Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/CrpomNCKLpotuHweH7ETStGkfnI.roa
File: CrpomNCKLpotuHweH7ETStGkfnI.roa (raw, json)
Hash identifier: GojX/EikoreM16uYEdaoSSagRe4oDmdTFBH3SPiH95o=
Subject key identifier: 0A:BA:68:98:D0:8A:2E:9A:2D:B8:7C:1E:1F:B1:13:4A:D1:A4:7E:72
Certificate issuer: /CN=f159077e043877059603caa0e3e584b1626e8f7b
Certificate serial: 0196C971
Authority key identifier: F1:59:07:7E:04:38:77:05:96:03:CA:A0:E3:E5:84:B1:62:6E:8F:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/CrpomNCKLpotuHweH7ETStGkfnI.roa
Signing time: Sat 01 Jan 2022 05:00:26 +0000
ROA not before: Sat 01 Jan 2022 05:00:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30879
IP address blocks: 195.34.200.0/22 maxlen: 24
2a11:d940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26659185 (0x196c971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f159077e043877059603caa0e3e584b1626e8f7b
Validity
Not Before: Jan 1 05:00:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0aba6898d08a2e9a2db87c1e1fb1134ad1a47e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:04:4b:6b:75:51:7c:4a:32:47:0f:d0:74:e6:
66:85:47:c8:23:a8:24:b8:18:12:8c:70:55:ae:74:
7e:48:a3:25:42:97:27:03:d4:4a:1f:05:55:4d:ed:
c5:d5:8a:d3:c5:f9:93:a1:09:f3:84:09:57:35:3d:
ed:ae:39:ab:78:fc:64:d3:ee:9c:26:3f:6d:b7:77:
7f:72:03:7e:dd:bb:44:d4:75:1f:0a:95:14:28:85:
d7:07:75:d7:09:7b:bc:ba:cf:f0:87:8f:76:52:25:
af:8e:6a:67:81:55:b0:e7:6e:97:f1:3a:3d:a1:5f:
0d:ab:67:71:b1:11:65:e9:f8:a5:db:73:73:fa:7a:
d1:e8:36:96:f3:67:1d:d0:4a:fb:84:9e:c4:ad:fb:
71:66:8e:b0:2c:af:f0:db:8f:4c:07:a9:cf:72:60:
4b:4d:c4:10:34:70:a9:9d:92:04:62:70:d7:29:fa:
ca:b2:a5:ad:43:98:83:9a:07:68:30:88:fe:59:06:
41:0c:20:69:49:e6:d2:d3:1c:2a:eb:d7:6a:81:b0:
61:f3:a8:08:62:27:27:1f:20:76:33:e5:86:ff:a4:
df:b4:9f:b6:eb:71:c6:e8:cf:d9:2f:1b:f0:50:a6:
c9:3c:15:d2:c7:60:22:5e:34:90:8c:60:f0:d5:12:
3b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BA:68:98:D0:8A:2E:9A:2D:B8:7C:1E:1F:B1:13:4A:D1:A4:7E:72
X509v3 Authority Key Identifier:
keyid:F1:59:07:7E:04:38:77:05:96:03:CA:A0:E3:E5:84:B1:62:6E:8F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/CrpomNCKLpotuHweH7ETStGkfnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.200.0/22
IPv6:
2a11:d940::/29
Signature Algorithm: sha256WithRSAEncryption
62:3e:ff:45:02:14:b8:dd:e0:c0:4a:31:d9:36:d2:84:bd:13:
13:1a:9e:3f:05:f6:93:f3:51:b1:bd:50:47:41:7d:dc:fa:4b:
