Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/Nb-oYAu0ruFSNeospblH36TweVY.roa
File: Nb-oYAu0ruFSNeospblH36TweVY.roa (raw, json)
Hash identifier: 7xloXEtarbo4AFNt9CH9V5kYQQ0UR2CR80hpUcFTh/c=
Subject key identifier: 35:BF:A8:60:0B:B4:AE:E1:52:35:EA:2C:A5:B9:47:DF:A4:F0:79:56
Certificate issuer: /CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Certificate serial: 09069257
Authority key identifier: 48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/Nb-oYAu0ruFSNeospblH36TweVY.roa
Signing time: Tue 25 Jan 2022 09:51:52 +0000
ROA not before: Tue 25 Jan 2022 09:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203596
IP address blocks: 193.108.216.0/24 maxlen: 24
193.109.1.0/24 maxlen: 24
193.109.2.0/24 maxlen: 24
193.109.0.0/24 maxlen: 24
193.109.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151425623 (0x9069257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48cf37b3646fda93cbdd0b8aaccfff313a6f718f
Validity
Not Before: Jan 25 09:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35bfa8600bb4aee15235ea2ca5b947dfa4f07956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d3:1f:01:f4:2a:10:76:de:6a:a4:c3:7c:d8:
f9:c3:27:24:33:dc:ec:e6:d5:37:5c:21:a0:10:b3:
bc:17:02:6a:d6:39:79:7e:12:76:b8:2b:44:ff:b2:
f9:71:31:47:97:d9:75:44:dd:7e:d4:72:87:74:b6:
7c:d3:c6:2b:16:da:2e:09:8a:83:23:22:1a:94:6a:
19:d0:6f:d1:6c:34:7a:3c:2f:e0:12:17:4a:bd:df:
4b:a2:95:a2:3a:76:6a:06:88:7b:d6:74:66:8b:fb:
fb:89:6e:51:28:61:bd:f9:cf:4e:14:4a:5b:d4:4a:
20:39:81:e3:47:e5:ae:32:6a:3b:fc:77:10:81:25:
02:28:21:5d:d6:ac:86:49:15:fa:7f:9e:96:c2:22:
e1:ed:e9:9b:a9:98:45:6e:d6:58:43:51:99:f2:58:
8a:57:cc:d8:fa:d9:24:2f:f3:b4:3c:48:53:fa:41:
4d:68:1c:bc:51:3d:7f:79:31:b8:68:5d:f7:b4:58:
31:c1:69:5e:a8:ca:27:20:d2:32:1d:60:ce:28:d3:
1a:c1:d7:9a:c0:b2:1b:82:c6:08:15:d7:05:61:f8:
5c:84:19:dd:2f:7d:49:ec:68:3b:2c:9d:1d:38:69:
88:ac:33:b2:e4:56:10:4c:5e:51:82:2b:ef:52:73:
0d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BF:A8:60:0B:B4:AE:E1:52:35:EA:2C:A5:B9:47:DF:A4:F0:79:56
X509v3 Authority Key Identifier:
keyid:48:CF:37:B3:64:6F:DA:93:CB:DD:0B:8A:AC:CF:FF:31:3A:6F:71:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SM83s2Rv2pPL3QuKrM__MTpvcY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/Nb-oYAu0ruFSNeospblH36TweVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/20d593-723f-4963-901d-17e3158954da/1/SM83s2Rv2pPL3QuKrM__MTpvcY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.216.0/24
193.109.0.0/22
Signature Algorithm: sha256WithRSAEncryption
