Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/ns5yOjlio8gdCDTgLKJPI_awL-8.roa
File: ns5yOjlio8gdCDTgLKJPI_awL-8.roa (raw, json)
Hash identifier: 38jYWL3B0r1A4lzp8ceHFyvfiLNnOEx1Yrp0BUSpjTk=
Subject key identifier: 9E:CE:72:3A:39:62:A3:C8:1D:08:34:E0:2C:A2:4F:23:F6:B0:2F:EF
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 02048DAD
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/ns5yOjlio8gdCDTgLKJPI_awL-8.roa
Signing time: Sat 26 Mar 2022 02:46:51 +0000
ROA not before: Sat 26 Mar 2022 02:46:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 91.226.224.0/24 maxlen: 24
31.40.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33852845 (0x2048dad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Mar 26 02:46:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ece723a3962a3c81d0834e02ca24f23f6b02fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:94:b2:05:90:c7:0a:1f:09:44:72:0b:43:
09:61:9a:f6:4e:68:c3:95:0b:e6:9d:c3:df:2c:e6:
5e:1f:9d:c3:53:ce:18:54:06:8f:41:cb:5a:22:d0:
f9:5c:d4:23:db:a0:a7:1a:28:f5:bd:41:e9:93:0a:
22:b6:f6:4b:3f:72:c2:c3:14:cc:47:ee:1f:46:da:
a8:5f:b2:9e:77:53:e2:65:6d:d3:bb:87:97:3a:13:
c3:e5:58:54:5b:f3:c3:a8:1b:22:31:be:f7:f7:36:
3d:6f:cb:ad:4e:1a:6e:78:80:82:9f:de:7b:22:8a:
8c:78:02:ba:08:cc:c5:c3:1f:95:1f:32:fc:f6:fd:
d1:d5:84:cf:05:f2:17:5c:50:38:c6:a8:95:7c:37:
f0:4d:77:52:6c:5e:04:01:fc:83:69:cf:6a:e8:c6:
14:21:c9:70:05:db:c1:78:7a:57:c1:e0:f7:2c:5d:
0d:99:ff:16:92:c0:c0:86:ef:9d:95:d7:0c:3b:0a:
26:fc:20:f4:c0:78:66:f6:cb:c4:8a:8a:c0:c0:a1:
c3:71:3a:5f:75:8f:6a:52:67:5a:65:e7:e4:46:63:
ef:83:d3:51:b7:2f:fb:f8:dc:b9:8f:54:74:a5:4b:
9f:b7:09:3b:ac:b7:5f:60:51:37:f3:07:fe:27:e4:
f4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CE:72:3A:39:62:A3:C8:1D:08:34:E0:2C:A2:4F:23:F6:B0:2F:EF
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/ns5yOjlio8gdCDTgLKJPI_awL-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.3.0/24
91.226.224.0/24
Signature Algorithm: sha256WithRSAEncryption
83:40:32:c2:e0:a2:20:90:b6:5e:88:8b:9e:98:74:56:87:b6:
bf:c2:db:c3:11:c4:7b:4d:14:45:b3:29:0c:ae:73:bd:bd:b0:
97:83:9a:16:46:5b:bf:73:37:a0:55:4c:65:d3:6b:54:39:4d:
42:49:3d:dd:56:c7:75:d5:ef:c7:7f:4e:a7:5f:79:78:e0:c4:
a2:cf:46:83:8b:ae:e3:36:f4:81:aa:1b:08:1f:e9:5c:3d:9d:
ba:7e:7c:d7:11:75:63:c7:38:e4:7b:0b:d4:0d:82:ba:97:47:
44:b7:13:bf:3d:94:0b:41:1c:e6:6a:c0:97:6b:05:f1:7d:af:
88:9c:98:24:64:ef:32:8a:ca:30:14:d8:29:31:dc:d2:f7:a1:
ff:3a:3c:4f:0e:11:44:dd:87:a1:95:b9:ae:0b:c6:06:ed:8a:
11:93:ed:9b:bc:91:67:a0:f8:da:3d:90:c3:b6:38:6c:d8:02:
2f:67:46:cd:af:6a:61:6b:c9:46:55:e8:1a:17:23:ea:2a:26:
22:51:d9:d1:b9:bc:68:7b:75:33:86:2f:4b:63:2b:26:e0:26:
5f:76:61:ee:12:36:a4:c8:c7:65:05:b7:27:3b:01:3e:ce:36:
7f:5d:de:6e:26:81:c7:d5:7e:dc:c7:e2:a3:d7:52:72:a6:98:
53:3a:7e:fd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAgSNrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmUwMmI3ZWVkZmZjMzhhYjVlYWI0NDE2MTcyZTdkODhlOWFkMWUyMB4XDTIyMDMy
NjAyNDY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVjZTcyM2EzOTYy
YTNjODFkMDgzNGUwMmNhMjRmMjNmNmIwMmZlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK42lLIFkMcKHwlEcgtDCWGa9k5ow5UL5p3D3yzmXh+dw1PO
GFQGj0HLWiLQ+VzUI9ugpxoo9b1B6ZMKIrb2Sz9ywsMUzEfuH0baqF+ynndT4mVt
07uHlzoTw+VYVFvzw6gbIjG+9/c2PW/LrU4abniAgp/eeyKKjHgCugjMxcMflR8y
/Pb90dWEzwXyF1xQOMaolXw38E13UmxeBAH8g2nPaujGFCHJcAXbwXh6V8Hg9yxd
DZn/FpLAwIbvnZXXDDsKJvwg9MB4ZvbLxIqKwMChw3E6X3WPalJnWmXn5EZj74PT
Ubcv+/jcuY9UdKVLn7cJO6y3X2BRN/MH/ifk9AMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSeznI6OWKjyB0INOAsok8j9rAv7zAfBgNVHSMEGDAWgBSP4Ct+7f/DirXq
tEFhcufYjprR4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2otQXJmdTNfdzRxMTZyUkJZWExuMkk2YTBlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8x
L25zNXlPamxpbzhnZENEVGdMS0pQSV9hd0wtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ZDJjMjM1LWExZjUtNDk4NC1hYWRmLTUxNDZmMTNiNzFhMS8xL2otQXJmdTNfdzRx
MTZyUkJZWExuMkk2YTBlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAB8oAwMEAFvi4DANBgkqhkiG9w0B
AQsFAAOCAQEAg0AywuCiIJC2XoiLnph0Voe2v8LbwxHEe00URbMpDK5zvb2wl4Oa
FkZbv3M3oFVMZdNrVDlNQkk93VbHddXvx39Op195eODEos9Gg4uu4zb0gaobCB/p
XD2dun581xF1Y8c45HsL1A2CupdHRLcTvz2UC0Ec5mrAl2sF8X2viJyYJGTvMorK
MBTYKTHc0veh/zo8Tw4RRN2HoZW5rgvGBu2KEZPtm7yRZ6D42j2Qw7Y4bNgCL2dG
za9qYWvJRlXoGhcj6iomIlHZ0bm8aHt1M4YvS2MrJuAmX3Zh7hI2pMjHZQW3JzsB
Ps42f13ebiaBx9V+3Mfio9dScqaYUzp+/Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:08 2023 by rpki-client on console-ams.rpki-client.org