Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/NVta8A4d-JqWjUZXIwYmqCxPFz8.roa
File: NVta8A4d-JqWjUZXIwYmqCxPFz8.roa (raw, json)
Hash identifier: FRoseVZbG0d4/3aMFA+YMHBkMxD5sEfHks2kdu8tcSQ=
Subject key identifier: 35:5B:5A:F0:0E:1D:F8:9A:96:8D:46:57:23:06:26:A8:2C:4F:17:3F
Certificate issuer: /CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Certificate serial: 01849EE803A137E296D31E4F5D98FB447520
Authority key identifier: 1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/NVta8A4d-JqWjUZXIwYmqCxPFz8.roa
Signing time: Tue 22 Nov 2022 10:35:16 +0000
ROA not before: Tue 22 Nov 2022 10:35:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43608
IP address blocks: 78.24.104.0/21 maxlen: 21
78.24.108.0/24 maxlen: 24
62.77.132.0/22 maxlen: 24
185.61.57.0/24 maxlen: 24
185.61.56.0/22 maxlen: 24
2a00:9500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:e8:03:a1:37:e2:96:d3:1e:4f:5d:98:fb:44:75:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Validity
Not Before: Nov 22 10:35:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=355b5af00e1df89a968d4657230626a82c4f173f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cd:f4:05:d4:f8:9a:a1:8f:21:14:bc:c9:ab:
20:dd:ed:e8:d0:d8:cb:56:34:2c:de:a8:7b:19:fa:
46:a5:be:e3:63:65:72:64:69:6d:0f:29:d8:bd:db:
b5:4a:9e:d3:fa:e3:c5:ca:41:82:53:76:6d:6d:72:
50:c2:e9:68:3c:4c:b8:be:61:e2:a1:f5:8f:7d:c8:
2d:c2:9a:2b:88:71:eb:c1:12:97:b1:2e:e8:b7:46:
3a:35:89:bd:b9:47:d1:dd:38:e3:19:5e:20:08:f8:
b2:d2:bc:01:ea:88:dc:27:c5:2a:28:0e:5c:a0:c2:
e8:72:6f:a8:9d:88:12:7b:5f:ad:a0:93:77:03:17:
29:af:c2:d4:6d:58:1f:a4:0a:b7:1e:27:39:74:45:
55:8f:f6:31:f5:cb:57:ec:1d:17:ee:ec:1a:e4:74:
d9:90:c4:bc:b4:f2:20:0b:aa:c9:80:e4:4e:31:72:
78:7e:01:2c:f0:a0:cc:d6:e0:ce:aa:4d:31:0e:2e:
43:b8:16:b8:cb:56:16:8c:ac:4d:62:82:50:98:6e:
fb:d8:1f:c7:c2:31:f2:eb:e7:57:60:bc:3f:1e:6b:
9d:d0:28:62:25:b7:55:9b:02:e6:5c:2e:fd:2d:31:
71:f3:de:ba:cd:ac:d4:f0:bf:19:db:8a:ac:8a:06:
f1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5B:5A:F0:0E:1D:F8:9A:96:8D:46:57:23:06:26:A8:2C:4F:17:3F
X509v3 Authority Key Identifier:
keyid:1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/NVta8A4d-JqWjUZXIwYmqCxPFz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/HJe0gj08nhIexkmCHgDwp5rrm40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.132.0/22
78.24.104.0/21
185.61.56.0/22
IPv6:
2a00:9500::/32
Signature Algorithm: sha256WithRSAEncryption
