:ce:d5:42:d1:f5:af:d4:0b:e7:e3:a6:
79:c7:a3:6f:35:91:a2:3e:da:f7:69:1d:ed:9f:3b:
c1:c2:88:e9:55:92:cd:c1:96:9a:71:99:e9:b4:a1:
21:fd:df:ac:76:a6:bc:ac:03:78:2d:38:a7:44:cc:
13:03:85:78:37:47:c5:fc:02:2f:b7:32:b4:42:1f:
ef:f5:8b:ff:c9:6a:4e:15:26:c1:de:3e:fd:ee:76:
23:d6:2e:53:d9:35:13:2f:95:56:c7:79:77:d3:83:
3c:63:2b:3b:5e:e3:39:53:6e:45:59:ae:d5:02:97:
0e:e3:01:96:93:d6:c4:1f:d2:0b:74:d0:d8:88:12:
bb:45:69:67:a5:6c:79:ed:a4:04:2e:97:f3:14:d1:
6a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:51:CE:E4:05:7B:B6:F7:D1:27:9D:9E:C7:20:33:1B:D9:0A:44:D4
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/NVHO5AV7tvfRJ52exyAzG9kKRNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
IPv6:
2a02:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
33:ec:34:1a:26:97:d0:6a:d9:21:f0:79:6c:d5:10:f6:88:bb:
51:09:59:48:57:71:d7:17:a6:9c:f8:21:03:5c:1b:9b:a1:88:
2f:d0:79:4c:7d:4a:f6:71:17:05:02:87:bd:f6:a4:1d:c3:2e:
41:b6:31:94:92:4b:e8:fe:93:d4:3c:61:c4:d0:c6:f6:53:97:
39:ed:be:7e:5a:f7:91:ec:4c:ae:26:ec:4e:93:21:56:08:41:
19:87:c5:95:d1:0a:08:df:cd:f6:d6:dc:c1:04:1d:0f:43:9d:
20:4f:56:79:5a:c2:e3:27:ba:95:10:f5:10:b1:08:f2:00:68:
13:21:0c:c7:88:75:17:d0:07:86:6e:ce:60:0e:c6:74:84:ab:
36:38:39:30:06:06:65:ac:92:c3:62:71:5d:24:8a:8f:b9:fd:
40:15:e1:9a:8c:7d:fd:33:46:4e:a4:87:42:0a:1f:ce:c3:ba:
44:5f:cc:19:37:78:64:82:1d:f9:96:02:9f:fd:86:47:27:b9:
88:ae:a9:4d:31:67:e9:50:65:4c:c6:3d:4d:58:c2:ba:0f:8d:
12:37:1c:82:2a:fd:79:86:da:5a:a0:b9:4f:2a:3c:fa:18:1d:
a9:b5:64:53:82:13:95:20:67:91:99:40:40:9e:0f:a4:02:ef:
32:8b:f7:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUFe9ouaV+NANeyKYbAthEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjIxMjEyMDgzODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTUxY2VlNDA1N2JiNmY3ZDEyNzlkOWVjNzIwMzMxYmQ5MGE0NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9ncoUVTbTMtWIMFvRHmiLnCls64
+JzMVkRPVEDudAQ6vnjkXxVsmcXqt2hGQiTYNP2KlKPI0jO+dvMt6H3TtxHH7HIn
NXexp2pQ1Qlcqw3YuxN0JVAdyercnnUL0r1k2u/yIoO/cNOPUR2sztVC0fWv1Avn
46Z5x6NvNZGiPtr3aR3tnzvBwojpVZLNwZaacZnptKEh/d+sdqa8rAN4LTinRMwT
A4V4N0fF/AIvtzK0Qh/v9Yv/yWpOFSbB3j797nYj1i5T2TUTL5VWx3l304M8Yys7
XuM5U25FWa7VApcO4wGWk9bEH9ILdNDYiBK7RWlnpWx57aQELpfzFNFqzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDVRzuQFe7b30SednscgMxvZCkTUMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvTlZITzVBVjd0dmZSSjUyZXh5QXpHOWtLUk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCshWQMA8E
AgACMAkDBwAqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBADPsNBoml9Bq2SHweWzV
EPaIu1EJWUhXcdcXppz4IQNcG5uhiC/QeUx9SvZxFwUCh732pB3DLkG2MZSSS+j+
k9Q8YcTQxvZTlzntvn5a95HsTK4m7E6TIVYIQRmHxZXRCgjfzfbW3MEEHQ9DnSBP
VnlawuMnupUQ9RCxCPIAaBMhDMeIdRfQB4ZuzmAOxnSEqzY4OTAGBmWsksNicV0k
io+5/UAV4ZqMff0zRk6kh0IKH87DukRfzBk3eGSCHfmWAp/9hkcnuYiuqU0xZ+lQ
ZUzGPU1YwroPjRI3HIIq/XmG2lqguU8qPPoYHam1ZFOCE5UgZ5GZQECeD6QC7zKL
9ys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:48 2024 by rpki-client on console-fra.rpki-client.org