Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tnYB8G8ItGL3hp1IKti5lLnft7M.roa
File: tnYB8G8ItGL3hp1IKti5lLnft7M.roa (raw, json)
Hash identifier: ZnSWtQhzENcKRtcJO3JdfW5b34agoYXHzZZiuylqHUY=
Subject key identifier: B6:76:01:F0:6F:08:B4:62:F7:86:9D:48:2A:D8:B9:94:B9:DF:B7:B3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018484984E2C140E4C318072F4D3DA5ECD65
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tnYB8G8ItGL3hp1IKti5lLnft7M.roa
Signing time: Thu 17 Nov 2022 07:58:04 +0000
ROA not before: Thu 17 Nov 2022 07:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202602
IP address blocks: 188.215.229.0/24 maxlen: 24
185.214.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:98:4e:2c:14:0e:4c:31:80:72:f4:d3:da:5e:cd:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 17 07:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b67601f06f08b462f7869d482ad8b994b9dfb7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:56:74:64:c2:f9:0c:4a:1c:92:06:12:31:20:
1c:d7:e9:21:ee:e7:b9:0c:1c:2c:05:dc:f1:d1:79:
19:f6:f0:71:90:ce:08:ce:bb:ea:53:82:64:a6:8c:
dc:4b:42:82:b3:c1:46:53:14:88:42:69:ad:44:0c:
82:b2:18:36:4d:4b:36:d2:7e:f7:b1:98:17:4a:54:
d2:e8:88:1d:8b:57:36:c5:31:e6:5c:11:36:2c:82:
63:6e:33:06:40:1b:4f:e2:1b:bd:a8:e3:ae:20:47:
33:75:9f:9b:e9:a7:75:4a:45:d9:ec:f9:b9:51:dd:
fc:55:13:09:70:2e:3b:0b:67:0f:44:f3:68:8f:d2:
86:9d:bb:bb:2f:0c:19:90:be:bb:23:f0:bf:e1:a0:
96:a5:c0:a5:ce:af:46:e3:88:84:b1:ce:9a:9f:e6:
48:05:f8:49:d3:58:85:67:3f:ea:b8:ab:83:f7:02:
ea:59:fe:04:a4:c5:72:f9:3e:28:78:b3:97:cf:e0:
97:8a:95:71:e4:9c:f7:1e:65:6e:77:ed:dc:6b:44:
e5:df:59:2f:c3:e2:76:ed:9a:f2:c6:6c:cc:82:11:
aa:04:13:79:a3:f1:8a:2f:e6:6d:1c:14:4b:a7:53:
45:2e:4c:80:a3:e5:1c:f6:67:2c:5e:78:3b:54:98:
18:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:76:01:F0:6F:08:B4:62:F7:86:9D:48:2A:D8:B9:94:B9:DF:B7:B3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tnYB8G8ItGL3hp1IKti5lLnft7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.10.0/24
188.215.229.0/24
Signature Algorithm: sha256WithRSAEncryption
39:29:19:37:10:28:ac:1c:ab:fc:97:40:aa:ec:5f:51:ca:c1:
bb:6e:17:3d:3b:4d:ea:ab:76:02:39:dd:08:50:56:d2:c8:24:
d3:4a:36:00:a6:ef:2c:07:12:62:58:0d:2d:48:b7:cb:02:c1:
ed:70:ee:80:7d:d5:d5:7d:24:57:9c:f1:e4:04:06:9c:60:91:
49:73:36:a1:48:9a:1f:89:31:a9:ea:d2:72:ff:56:50:d8:4f:
6c:cc:16:29:3a:10:ad:78:8f:c9:95:3a:d2:c0:19:96:4e:ba:
2d:b4:7b:75:14:ed:79:bc:3d:ae:32:a8:b1:d9:7b:a6:50:01:
62:93:1c:07:bc:9f:db:99:01:e3:b4:e5:0c:90:67:b7:70:24:
f1:ec:12:6c:2c:d6:45:23:48:d7:10:56:f0:94:e2:2a:fe:8c:
88:23:86:a0:19:15:d7:3a:ef:bd:5f:23:06:2d:e5:8d:cf:48:
f2:9a:ec:89:76:a8:5a:41:0d:2c:42:5b:10:3c:74:b8:8f:01:
fc:74:57:a4:b6:e7:b6:86:b9:1e:8c:39:83:dd:4f:d1:3d:9c:
84:e1:7c:8f:ec:26:90:28:d7:fd:66:a0:0b:c1:44:9a:bf:13:
7f:7c:34:dd:5f:6e:fc:02:67:9b:f0:ac:09:f9:2b:ec:ea:4b:
c4:22:b9:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSEmE4sFA5MMYBy9NPaXs1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTE3MDc1ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc2MDFmMDZmMDhiNDYyZjc4NjlkNDgyYWQ4Yjk5NGI5ZGZiN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lZ0ZML5DEockgYSMSAc1+kh7ue5
DBwsBdzx0XkZ9vBxkM4IzrvqU4JkpozcS0KCs8FGUxSIQmmtRAyCshg2TUs20n73
sZgXSlTS6Igdi1c2xTHmXBE2LIJjbjMGQBtP4hu9qOOuIEczdZ+b6ad1SkXZ7Pm5
Ud38VRMJcC47C2cPRPNoj9KGnbu7LwwZkL67I/C/4aCWpcClzq9G44iEsc6an+ZI
BfhJ01iFZz/quKuD9wLqWf4EpMVy+T4oeLOXz+CXipVx5Jz3HmVud+3ca0Tl31kv
w+J27ZryxmzMghGqBBN5o/GKL+ZtHBRLp1NFLkyAo+Uc9mcsXng7VJgYeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLZ2AfBvCLRi94adSCrYuZS537ezMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdG5ZQjhHOEl0R0wzaHAxSUt0aTVsTG5mdDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudYKAwQA
vNflMA0GCSqGSIb3DQEBCwUAA4IBAQA5KRk3ECisHKv8l0Cq7F9RysG7bhc9O03q
q3YCOd0IUFbSyCTTSjYApu8sBxJiWA0tSLfLAsHtcO6AfdXVfSRXnPHkBAacYJFJ
czahSJofiTGp6tJy/1ZQ2E9szBYpOhCteI/JlTrSwBmWTrottHt1FO15vD2uMqix
2XumUAFikxwHvJ/bmQHjtOUMkGe3cCTx7BJsLNZFI0jXEFbwlOIq/oyII4agGRXX
Ou+9XyMGLeWNz0jymuyJdqhaQQ0sQlsQPHS4jwH8dFektue2hrkejDmD3U/RPZyE
4XyP7CaQKNf9ZqALwUSavxN/fDTdX278Ameb8KwJ+Svs6kvEIrmT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org