00:ed:05:bc:17:cc:b4:12:b2:2b:6c:5d:63:7b:2c:80:cb:e8:
9a:32:99:fe:41:c6:ea:22:db:f1:dd:33:a6:11:b7:a0:79:31:
71:dc:ea:1f:f1:32:c9:87:f9:01:eb:dc:70:b6:dd:3d:c5:2b:
e7:f4:a0:26:f6:f2:ba:6f:c9:f1:ff:70:b5:91:c4:94:76:cb:
52:4c:15:09:63:52:ea:2f:ae:cc:07:a7:f7:74:b7:5e:67:78:
0f:cd:ee:25:8a:06:c0:53:f9:f6:be:79:f0:ac:dd:c5:19:ef:
d3:e1:91:ec:6a:fe:81:a1:24:cb:83:1a:64:54:9e:92:ca:21:
60:db:9d:11:1e:a5:d1:a8:a8:a4:fa:d4:86:e1:67:5e:03:fd:
55:39:dd:ce:a8:63:38:e9:a0:ee:81:52:c5:a6:77:be:07:3c:
09:14:c2:6a:2c:a7:54:dc:ab:57:e3:a7:c4:d3:d9:09:88:a6:
04:bd:78:f0:94:11:9b:b6:57:6f:e1:6d:7f:fc:7c:c9:b0:af:
fa:63:4e:cf:95:af:4d:26:1a:e1:c6:e4:d8:55:ee:74:a4:fb:
dd:cd:25:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAZbJcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTU5MDc3ZTA0Mzg3NzA1OTYwM2NhYTBlM2U1ODRiMTYyNmU4ZjdiMB4XDTIyMDEw
MTA1MDAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFiYTY4OThkMDhh
MmU5YTJkYjg3YzFlMWZiMTEzNGFkMWE0N2U3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEES2t1UXxKMkcP0HTmZoVHyCOoJLgYEoxwVa50fkijJUKX
JwPUSh8FVU3txdWK08X5k6EJ84QJVzU97a45q3j8ZNPunCY/bbd3f3IDft27RNR1
HwqVFCiF1wd11wl7vLrP8IePdlIlr45qZ4FVsOdul/E6PaFfDatncbERZen4pdtz
c/p60eg2lvNnHdBK+4SexK37cWaOsCyv8NuPTAepz3JgS03EEDRwqZ2SBGJw1yn6
yrKlrUOYg5oHaDCI/lkGQQwgaUnm0tMcKuvXaoGwYfOoCGInJx8gdjPlhv+k37Sf
tutxxujP2S8b8FCmyTwV0sdgIl40kIxg8NUSO/sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQKumiY0Ioumi24fB4fsRNK0aR+cjAfBgNVHSMEGDAWgBTxWQd+BDh3BZYD
yqDj5YSxYm6PezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhWa0hmZ1E0ZHdXV0E4cWc0LVdFc1dKdWozcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvMGFhNTQxLWU5MGYtNDZmZC1hMGRjLTAzZDkwNGM4MDJjZS8x
L0NycG9tTkNLTHBvdHVId2VIN0VUU3RHa2ZuSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
MGFhNTQxLWU5MGYtNDZmZC1hMGRjLTAzZDkwNGM4MDJjZS8xLzhWa0hmZ1E0ZHdX
V0E4cWc0LVdFc1dKdWozcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsMiyDANBAIAAjAHAwUDKhHZQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYj7/RQIUuN3gwEox2TbShL0TExqePwX2k/NRsb1Q
R0F93PpLAO0FvBfMtBKyK2xdY3ssgMvomjKZ/kHG6iLb8d0zphG3oHkxcdzqH/Ey
yYf5AevccLbdPcUr5/SgJvbyum/J8f9wtZHElHbLUkwVCWNS6i+uzAen93S3Xmd4
D83uJYoGwFP59r558KzdxRnv0+GR7Gr+gaEky4MaZFSeksohYNudER6l0aiopPrU
huFnXgP9VTndzqhjOOmg7oFSxaZ3vgc8CRTCaiynVNyrV+OnxNPZCYimBL148JQR
m7ZXb+Ftf/x8ybCv+mNOz5WvTSYa4cbk2FXudKT73c0l7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:01 2024 by rpki-client on console-ams.rpki-client.org