85:4d:c1:50:5d:8c:90:cc:ba:20:d2:e5:f2:31:94:e7:36:17:
bf:2b:fa:41:41:b4:25:ce:64:17:9b:0b:67:fc:54:29:15:1a:
53:4a:a4:51:24:6d:02:28:0f:7d:25:1a:4a:de:85:40:5c:ef:
62:6e:d7:9c:ee:7f:84:df:5c:17:ad:30:87:97:57:c4:d2:53:
79:b4:05:13:30:30:6e:a3:fe:f5:73:08:78:4b:55:c1:11:7a:
c2:2f:07:ba:b4:8d:b1:d8:c2:a1:1c:c0:11:b9:56:f9:39:f4:
b1:4e:3f:9a:ee:48:6f:7b:f1:ca:41:39:94:ec:25:e9:80:07:
c7:ab:be:80:3b:fb:54:01:de:cb:a5:de:33:54:43:92:15:ec:
d3:6c:50:42:ec:78:24:8a:1a:25:36:8a:9f:57:ea:73:d3:1b:
92:fd:67:97:78:09:e0:8e:7e:c8:ac:59:3d:4f:7d:f4:cb:73:
dd:b6:e7:ed:c9:65:9f:94:0c:ad:7f:5b:ab:6e:5a:e0:7a:2d:
63:6c:ce:9a:66:b7:a7:f2:03:9a:fb:5e:ab:d3:35:46:14:9b:
0b:0c:7a:ec:82:c7:b8:99:2c:c6:ae:36:1b:ed:3f:15:bb:5f:
53:0a:30:83:a3:1c:43:8d:4c:dd:cd:38:bc:32:3e:d6:1f:2b:
cb:6c:cd:f4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECQaSVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OGNmMzdiMzY0NmZkYTkzY2JkZDBiOGFhY2NmZmYzMTNhNmY3MThmMB4XDTIyMDEy
NTA5NTE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzViZmE4NjAwYmI0
YWVlMTUyMzVlYTJjYTViOTQ3ZGZhNGYwNzk1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzTHwH0KhB23mqkw3zY+cMnJDPc7ObVN1whoBCzvBcCatY5
eX4SdrgrRP+y+XExR5fZdUTdftRyh3S2fNPGKxbaLgmKgyMiGpRqGdBv0Ww0ejwv
4BIXSr3fS6KVojp2agaIe9Z0Zov7+4luUShhvfnPThRKW9RKIDmB40flrjJqO/x3
EIElAighXdashkkV+n+elsIi4e3pm6mYRW7WWENRmfJYilfM2PrZJC/ztDxIU/pB
TWgcvFE9f3kxuGhd97RYMcFpXqjKJyDSMh1gzijTGsHXmsCyG4LGCBXXBWH4XIQZ
3S99SexoOyydHThpiKwzsuRWEExeUYIr71JzDckCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ1v6hgC7Su4VI16iyluUffpPB5VjAfBgNVHSMEGDAWgBRIzzezZG/ak8vd
C4qsz/8xOm9xjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NNODNzMlJ2MnBQTDNRdUtyTV9fTVRwdmNZOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvMjBkNTkzLTcyM2YtNDk2My05MDFkLTE3ZTMxNTg5NTRkYS8x
L05iLW9ZQXUwcnVGU05lb3NwYmxIMzZUd2VWWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
MjBkNTkzLTcyM2YtNDk2My05MDFkLTE3ZTMxNTg5NTRkYS8xL1NNODNzMlJ2MnBQ
TDNRdUtyTV9fTVRwdmNZOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMFs2AMEAsFtADANBgkqhkiG9w0B
AQsFAAOCAQEAhU3BUF2MkMy6INLl8jGU5zYXvyv6QUG0Jc5kF5sLZ/xUKRUaU0qk
USRtAigPfSUaSt6FQFzvYm7XnO5/hN9cF60wh5dXxNJTebQFEzAwbqP+9XMIeEtV
wRF6wi8HurSNsdjCoRzAEblW+Tn0sU4/mu5Ib3vxykE5lOwl6YAHx6u+gDv7VAHe
y6XeM1RDkhXs02xQQux4JIoaJTaKn1fqc9Mbkv1nl3gJ4I5+yKxZPU999Mtz3bbn
7clln5QMrX9bq25a4HotY2zOmma3p/IDmvteq9M1RhSbCwx67ILHuJksxq42G+0/
FbtfUwowg6McQ41M3c04vDI+1h8ry2zN9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:00 2023 by rpki-client on console-fra.rpki-client.org