Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e9cb7a-2461-4f65-a994-a9086f74dd8f/1/nxs7JJAyWEt_sYJW3vXJ-_Dkn2c.roa
File: nxs7JJAyWEt_sYJW3vXJ-_Dkn2c.roa (raw, json)
Hash identifier: 6V7OnRiinrtDmzsbnHnmN/FIufs636tBFjOieI54TBo=
Subject key identifier: 9F:1B:3B:24:90:32:58:4B:7F:B1:82:56:DE:F5:C9:FB:F0:E4:9F:67
Certificate issuer: /CN=15b1d17f83fe842745c4cd23e1f1a1ecb9cd3392
Certificate serial: 01723B78
Authority key identifier: 15:B1:D1:7F:83:FE:84:27:45:C4:CD:23:E1:F1:A1:EC:B9:CD:33:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FbHRf4P-hCdFxM0j4fGh7LnNM5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e9cb7a-2461-4f65-a994-a9086f74dd8f/1/nxs7JJAyWEt_sYJW3vXJ-_Dkn2c.roa
Signing time: Thu 12 May 2022 09:04:08 +0000
ROA not before: Thu 12 May 2022 09:04:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 217.8.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24263544 (0x1723b78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15b1d17f83fe842745c4cd23e1f1a1ecb9cd3392
Validity
Not Before: May 12 09:04:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f1b3b249032584b7fb18256def5c9fbf0e49f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:bf:93:0f:64:cc:51:26:97:0f:8e:ba:3c:
af:7d:6d:e4:af:f6:69:f2:71:f2:eb:27:6d:7a:9c:
f3:44:12:fa:b7:46:ad:9a:ae:67:b4:92:13:7c:9e:
0f:1d:65:84:72:10:c6:f6:ff:d0:d1:b4:d7:16:ba:
68:60:fc:d3:6e:d1:3a:a2:d4:68:81:2f:6a:cd:29:
9f:ec:53:60:ff:90:bc:62:94:65:f5:66:b1:25:97:
3d:52:2b:31:79:1c:99:fd:76:56:5e:08:59:34:0c:
04:4b:fa:2d:a8:e6:f7:8b:57:89:bd:0a:da:22:8b:
56:1b:77:ef:38:fe:cf:08:fc:fd:7f:f3:49:10:fe:
af:9c:cf:98:87:a5:a8:ec:ef:a3:dd:c6:cb:14:45:
23:1a:66:28:07:b3:de:52:e0:0e:20:fa:b5:6e:b6:
31:a0:f7:ca:5c:c7:f3:a8:81:d3:9b:29:d1:d8:01:
05:45:ad:24:4b:2d:88:50:d3:14:ca:cd:4b:c2:7a:
f3:cd:21:80:8c:3f:bd:ce:e4:c8:3a:3d:c8:8e:d1:
b3:d1:2e:ec:91:4c:29:2e:36:03:e1:61:90:4d:5f:
15:e6:68:4b:b0:7f:ee:6a:cd:de:24:e8:7f:56:09:
ae:b5:a4:0d:96:a0:21:3b:bf:66:b2:c7:2c:ad:d5:
ff:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1B:3B:24:90:32:58:4B:7F:B1:82:56:DE:F5:C9:FB:F0:E4:9F:67
X509v3 Authority Key Identifier:
keyid:15:B1:D1:7F:83:FE:84:27:45:C4:CD:23:E1:F1:A1:EC:B9:CD:33:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FbHRf4P-hCdFxM0j4fGh7LnNM5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e9cb7a-2461-4f65-a994-a9086f74dd8f/1/nxs7JJAyWEt_sYJW3vXJ-_Dkn2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e9cb7a-2461-4f65-a994-a9086f74dd8f/1/FbHRf4P-hCdFxM0j4fGh7LnNM5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.116.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2a:cb:13:8a:95:0d:01:54:5f:13:f7:dc:69:d8:a6:33:5e:
