Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/NxRXSSYS5LnkoA0EQk4tlfD892A.roa
File: NxRXSSYS5LnkoA0EQk4tlfD892A.roa (raw, json)
Hash identifier: zvZJ03VNSKZsxKuS0qR2IQoJ9JbHbl9ocsAeMasw+9k=
Subject key identifier: 37:14:57:49:26:12:E4:B9:E4:A0:0D:04:42:4E:2D:95:F0:FC:F7:60
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 16352DDB
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/NxRXSSYS5LnkoA0EQk4tlfD892A.roa
Signing time: Mon 31 Jan 2022 13:00:41 +0000
ROA not before: Mon 31 Jan 2022 13:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17941
IP address blocks: 212.68.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 372583899 (0x16352ddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jan 31 13:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=371457492612e4b9e4a00d04424e2d95f0fcf760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7c:25:23:bd:f7:9f:7f:8e:43:da:c6:70:57:
e9:6b:33:eb:4a:2d:cc:ce:97:21:25:88:02:28:0d:
1d:32:68:a4:61:73:d4:85:62:08:99:f0:06:01:c8:
5e:bb:71:a0:d1:97:06:f2:04:7d:b3:60:a9:a9:a3:
73:77:2a:74:9c:cc:c6:f4:b9:f5:0e:cb:fd:91:2a:
a2:31:84:1c:93:e5:2a:38:34:b4:e6:0f:d7:90:6f:
c8:af:9f:16:7a:3b:00:47:f9:05:d0:5c:cb:d6:bc:
06:e0:c4:48:1d:fa:96:fd:ec:95:c4:06:dd:49:92:
af:d5:3f:c7:e9:f0:c5:6a:c6:d4:65:57:2a:e4:3b:
88:12:83:f6:ae:f6:73:e4:a7:8d:b2:fe:67:b9:20:
f0:1d:4f:fd:4a:44:e9:ef:08:c7:34:48:82:82:72:
5d:20:56:94:74:04:15:df:59:85:40:fd:e1:a7:31:
bf:64:f2:52:c3:f2:0f:d1:e1:c2:fb:15:06:54:6d:
45:c6:80:3c:85:69:54:7a:4b:9a:70:7d:25:66:86:
32:62:47:94:28:5d:b2:08:79:06:6a:b0:c6:1e:33:
a6:5f:e8:5c:60:ea:c3:9f:20:35:87:78:23:16:a9:
68:18:69:b7:14:a6:cf:82:65:4e:83:a7:41:1a:44:
d9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:14:57:49:26:12:E4:B9:E4:A0:0D:04:42:4E:2D:95:F0:FC:F7:60
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/NxRXSSYS5LnkoA0EQk4tlfD892A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.184.0/22
Signature Algorithm: sha256WithRSAEncryption
19:9d:42:89:b0:e1:7a:07:09:a1:af:b6:0c:7d:15:91:28:2e:
1c:57:71:de:ac:ce:83:63:59:ac:75:4f:3c:00:7c:37:97:24:
b2:4a:94:a8:a1:67:bc:66:d4:66:58:26:3d:4f:8c:28:41:de:
2d:85:93:99:27:f1:6c:5f:62:7e:2b:54:cb:5e:57:23:36:55:
2a:e9:27:b9:86:44:7e:c4:83:48:65:01:ac:23:3b:d4:80:c8:
7d:c8:30:0c:96:91:2d:9f:ca:6e:15:6b:e3:d7:3d:96:82:56:
5f:b3:1f:4f:67:bb:4f:5a:08:e7:9d:6a:b7:af:d4:9c:bb:dd:
cb:7f:90:35:8e:40:9b:22:d5:d0:07:21:92:10:80:28:62:95:
8e:c1:ed:fb:3d:d5:ab:06:b2:c0:ca:60:66:2f:43:33:f8:8f:
49:3a:59:6b:bf:78:9a:a6:1d:37:81:35:28:22:58:94:f8:61:
6e:3d:70:0b:21:6c:f5:e7:e0:99:f4:b0:7b:bc:f5:20:7b:da:
11:8a:6d:73:73:97:c8:b3:9f:21:2f:d3:51:f4:c0:76:65:2a:
a9:c9:fc:af:ea:3c:c0:7c:ac:b6:a7:79:d8:fc:71:7c:b8:94:
57:cf:d8:19:76:4d:4c:1d:27:f8:79:18:48:fd:fd:c1:7a:ca:
06:3a:fb:24
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFjUt2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmJhZDNkZTgzMWRhOTQyMjJjMWFkZDEwNGNhZjRjMzI0NzY4OWFjMB4XDTIyMDEz
MTEzMDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzcxNDU3NDkyNjEy
ZTRiOWU0YTAwZDA0NDI0ZTJkOTVmMGZjZjc2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL98JSO9959/jkPaxnBX6Wsz60otzM6XISWIAigNHTJopGFz
1IViCJnwBgHIXrtxoNGXBvIEfbNgqamjc3cqdJzMxvS59Q7L/ZEqojGEHJPlKjg0
tOYP15BvyK+fFno7AEf5BdBcy9a8BuDESB36lv3slcQG3UmSr9U/x+nwxWrG1GVX
KuQ7iBKD9q72c+SnjbL+Z7kg8B1P/UpE6e8IxzRIgoJyXSBWlHQEFd9ZhUD94acx
v2TyUsPyD9HhwvsVBlRtRcaAPIVpVHpLmnB9JWaGMmJHlChdsgh5Bmqwxh4zpl/o
XGDqw58gNYd4IxapaBhptxSmz4JlToOnQRpE2QUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3FFdJJhLkueSgDQRCTi2V8Pz3YDAfBgNVHSMEGDAWgBSrutPegx2pQiLB
rdEEyvTDJHaJrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E3clQzb01kcVVJaXdhM1JCTXIwd3lSMmlhdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8x
L054UlhTU1lTNUxua29BMEVRazR0bGZEODkyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGU4MTQ5LWQ1M2MtNDk5Mi1iZDA3LTU1YzQzNGVlYzk2Yy8xL3E3clQzb01kcVVJ
aXdhM1JCTXIwd3lSMmlhdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtREuDANBgkqhkiG9w0BAQsFAAOC
AQEAGZ1CibDhegcJoa+2DH0VkSguHFdx3qzOg2NZrHVPPAB8N5ckskqUqKFnvGbU
ZlgmPU+MKEHeLYWTmSfxbF9ifitUy15XIzZVKuknuYZEfsSDSGUBrCM71IDIfcgw
DJaRLZ/KbhVr49c9loJWX7MfT2e7T1oI551qt6/UnLvdy3+QNY5AmyLV0AchkhCA
KGKVjsHt+z3VqwaywMpgZi9DM/iPSTpZa794mqYdN4E1KCJYlPhhbj1wCyFs9efg
mfSwe7z1IHvaEYptc3OXyLOfIS/TUfTAdmUqqcn8r+o8wHystqd52PxxfLiUV8/Y
GXZNTB0n+HkYSP39wXrKBjr7JA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org