Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/nxZeMJp-FDYXvG0Ti75H5Grhf-o.roa
File: nxZeMJp-FDYXvG0Ti75H5Grhf-o.roa (raw, json)
Hash identifier: 0yTl6k+1N4QItQy+uH21AnhQlVg0gaRh417lV7FaRys=
Subject key identifier: 9F:16:5E:30:9A:7E:14:36:17:BC:6D:13:8B:BE:47:E4:6A:E1:7F:EA
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 01848031614C593D0960F7E70D67BBEA65AF
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/nxZeMJp-FDYXvG0Ti75H5Grhf-o.roa
Signing time: Wed 16 Nov 2022 11:27:10 +0000
ROA not before: Wed 16 Nov 2022 11:27:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201691
IP address blocks: 185.88.178.0/24 maxlen: 24
185.88.176.0/24 maxlen: 24
185.88.179.0/24 maxlen: 24
185.88.177.0/24 maxlen: 24
2a05:cd01::/32 maxlen: 32
2a05:cd00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:31:61:4c:59:3d:09:60:f7:e7:0d:67:bb:ea:65:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Nov 16 11:27:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f165e309a7e143617bc6d138bbe47e46ae17fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:87:ce:8c:90:f9:29:ed:66:a2:81:74:b4:1d:
2d:6e:06:36:43:7b:a9:20:8d:94:78:69:af:3a:13:
65:c1:7e:0d:91:2d:0d:82:c6:57:59:4b:51:e7:a4:
06:d8:77:38:45:62:73:b0:22:ad:84:c0:b2:9c:6b:
38:5e:6e:6d:61:a4:67:17:b1:c9:6d:55:99:08:74:
6b:db:76:1a:a2:51:1c:39:4d:67:8b:35:08:7a:4b:
d4:36:36:7c:87:31:f2:96:e8:5f:be:89:52:70:77:
07:a2:c2:63:cd:e3:3f:2d:3d:e6:0d:95:4c:39:96:
5f:70:5f:75:8f:7c:a1:6d:06:a8:dc:ea:7d:8c:d9:
ad:51:48:95:bf:b7:e7:1d:2d:3c:44:2c:c5:4b:39:
e7:58:79:50:d4:43:97:ad:fb:dc:22:55:3e:f4:8c:
32:c9:a8:37:74:10:22:97:4d:12:8a:6d:df:4c:d6:
2d:08:f7:05:49:eb:21:0f:ed:59:85:f9:ba:96:c6:
63:b9:91:ef:19:5f:59:2f:d5:66:6c:3f:84:79:32:
11:cb:4e:90:35:87:08:29:15:90:83:60:14:bb:b6:
a3:55:66:a6:3e:88:df:28:cd:89:84:f2:29:9a:bb:
95:fb:8b:98:ed:d6:b3:38:12:07:d1:6e:1d:3c:03:
b1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:16:5E:30:9A:7E:14:36:17:BC:6D:13:8B:BE:47:E4:6A:E1:7F:EA
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/nxZeMJp-FDYXvG0Ti75H5Grhf-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.176.0/22
IPv6:
2a05:cd00::/31
Signature Algorithm: sha256WithRSAEncryption
22:3a:99:a9:2c:69:6f:2d:8b:99:48:16:df:03:0a:eb:7f:79:
98:79:2e:20:b6:42:6e:4d:53:f6:eb:2f:06:72:d5:0d:38:29:
8e:4a:e8:26:b3:0e:55:88:9f:57:6c:72:bd:df:f9:3d:31:d2:
b6:a9:93:4a:fb:8a:e0:63:7d:5b:e6:09:5a:23:ff:58:d5:db:
d6:bb:62:b9:7b:ea:aa:b0:62:15:03:5e:ae:80:e6:51:30:15:
28:8e:5b:01:5b:83:b6:a2:55:d9:8c:75:d2:9d:fe:15:f5:0f:
99:db:fe:ad:c4:14:5f:7a:07:a4:33:d2:f4:0e:fb:32:67:8c:
a0:99:c1:cd:95:b7:0c:7e:a4:34:ca:66:b8:a6:e9:0b:9f:cc:
7d:8f:10:04:5a:9f:cf:42:bc:c6:a9:f1:8b:6a:ad:c1:c5:50:
2c:b1:ac:1b:9c:d5:b7:4d:48:5b:78:9f:ab:60:35:8b:ce:bd:
e1:1d:11:79:df:93:e1:0f:dc:1b:a5:18:60:c2:41:ae:e6:f8:
a3:34:94:3d:18:d3:d2:18:79:e5:95:23:81:79:b0:5c:9a:4e:
78:6d:dd:9b:8c:b0:a2:34:2e:56:cb:a9:52:5c:34:65:54:5c:
04:00:6a:e1:db:b0:3b:8b:f3:2b:4d:df:70:69:ea:37:4f:9d:
85:81:2e:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSAMWFMWT0JYPfnDWe76mWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjIxMTE2MTEyNzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjE2NWUzMDlhN2UxNDM2MTdiYzZkMTM4YmJlNDdlNDZhZTE3ZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiofOjJD5Ke1mooF0tB0tbgY2Q3up
II2UeGmvOhNlwX4NkS0NgsZXWUtR56QG2Hc4RWJzsCKthMCynGs4Xm5tYaRnF7HJ
bVWZCHRr23YaolEcOU1nizUIekvUNjZ8hzHyluhfvolScHcHosJjzeM/LT3mDZVM
OZZfcF91j3yhbQao3Op9jNmtUUiVv7fnHS08RCzFSznnWHlQ1EOXrfvcIlU+9Iwy
yag3dBAil00Sim3fTNYtCPcFSeshD+1Zhfm6lsZjuZHvGV9ZL9VmbD+EeTIRy06Q
NYcIKRWQg2AUu7ajVWamPojfKM2JhPIpmruV+4uY7dazOBIH0W4dPAOx8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ8WXjCafhQ2F7xtE4u+R+Rq4X/qMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEvbnhaZU1KcC1GRFlYdkcwVGk3NUg1R3JoZi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuViwMA0E
AgACMAcDBQEqBc0AMA0GCSqGSIb3DQEBCwUAA4IBAQAiOpmpLGlvLYuZSBbfAwrr
f3mYeS4gtkJuTVP26y8GctUNOCmOSugmsw5ViJ9XbHK93/k9MdK2qZNK+4rgY31b
5glaI/9Y1dvWu2K5e+qqsGIVA16ugOZRMBUojlsBW4O2olXZjHXSnf4V9Q+Z2/6t
xBRfegekM9L0DvsyZ4ygmcHNlbcMfqQ0yma4pukLn8x9jxAEWp/PQrzGqfGLaq3B
xVAssawbnNW3TUhbeJ+rYDWLzr3hHRF535PhD9wbpRhgwkGu5vijNJQ9GNPSGHnl
lSOBebBcmk54bd2bjLCiNC5Wy6lSXDRlVFwEAGrh27A7i/MrTd9waeo3T52FgS4Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:13 2024 by rpki-client on console-ams.rpki-client.org