Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/nhBiBTNjkimtTSQN29UJGsnquCc.roa
File: nhBiBTNjkimtTSQN29UJGsnquCc.roa (raw, json)
Hash identifier: Ue/IjYflxwvj+Y6Hm4Gy3xJvchc+umIbxiAPDSvsxxQ=
Subject key identifier: 9E:10:62:05:33:63:92:29:AD:4D:24:0D:DB:D5:09:1A:C9:EA:B8:27
Certificate issuer: /CN=bf98e8170959b5e6018f602b3a7487b2d8028106
Certificate serial: 1BA7ED05
Authority key identifier: BF:98:E8:17:09:59:B5:E6:01:8F:60:2B:3A:74:87:B2:D8:02:81:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v5joFwlZteYBj2ArOnSHstgCgQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/nhBiBTNjkimtTSQN29UJGsnquCc.roa
Signing time: Tue 15 Mar 2022 15:16:05 +0000
ROA not before: Tue 15 Mar 2022 15:16:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203897
IP address blocks: 185.34.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463990021 (0x1ba7ed05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf98e8170959b5e6018f602b3a7487b2d8028106
Validity
Not Before: Mar 15 15:16:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e10620533639229ad4d240ddbd5091ac9eab827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:58:cc:8b:06:7e:08:81:69:bc:51:5b:29:3d:
0f:7c:03:53:5a:87:e5:32:c7:ea:5c:8e:fc:a5:b2:
0b:11:b4:f7:c8:a1:d0:72:e5:2f:7f:fe:97:79:d9:
ce:aa:dd:ea:ec:68:bb:ba:aa:48:31:03:b9:47:a1:
72:44:ac:b1:47:9c:61:e7:ae:c0:20:cc:64:69:a2:
2c:e1:5d:79:68:7e:e4:63:ed:23:86:8d:a0:47:eb:
f4:bc:81:a7:15:68:e1:54:01:a6:bc:ab:dd:60:2d:
c6:72:63:c2:71:94:53:07:9a:48:d7:79:73:f3:84:
ad:2b:f7:71:8d:fd:b8:f1:a2:2c:a0:f6:a5:8f:5b:
4e:9d:b0:38:27:f6:4b:cb:d3:17:ee:90:e1:1b:ab:
17:69:b8:1c:74:b9:86:9e:91:58:31:ec:e3:81:e3:
08:c0:63:1a:7b:a0:78:b5:75:48:d0:43:a2:8b:f1:
8b:b9:1b:de:7f:49:1e:f7:38:32:03:5d:c7:39:59:
85:4d:b9:21:5d:35:85:e8:01:fd:00:3a:c0:72:d0:
ed:a2:8f:d5:38:1b:b1:6e:c4:be:aa:8f:ec:32:40:
15:41:3e:56:6f:35:f5:72:44:e1:38:34:e9:8a:3a:
30:c7:bd:29:c4:ad:4a:c0:00:c4:72:e7:bc:98:75:
f4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:10:62:05:33:63:92:29:AD:4D:24:0D:DB:D5:09:1A:C9:EA:B8:27
X509v3 Authority Key Identifier:
keyid:BF:98:E8:17:09:59:B5:E6:01:8F:60:2B:3A:74:87:B2:D8:02:81:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v5joFwlZteYBj2ArOnSHstgCgQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/nhBiBTNjkimtTSQN29UJGsnquCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/23fb1a-a791-400c-a41a-48ceed5e438e/1/v5joFwlZteYBj2ArOnSHstgCgQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:38:a5:8d:4b:0c:22:2a:8d:37:48:2d:99:6b:12:d1:fb:69:
