Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/nCTQ8hQN-Z549hJxoRh_AHQ29Mg.roa
File: nCTQ8hQN-Z549hJxoRh_AHQ29Mg.roa (raw, json)
Hash identifier: 63+0BwJ2O9J6M1ONqWzXzuiRwfRLtg5f7m8oy4/PP9k=
Subject key identifier: 9C:24:D0:F2:14:0D:F9:9E:78:F6:12:71:A1:18:7F:00:74:36:F4:C8
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 0185626550768BFCE7D63C3EF174F486C675
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/nCTQ8hQN-Z549hJxoRh_AHQ29Mg.roa
Signing time: Fri 30 Dec 2022 09:38:04 +0000
ROA not before: Fri 30 Dec 2022 09:38:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.189.0/24 maxlen: 24
5.181.188.0/22 maxlen: 22
95.214.52.0/22 maxlen: 23
185.16.36.0/22 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:65:50:76:8b:fc:e7:d6:3c:3e:f1:74:f4:86:c6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Dec 30 09:38:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c24d0f2140df99e78f61271a1187f007436f4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:24:9e:b1:a2:61:ed:7f:8d:b5:7c:7b:23:d4:
ac:cc:81:3f:63:78:f6:ed:46:ec:1a:a5:a0:4e:23:
18:42:d9:a5:f2:d5:f3:5b:ab:6a:1b:a5:9f:e8:78:
22:75:0d:c3:b4:23:3d:9e:1e:df:3c:3e:7c:8b:60:
05:7d:2f:70:50:ce:2a:68:d1:60:1c:8a:77:a2:fc:
63:91:3b:2e:85:ca:b3:54:8e:4b:a7:a4:6f:6e:0e:
5c:4b:05:1b:05:ed:cb:9b:aa:db:00:c0:9d:3b:59:
58:08:ae:88:c5:65:27:d8:e0:e4:7a:49:97:fc:bb:
04:7e:4f:2f:b2:ad:ea:96:21:5b:b8:65:b6:66:9f:
44:07:9c:c5:64:93:41:ed:55:53:2b:df:e4:8b:59:
f0:16:7d:8d:81:9c:32:8e:4b:fb:ad:ac:bc:52:ca:
45:96:ab:04:ff:a4:81:31:d2:1b:48:f4:87:59:ee:
7d:c6:a8:81:68:cd:84:91:48:c0:fa:ff:58:b3:3f:
77:f6:85:a6:fc:99:b5:a9:ee:2a:af:47:4a:04:d5:
ed:9b:a7:b9:bf:1c:ff:9f:32:1b:67:cb:c2:b9:a7:
0a:44:7a:8f:71:6d:b8:ea:32:83:3c:2e:8a:8e:63:
e5:4c:4e:b3:94:c4:f8:74:84:05:17:54:81:e6:7d:
60:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:24:D0:F2:14:0D:F9:9E:78:F6:12:71:A1:18:7F:00:74:36:F4:C8
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/nCTQ8hQN-Z549hJxoRh_AHQ29Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
185.16.36.0/22
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
50:0f:9e:f1:f1:ba:60:e3:27:ff:9b:02:26:59:42:8c:61:e4:
ee:51:58:33:52:6b:37:c2:c0:08:5a:2d:62:da:70:0e:d7:18:
f5:ad:dc:54:83:89:65:9f:5d:63:b1:46:21:ae:50:cb:9e:3a:
df:1b:8a:f8:52:95:7a:21:9a:b8:f2:77:69:c1:9a:23:3d:1f:
33:bf:53:82:58:27:45:5a:e9:26:2b:f1:20:32:45:e8:ab:3c:
44:40:dc:c2:99:a4:92:21:3f:71:de:9b:62:ae:0c:2c:57:d7:
4e:75:49:60:66:78:06:de:cc:16:76:26:b1:d6:42:1b:d8:35:
be:d5:a8:30:02:ae:ce:7b:8d:e8:f1:f7:66:1f:86:ae:a1:5d:
ac:d0:4c:4e:d2:b4:b2:a3:51:31:47:d0:ba:6a:82:10:19:d1:
da:6f:b8:be:19:c9:4c:48:de:d0:8d:01:c6:c1:a9:cc:2d:7a:
47:b8:2b:45:5c:2b:f7:b8:26:74:29:96:c9:77:08:f4:5b:49:
da:16:40:6f:74:1e:ca:61:e5:6e:74:a2:98:19:39:52:9e:d0:
f4:e6:c9:97:dc:7e:f9:e1:db:d6:7b:31:b1:a3:5b:04:79:a6:
5e:3a:30:8a:98:2b:a7:5a:8c:ff:18:af:18:17:c6:34:ae:60:
48:f2:55:2c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYViZVB2i/zn1jw+8XT0hsZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjIxMjMwMDkzODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI0ZDBmMjE0MGRmOTllNzhmNjEyNzFhMTE4N2YwMDc0MzZmNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSSesaJh7X+NtXx7I9SszIE/Y3j2
7UbsGqWgTiMYQtml8tXzW6tqG6Wf6HgidQ3DtCM9nh7fPD58i2AFfS9wUM4qaNFg
HIp3ovxjkTsuhcqzVI5Lp6Rvbg5cSwUbBe3Lm6rbAMCdO1lYCK6IxWUn2ODkekmX
/LsEfk8vsq3qliFbuGW2Zp9EB5zFZJNB7VVTK9/ki1nwFn2NgZwyjkv7ray8UspF
lqsE/6SBMdIbSPSHWe59xqiBaM2EkUjA+v9Ysz939oWm/Jm1qe4qr0dKBNXtm6e5
vxz/nzIbZ8vCuacKRHqPcW246jKDPC6KjmPlTE6zlMT4dIQFF1SB5n1g9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJwk0PIUDfmeePYScaEYfwB0NvTIMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvbkNUUThoUU4tWjU0OWhKeG9SaF9BSFEyOU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbW8AwQC
X9Y0AwQCuRAkMA0EAgACMAcDBQAqA8/AMA0GCSqGSIb3DQEBCwUAA4IBAQBQD57x
8bpg4yf/mwImWUKMYeTuUVgzUms3wsAIWi1i2nAO1xj1rdxUg4lln11jsUYhrlDL
njrfG4r4UpV6IZq48ndpwZojPR8zv1OCWCdFWukmK/EgMkXoqzxEQNzCmaSSIT9x
3ptirgwsV9dOdUlgZngG3swWdiax1kIb2DW+1agwAq7Oe43o8fdmH4auoV2s0ExO
0rSyo1ExR9C6aoIQGdHab7i+GclMSN7QjQHGwanMLXpHuCtFXCv3uCZ0KZbJdwj0
W0naFkBvdB7KYeVudKKYGTlSntD05smX3H754dvWezGxo1sEeaZeOjCKmCunWoz/
GK8YF8Y0rmBI8lUs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org