Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nBt-LEVn2-6ddvRNTRKS_e7ZXxg.roa
File: nBt-LEVn2-6ddvRNTRKS_e7ZXxg.roa (raw, json)
Hash identifier: gOGi4YIsuhP62ka54hCofHiE10zkhKYQF+2bCwMpoGo=
Subject key identifier: 9C:1B:7E:2C:45:67:DB:EE:9D:76:F4:4D:4D:12:92:FD:EE:D9:5F:18
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0183133069A93BB74466B79C00971DDDD0F4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nBt-LEVn2-6ddvRNTRKS_e7ZXxg.roa
Signing time: Tue 06 Sep 2022 14:24:43 +0000
ROA not before: Tue 06 Sep 2022 14:24:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39351
IP address blocks: 194.242.2.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
185.217.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:30:69:a9:3b:b7:44:66:b7:9c:00:97:1d:dd:d0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 6 14:24:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c1b7e2c4567dbee9d76f44d4d1292fdeed95f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:6a:63:d3:38:18:a1:4e:0a:5e:a3:7d:83:
f9:48:be:47:02:4a:f6:92:a1:52:d7:5a:98:1e:81:
d4:4f:de:c0:3a:c6:c2:f1:0c:b9:70:bc:3c:3f:7c:
1b:2c:2a:9f:92:2e:08:f3:c2:bc:07:68:06:90:24:
3a:12:92:00:20:65:da:55:f7:3a:80:31:e1:8b:7f:
2f:e7:23:b7:8f:96:7b:dc:8e:92:f2:4f:b5:4b:f0:
07:35:ae:1d:b8:05:43:d7:a9:83:52:1c:c8:41:68:
e2:a4:e2:cf:e0:d4:c0:03:93:1e:33:b2:d3:2a:3e:
52:e1:51:8f:38:86:2c:81:9f:52:22:1d:c6:f2:35:
ca:56:0d:64:f5:2a:af:f7:cd:d2:6f:c6:e8:ef:85:
1d:81:96:ff:ae:b6:8a:fb:c4:97:e0:f6:f1:1a:ef:
a1:5f:31:3f:7b:7f:9b:ac:3d:34:55:63:62:5c:d1:
ab:bf:9a:b6:84:c0:4e:83:89:71:a4:e3:45:91:43:
64:b1:3c:96:6e:83:a8:43:f1:ed:35:b3:c6:7e:24:
f0:21:52:df:6a:16:d5:51:14:ba:ba:1a:6e:63:f3:
24:68:53:b5:9f:8e:b2:83:83:1b:15:d4:79:82:73:
20:aa:f2:5a:cb:19:e6:20:db:62:16:84:c5:59:dc:
c4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1B:7E:2C:45:67:DB:EE:9D:76:F4:4D:4D:12:92:FD:EE:D9:5F:18
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nBt-LEVn2-6ddvRNTRKS_e7ZXxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.116.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
42:2b:c6:48:08:11:38:55:2a:1a:17:18:16:76:6a:b0:08:67:
7b:78:81:7a:cf:f2:c9:46:eb:54:df:00:9a:e6:b4:0e:14:54:
a6:e0:55:82:b1:0a:4a:d4:00:cb:57:63:d6:2b:3a:73:7c:88:
68:2f:02:47:00:10:c1:47:df:90:f4:e8:6b:e3:5e:1c:52:4e:
c3:92:c1:3e:47:ec:ba:6b:29:b2:a1:6f:8b:56:fd:f0:19:fc:
ae:b8:90:7a:56:01:97:ca:4e:26:dc:fe:87:ac:c4:e7:13:cf:
5c:c7:a4:48:a8:c5:74:ce:fb:e0:4a:a8:59:f0:0f:3f:9e:30:
ee:67:04:5b:db:ca:09:b7:e8:b1:76:85:35:52:a1:6d:39:4c:
00:26:1b:39:85:ef:a2:de:2e:0d:58:9d:3c:60:bd:ee:0e:b9:
ff:ba:ce:7c:5e:b6:e9:ee:ba:93:10:c2:0e:f8:1b:ca:4d:96:
13:e5:d9:c0:7d:3b:cc:30:07:7d:4d:3f:42:9d:50:25:1d:bd:
9f:75:48:47:05:54:4e:66:11:eb:52:39:0e:5e:9d:81:41:87:
9c:a0:54:55:df:32:b1:71:9d:98:04:a1:cc:cd:b0:a6:df:9e:
9d:dc:46:25:9a:89:6f:97:c8:a0:18:b1:24:72:f6:c6:62:ff:
90:f0:1a:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMTMGmpO7dEZrecAJcd3dD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwOTA2MTQyNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzFiN2UyYzQ1NjdkYmVlOWQ3NmY0NGQ0ZDEyOTJmZGVlZDk1ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIlqY9M4GKFOCl6jfYP5SL5HAkr2
kqFS11qYHoHUT97AOsbC8Qy5cLw8P3wbLCqfki4I88K8B2gGkCQ6EpIAIGXaVfc6
gDHhi38v5yO3j5Z73I6S8k+1S/AHNa4duAVD16mDUhzIQWjipOLP4NTAA5MeM7LT
Kj5S4VGPOIYsgZ9SIh3G8jXKVg1k9Sqv983Sb8bo74UdgZb/rraK+8SX4PbxGu+h
XzE/e3+brD00VWNiXNGrv5q2hMBOg4lxpONFkUNksTyWboOoQ/HtNbPGfiTwIVLf
ahbVURS6uhpuY/MkaFO1n46yg4MbFdR5gnMgqvJayxnmINtiFoTFWdzEWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJwbfixFZ9vunXb0TU0Skv3u2V8YMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbkJ0LUxFVm4yLTZkZHZSTlRSS1NfZTdaWHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAudl0AwQA
wRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQBCK8ZICBE4VSoaFxgWdmqwCGd7
eIF6z/LJRutU3wCa5rQOFFSm4FWCsQpK1ADLV2PWKzpzfIhoLwJHABDBR9+Q9Ohr
414cUk7DksE+R+y6aymyoW+LVv3wGfyuuJB6VgGXyk4m3P6HrMTnE89cx6RIqMV0
zvvgSqhZ8A8/njDuZwRb28oJt+ixdoU1UqFtOUwAJhs5he+i3i4NWJ08YL3uDrn/
us58Xrbp7rqTEMIO+BvKTZYT5dnAfTvMMAd9TT9CnVAlHb2fdUhHBVROZhHrUjkO
Xp2BQYecoFRV3zKxcZ2YBKHMzbCm356d3EYlmolvl8igGLEkcvbGYv+Q8Bqf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org