e4:a6:05:9f:f0:1d:ac:d3:82:e3:86:d0:8a:e4:71:6c:be:6e:
94:6b:ff:fa:b0:44:35:03:02:4f:c3:26:63:25:3c:20:ff:92:
d7:96:c3:d6:c5:3f:66:f1:64:b5:4f:46:88:1f:bb:d2:a5:42:
23:30:78:e6:c5:1d:ff:c5:bb:69:9d:86:ca:ad:b8:51:e1:b8:
c9:7d:7d:3b:8a:a6:2a:06:4e:1a:08:94:a7:81:f1:91:d0:a9:
b1:5e:f4:2f:86:89:47:45:e3:d0:bf:6c:94:3a:e5:63:a5:86:
30:6e:eb:14:27:b5:96:fb:4e:dd:57:1e:d6:aa:f5:99:e0:f4:
1e:43:35:f3:2f:e4:f9:e7:20:f0:73:71:0f:ce:da:3e:40:b0:
09:40:5f:4b:bc:fc:d6:d5:70:6b:be:f3:34:f6:b5:5f:f9:88:
72:fc:a5:73:29:f6:48:92:70:38:c0:11:ec:5d:6b:2e:aa:58:
81:2b:4e:91:f5:58:90:5d:fe:b2:85:ed:2b:ed:55:7f:51:6d:
8e:4b:cf:46:eb:80:b2:c6:02:f5:41:54:c1:f5:d2:e5:66:9a:
a6:5a:19:08:82:bc:f6:de:dc:fc:be:f0:d3:73:29:f3:d8:93:
0e:c6:29:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG6ftBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Zjk4ZTgxNzA5NTliNWU2MDE4ZjYwMmIzYTc0ODdiMmQ4MDI4MTA2MB4XDTIyMDMx
NTE1MTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUxMDYyMDUzMzYz
OTIyOWFkNGQyNDBkZGJkNTA5MWFjOWVhYjgyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxYzIsGfgiBabxRWyk9D3wDU1qH5TLH6lyO/KWyCxG098ih
0HLlL3/+l3nZzqrd6uxou7qqSDEDuUehckSssUecYeeuwCDMZGmiLOFdeWh+5GPt
I4aNoEfr9LyBpxVo4VQBpryr3WAtxnJjwnGUUweaSNd5c/OErSv3cY39uPGiLKD2
pY9bTp2wOCf2S8vTF+6Q4RurF2m4HHS5hp6RWDHs44HjCMBjGnugeLV1SNBDoovx
i7kb3n9JHvc4MgNdxzlZhU25IV01hegB/QA6wHLQ7aKP1TgbsW7EvqqP7DJAFUE+
Vm819XJE4Tg06Yo6MMe9KcStSsAAxHLnvJh19OMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSeEGIFM2OSKa1NJA3b1Qkayeq4JzAfBgNVHSMEGDAWgBS/mOgXCVm15gGP
YCs6dIey2AKBBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y1am9Gd2xadGVZQmoyQXJPblNIc3RnQ2dRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMjNmYjFhLWE3OTEtNDAwYy1hNDFhLTQ4Y2VlZDVlNDM4ZS8x
L25oQmlCVE5qa2ltdFRTUU4yOVVKR3NucXVDYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MjNmYjFhLWE3OTEtNDAwYy1hNDFhLTQ4Y2VlZDVlNDM4ZS8xL3Y1am9Gd2xadGVZ
QmoyQXJPblNIc3RnQ2dRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkifjANBgkqhkiG9w0BAQsFAAOC
AQEADTiljUsMIiqNN0gtmWsS0ftp5KYFn/AdrNOC44bQiuRxbL5ulGv/+rBENQMC
T8MmYyU8IP+S15bD1sU/ZvFktU9GiB+70qVCIzB45sUd/8W7aZ2Gyq24UeG4yX19
O4qmKgZOGgiUp4HxkdCpsV70L4aJR0Xj0L9slDrlY6WGMG7rFCe1lvtO3Vce1qr1
meD0HkM18y/k+ecg8HNxD87aPkCwCUBfS7z81tVwa77zNPa1X/mIcvylcyn2SJJw
OMAR7F1rLqpYgStOkfVYkF3+soXtK+1Vf1FtjkvPRuuAssYC9UFUwfXS5WaaploZ
CIK89t7c/L7w03Mp89iTDsYpGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:59 2024 by rpki-client on console-fra.rpki-client.org