Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/NPvjpxcz0HynYxWE0q8O2gIcKT4.roa
File: NPvjpxcz0HynYxWE0q8O2gIcKT4.roa (raw, json)
Hash identifier: GZkAPQO0ffnWGALFbcYMUb/Hu48KuiNDXyHfcLM2kaQ=
Subject key identifier: 34:FB:E3:A7:17:33:D0:7C:A7:63:15:84:D2:AF:0E:DA:02:1C:29:3E
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 018303F30989362A041DF5EF36E535CFE0F2
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/NPvjpxcz0HynYxWE0q8O2gIcKT4.roa
Signing time: Sat 03 Sep 2022 15:23:22 +0000
ROA not before: Sat 03 Sep 2022 15:23:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 195.244.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:03:f3:09:89:36:2a:04:1d:f5:ef:36:e5:35:cf:e0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Sep 3 15:23:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34fbe3a71733d07ca7631584d2af0eda021c293e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:42:d6:31:77:af:4c:38:a0:33:59:f8:e6:1b:
d0:7b:80:a5:cf:f0:dc:16:73:ad:c9:9b:50:f0:92:
e9:af:2a:21:6a:dc:86:72:5e:15:8e:e8:6a:7b:66:
ca:a6:ad:dd:5c:e8:ad:8d:8c:a9:b8:6e:0e:50:bf:
ea:2d:fb:45:fb:ac:72:7d:15:63:b6:d1:c7:2f:9e:
8a:b9:87:2c:20:03:c1:4a:1d:8e:24:f9:3d:69:58:
b3:76:54:56:5d:44:93:be:2b:6a:38:02:af:87:3d:
9b:05:02:47:92:e4:3c:7a:de:85:bf:1b:38:5e:ce:
06:03:75:e3:62:10:96:69:58:02:c0:49:8a:bd:cf:
f4:19:86:7b:61:df:19:43:d0:91:bc:31:f4:76:d2:
ce:69:b0:98:01:18:ef:d8:37:20:92:92:c3:83:de:
91:53:46:f5:60:c4:be:5f:23:49:23:14:8a:72:1d:
a5:ad:95:43:35:c5:ca:cb:7e:da:df:cc:15:62:28:
56:7e:f0:d1:d7:33:ff:0b:3b:32:85:88:b0:d8:1e:
4c:02:4e:a9:5d:fa:6b:ed:e4:c5:4d:a3:d9:fd:fe:
a1:11:7e:11:58:f2:03:4b:89:93:9d:b9:6b:a9:50:
60:b7:33:11:4e:1f:66:0b:50:ae:ad:04:a7:52:73:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:FB:E3:A7:17:33:D0:7C:A7:63:15:84:D2:AF:0E:DA:02:1C:29:3E
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/NPvjpxcz0HynYxWE0q8O2gIcKT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.28.0/23
Signature Algorithm: sha256WithRSAEncryption
14:02:d5:17:f1:20:60:a7:3c:d4:5d:dc:ba:3a:55:25:44:f5:
2a:ca:0d:07:e7:78:af:b4:c8:80:75:2d:6f:00:5f:a3:a8:2a:
1e:00:a0:ee:cb:55:bc:07:45:02:cb:db:7d:43:71:06:b5:f3:
79:71:01:a4:53:53:ad:f7:e8:03:af:ce:bd:90:cf:08:41:59:
c0:43:ea:b9:15:af:5d:50:01:66:4a:03:0a:4f:dd:ea:0d:2c:
b1:90:a8:a0:86:c0:ee:6e:8a:6a:98:3c:29:37:6d:cb:bc:22:
8f:7c:28:ae:d4:9b:a8:a0:24:81:8f:f8:8c:00:b3:9f:91:ee:
ca:9f:ef:b5:99:19:f0:7e:80:1f:3f:ff:51:b3:92:4f:42:7b:
9f:44:92:81:5a:13:4f:a9:e5:59:d6:84:7e:9e:17:e6:ef:be:
34:66:f9:cb:2f:33:99:66:4e:7d:e5:64:ef:41:f4:ea:99:96:
7e:5e:3d:e2:97:7f:13:dc:59:36:bb:39:9b:32:70:3d:2f:dd:
da:a9:84:75:f4:13:52:8a:fc:c7:7e:0e:de:09:d8:08:72:d4:
e8:8e:6d:d9:9d:5a:58:a7:09:13:3f:c3:53:aa:db:e9:a9:fc:
34:99:9d:ba:1d:6d:02:13:eb:3b:0c:01:64:da:04:9a:66:ac:
52:74:3c:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMD8wmJNioEHfXvNuU1z+DyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjIwOTAzMTUyMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGZiZTNhNzE3MzNkMDdjYTc2MzE1ODRkMmFmMGVkYTAyMWMyOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxELWMXevTDigM1n45hvQe4Clz/Dc
FnOtyZtQ8JLpryohatyGcl4Vjuhqe2bKpq3dXOitjYypuG4OUL/qLftF+6xyfRVj
ttHHL56KuYcsIAPBSh2OJPk9aVizdlRWXUSTvitqOAKvhz2bBQJHkuQ8et6Fvxs4
Xs4GA3XjYhCWaVgCwEmKvc/0GYZ7Yd8ZQ9CRvDH0dtLOabCYARjv2DcgkpLDg96R
U0b1YMS+XyNJIxSKch2lrZVDNcXKy37a38wVYihWfvDR1zP/CzsyhYiw2B5MAk6p
Xfpr7eTFTaPZ/f6hEX4RWPIDS4mTnblrqVBgtzMRTh9mC1CurQSnUnM3XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDT746cXM9B8p2MVhNKvDtoCHCk+MB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvTlB2anB4Y3owSHluWXhXRTBxOE8yZ0ljS1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/QcMA0G
CSqGSIb3DQEBCwUAA4IBAQAUAtUX8SBgpzzUXdy6OlUlRPUqyg0H53ivtMiAdS1v
AF+jqCoeAKDuy1W8B0UCy9t9Q3EGtfN5cQGkU1Ot9+gDr869kM8IQVnAQ+q5Fa9d
UAFmSgMKT93qDSyxkKighsDubopqmDwpN23LvCKPfCiu1JuooCSBj/iMALOfke7K
n++1mRnwfoAfP/9Rs5JPQnufRJKBWhNPqeVZ1oR+nhfm7740ZvnLLzOZZk595WTv
QfTqmZZ+Xj3il38T3Fk2uzmbMnA9L93aqYR19BNSivzHfg7eCdgIctTojm3ZnVpY
pwkTP8NTqtvpqfw0mZ26HW0CE+s7DAFk2gSaZqxSdDx8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org