02:36:bd:4c:14:c6:4a:93:68:a5:27:0c:45:ef:16:8f:a8:6f:
49:cf:e8:49:25:1a:64:70:03:0c:a4:99:4c:72:98:ec:a0:a0:
21:44:6e:53:d6:1e:dc:d9:6e:24:ee:0b:9f:f3:e7:98:e1:54:
ea:8d:42:02:f6:dc:3b:cc:a6:d1:ad:e8:4e:53:fb:71:4e:eb:
68:97:0a:f0:da:75:da:48:35:a3:1f:38:59:f0:06:8f:1c:91:
5c:e5:aa:72:b9:41:e8:cf:0c:3b:4c:d4:74:85:a8:b0:db:2b:
d7:ab:ef:8e:00:5d:45:3f:e4:7a:1c:f3:2e:e4:02:6d:4c:fb:
c2:60:0f:78:58:a1:65:1b:14:39:62:29:2c:e5:77:a3:f2:d5:
bb:af:f3:8e:7c:49:fd:b2:92:a2:e3:13:1b:88:e3:a7:26:aa:
a8:ac:84:04:46:93:a1:e3:41:c9:39:b4:95:66:25:9c:1a:ff:
8a:45:28:de:1e:98:5a:07:a1:4b:50:92:16:52:bd:2d:fb:6a:
39:a6:3a:d0:f6:a1:b0:46:b3:95:f1:95:c3:25:15:e7:02:f3:
44:80:1f:73:c4:4c:42:99:8a:a1:c5:30:e6:4a:50:ed:84:0f:
83:ba:8e:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXI7eDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWIxZDE3ZjgzZmU4NDI3NDVjNGNkMjNlMWYxYTFlY2I5Y2QzMzkyMB4XDTIyMDUx
MjA5MDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWYxYjNiMjQ5MDMy
NTg0YjdmYjE4MjU2ZGVmNWM5ZmJmMGU0OWY2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHiv5MPZMxRJpcPjro8r31t5K/2afJx8usnbXqc80QS+rdG
rZquZ7SSE3yeDx1lhHIQxvb/0NG01xa6aGD8027ROqLUaIEvas0pn+xTYP+QvGKU
ZfVmsSWXPVIrMXkcmf12Vl4IWTQMBEv6Lajm94tXib0K2iKLVht37zj+zwj8/X/z
SRD+r5zPmIelqOzvo93GyxRFIxpmKAez3lLgDiD6tW62MaD3ylzH86iB05sp0dgB
BUWtJEstiFDTFMrNS8J6880hgIw/vc7kyDo9yI7Rs9Eu7JFMKS42A+FhkE1fFeZo
S7B/7mrN3iTof1YJrrWkDZagITu/ZrLHLK3V/w0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfGzskkDJYS3+xglbe9cn78OSfZzAfBgNVHSMEGDAWgBQVsdF/g/6EJ0XE
zSPh8aHsuc0zkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZiSFJmNFAtaENkRnhNMGo0ZkdoN0xuTk01SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZTljYjdhLTI0NjEtNGY2NS1hOTk0LWE5MDg2Zjc0ZGQ4Zi8x
L254czdKSkF5V0V0X3NZSlczdlhKLV9Ea24yYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZTljYjdhLTI0NjEtNGY2NS1hOTk0LWE5MDg2Zjc0ZGQ4Zi8xL0ZiSFJmNFAtaENk
RnhNMGo0ZkdoN0xuTk01SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkIdDANBgkqhkiG9w0BAQsFAAOC
AQEANyrLE4qVDQFUXxP33GnYpjNeAja9TBTGSpNopScMRe8Wj6hvSc/oSSUaZHAD
DKSZTHKY7KCgIURuU9Ye3NluJO4Ln/PnmOFU6o1CAvbcO8ym0a3oTlP7cU7raJcK
8Np12kg1ox84WfAGjxyRXOWqcrlB6M8MO0zUdIWosNsr16vvjgBdRT/kehzzLuQC
bUz7wmAPeFihZRsUOWIpLOV3o/LVu6/zjnxJ/bKSouMTG4jjpyaqqKyEBEaToeNB
yTm0lWYlnBr/ikUo3h6YWgehS1CSFlK9LftqOaY60PahsEazlfGVwyUV5wLzRIAf
c8RMQpmKocUw5kpQ7YQPg7qONw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org