56:45:03:55:3c:0f:88:62:99:da:77:6a:e2:46:ee:43:a5:6f:
4f:06:e5:e4:68:3f:c4:c1:f7:02:81:6b:84:2f:ac:b0:95:70:
05:fa:c1:40:8c:f1:45:13:4a:f0:bb:22:23:f1:37:09:6b:41:
01:dc:90:9a:73:12:5c:c8:fa:df:c0:ca:15:d0:86:8a:be:3e:
8e:1c:6b:32:5c:48:7d:0d:70:d4:27:de:a2:4c:6e:e9:23:0e:
7a:af:ba:88:9b:3d:58:69:39:8d:cc:e3:78:6c:c2:16:13:51:
93:57:06:bf:96:7c:59:81:d4:3e:2c:10:aa:40:4a:4f:a9:cc:
98:a4:db:bd:4b:d6:11:b3:96:25:53:34:b7:b4:fd:70:a2:a5:
b0:f5:47:a0:e5:f2:b3:c8:24:00:0f:a1:15:1f:79:cb:ca:88:
b8:ad:ea:1b:6b:d9:95:a1:ed:8f:5e:8d:4c:0b:c1:4d:df:0a:
f9:42:ec:ed:5c:4e:50:c1:f3:53:b9:24:5f:86:13:86:6e:bd:
f9:5a:a7:bf:af:bc:eb:bc:06:66:2e:a6:22:0e:6a:f0:4b:03:
f4:e9:28:d5:8e:b1:bd:4c:fc:e8:77:f4:85:db:b7:b4:9d:41:
03:cb:00:08:e8:bc:bd:7c:30:ee:5c:8b:42:e6:d6:8c:71:f5:
2f:35:71:68
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSe6AOhN+KW0x5PXZj7RHUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTdiNDgyM2QzYzllMTIxZWM2NDk4MjFlMDBmMGE3OWFl
YjliOGQwHhcNMjIxMTIyMTAzNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTViNWFmMDBlMWRmODlhOTY4ZDQ2NTcyMzA2MjZhODJjNGYxNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk830BdT4mqGPIRS8yasg3e3o0NjL
VjQs3qh7GfpGpb7jY2VyZGltDynYvdu1Sp7T+uPFykGCU3ZtbXJQwuloPEy4vmHi
ofWPfcgtwporiHHrwRKXsS7ot0Y6NYm9uUfR3TjjGV4gCPiy0rwB6ojcJ8UqKA5c
oMLocm+onYgSe1+toJN3Axcpr8LUbVgfpAq3Hic5dEVVj/Yx9ctX7B0X7uwa5HTZ
kMS8tPIgC6rJgOROMXJ4fgEs8KDM1uDOqk0xDi5DuBa4y1YWjKxNYoJQmG772B/H
wjHy6+dXYLw/Hmud0ChiJbdVmwLmXC79LTFx8966zazU8L8Z24qsigbxiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDVbWvAOHfialo1GVyMGJqgsTxc/MB8GA1UdIwQY
MBaAFByXtII9PJ4SHsZJgh4A8Kea65uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTkt
OWI5Y2Q4OTY1OWUwLzEvTlZ0YThBNGQtSnFXalVaWEl3WW1xQ3hQRno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTktOWI5Y2Q4OTY1OWUw
LzEvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCPk2EAwQD
ThhoAwQCuT04MA0EAgACMAcDBQAqAJUAMA0GCSqGSIb3DQEBCwUAA4IBAQBWRQNV
PA+IYpnad2riRu5DpW9PBuXkaD/EwfcCgWuEL6ywlXAF+sFAjPFFE0rwuyIj8TcJ
a0EB3JCacxJcyPrfwMoV0IaKvj6OHGsyXEh9DXDUJ96iTG7pIw56r7qImz1YaTmN
zON4bMIWE1GTVwa/lnxZgdQ+LBCqQEpPqcyYpNu9S9YRs5YlUzS3tP1woqWw9Ueg
5fKzyCQAD6EVH3nLyoi4reoba9mVoe2PXo1MC8FN3wr5QuztXE5QwfNTuSRfhhOG
br35Wqe/r7zrvAZmLqYiDmrwSwP06SjVjrG9TPzod/SF27e0nUEDywAI6Ly9fDDu
XItC5taMcfUvNXFo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:18 2024 by rpki-client on console-ams.rpki-client.org