Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/nKblleLsKHJoM2_q4VuQU6IqCbE.roa
File: nKblleLsKHJoM2_q4VuQU6IqCbE.roa (raw, json)
Hash identifier: qa3pmUMz2ZDqRFKZDKBcgDRskXBCx9SBXAo9n2qg1kU=
Subject key identifier: 9C:A6:E5:95:E2:EC:28:72:68:33:6F:EA:E1:5B:90:53:A2:2A:09:B1
Certificate issuer: /CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Certificate serial: 01849FA8466A56E22B0B1DB0D57C468E3FEC
Authority key identifier: 8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/nKblleLsKHJoM2_q4VuQU6IqCbE.roa
Signing time: Tue 22 Nov 2022 14:05:16 +0000
ROA not before: Tue 22 Nov 2022 14:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8075
IP address blocks: 46.29.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:a8:46:6a:56:e2:2b:0b:1d:b0:d5:7c:46:8e:3f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ca8a4d42a0196df7cc0e14f597cf5660d63c09f
Validity
Not Before: Nov 22 14:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ca6e595e2ec287268336feae15b9053a22a09b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:ad:f3:2c:29:eb:aa:4d:bc:bf:85:5f:ec:
ad:c4:01:60:7c:e5:4f:65:2d:fe:60:3b:28:2d:33:
80:42:c7:1b:74:ce:09:e0:ba:7e:7b:c9:fc:23:ae:
01:41:03:d4:f5:1e:62:41:22:53:34:e2:49:61:99:
e1:a3:25:84:37:36:7d:a5:ba:f7:95:6c:f9:5f:4f:
24:c6:e1:6d:d1:13:69:8c:d8:57:4c:26:8f:10:a3:
ff:88:de:71:5e:96:7e:39:18:b4:1e:35:86:e4:95:
21:e8:cf:52:42:34:32:5a:32:af:eb:1a:a0:55:2b:
b5:c6:1f:84:4d:1b:df:a0:3f:27:50:27:6b:63:3d:
82:74:b0:18:71:34:c8:40:0a:5d:df:18:f9:f3:d0:
df:28:c7:67:03:e4:5f:7c:ac:3b:ec:eb:ad:8f:f9:
80:e7:bf:39:ac:8a:c1:a7:4a:f3:e0:dd:3a:80:08:
e2:4a:35:74:a7:b2:b2:08:01:da:45:a4:dc:fe:8d:
cd:4b:93:7c:11:9c:b1:49:b5:09:fb:e8:54:d9:d1:
33:97:ea:a0:24:10:f1:1d:e5:3b:1f:25:96:ad:00:
12:df:aa:0d:9d:78:a7:3d:b4:98:71:f1:c8:8b:cb:
1b:c2:39:68:12:62:17:c5:d4:6f:b1:72:d4:81:04:
ae:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A6:E5:95:E2:EC:28:72:68:33:6F:EA:E1:5B:90:53:A2:2A:09:B1
X509v3 Authority Key Identifier:
keyid:8C:A8:A4:D4:2A:01:96:DF:7C:C0:E1:4F:59:7C:F5:66:0D:63:C0:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jKik1CoBlt98wOFPWXz1Zg1jwJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/nKblleLsKHJoM2_q4VuQU6IqCbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bb0480-66ad-4288-b8d3-1004c1e50dfe/1/jKik1CoBlt98wOFPWXz1Zg1jwJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.242.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:39:94:8d:a7:fb:3d:dc:c7:36:9d:47:2b:a8:dc:b6:a2:e7:
25:f2:72:9e:2d:7a:67:2d:b4:6e:cd:a4:35:51:48:cd:a8:e8:
c4:af:fa:3b:3a:07:45:d8:8b:5f:af:2c:18:37:9d:fe:6f:60:
9f:ad:af:91:3a:f7:ac:5d:0a:41:87:34:92:83:0e:f2:af:1e:
4b:84:af:58:2c:4f:9d:c8:2a:bb:90:5a:9e:2e:49:94:69:9e:
b0:c9:5b:93:f6:9f:59:77:04:88:0c:51:5f:f0:7f:91:a0:38:
df:85:4c:9d:ae:ec:a9:77:59:5c:d6:9c:28:20:62:d4:53:2c:
85:90:76:bf:8a:e8:c4:9f:63:05:ef:37:3a:30:f4:24:f3:2f:
9b:75:bf:fc:58:38:f2:2d:c5:1e:5d:aa:c7:a6:2c:9f:23:12:
c0:39:fb:8f:e6:b8:42:90:19:6a:47:e5:94:7e:e2:17:64:e9:
3b:cd:b2:41:bf:4e:37:9e:4b:73:de:32:98:93:e5:bc:96:b3:
97:a8:c3:ba:b1:db:6d:f5:02:8a:d2:5a:9c:5e:a0:3b:c5:21:
17:91:70:64:a2:d5:b7:22:9f:83:0d:c8:65:15:68:70:62:13:
02:30:56:a1:39:97:53:3e:87:ec:d7:4a:7d:76:95:42:29:be:
cd:7a:23:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSfqEZqVuIrCx2w1XxGjj/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYThhNGQ0MmEwMTk2ZGY3Y2MwZTE0ZjU5N2NmNTY2MGQ2
M2MwOWYwHhcNMjIxMTIyMTQwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E2ZTU5NWUyZWMyODcyNjgzMzZmZWFlMTViOTA1M2EyMmEwOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMmt8ywp66pNvL+FX+ytxAFgfOVP
ZS3+YDsoLTOAQscbdM4J4Lp+e8n8I64BQQPU9R5iQSJTNOJJYZnhoyWENzZ9pbr3
lWz5X08kxuFt0RNpjNhXTCaPEKP/iN5xXpZ+ORi0HjWG5JUh6M9SQjQyWjKv6xqg
VSu1xh+ETRvfoD8nUCdrYz2CdLAYcTTIQApd3xj589DfKMdnA+RffKw77Outj/mA
5785rIrBp0rz4N06gAjiSjV0p7KyCAHaRaTc/o3NS5N8EZyxSbUJ++hU2dEzl+qg
JBDxHeU7HyWWrQAS36oNnXinPbSYcfHIi8sbwjloEmIXxdRvsXLUgQSuYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJym5ZXi7ChyaDNv6uFbkFOiKgmxMB8GA1UdIwQY
MBaAFIyopNQqAZbffMDhT1l89WYNY8CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMt
MTAwNGMxZTUwZGZlLzEvbktibGxlTHNLSEpvTTJfcTRWdVFVNklxQ2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9iYjA0ODAtNjZhZC00Mjg4LWI4ZDMtMTAwNGMxZTUwZGZl
LzEvaktpazFDb0JsdDk4d09GUFdYejFaZzFqd0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALh3yMA0G
CSqGSIb3DQEBCwUAA4IBAQCeOZSNp/s93Mc2nUcrqNy2oucl8nKeLXpnLbRuzaQ1
UUjNqOjEr/o7OgdF2ItfrywYN53+b2Cfra+ROvesXQpBhzSSgw7yrx5LhK9YLE+d
yCq7kFqeLkmUaZ6wyVuT9p9ZdwSIDFFf8H+RoDjfhUydruypd1lc1pwoIGLUUyyF
kHa/iujEn2MF7zc6MPQk8y+bdb/8WDjyLcUeXarHpiyfIxLAOfuP5rhCkBlqR+WU
fuIXZOk7zbJBv043nktz3jKYk+W8lrOXqMO6sdtt9QKK0lqcXqA7xSEXkXBkotW3
Ip+DDchlFWhwYhMCMFahOZdTPofs10p9dpVCKb7NeiNS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:58 2024 by rpki-client on console-fra.rpki-client.org