Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/NCF9VIdB0zf_guXSGWt4LQKMNe0.roa
File: NCF9VIdB0zf_guXSGWt4LQKMNe0.roa (raw, json)
Hash identifier: WZw6w2Z3EvWMUR/RKbzjjE6BTz4HUL5q0jbT59uBprM=
Subject key identifier: 34:21:7D:54:87:41:D3:37:FF:82:E5:D2:19:6B:78:2D:02:8C:35:ED
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 0184ED02E53FEB1E7A231BC911C374D34345
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/NCF9VIdB0zf_guXSGWt4LQKMNe0.roa
Signing time: Wed 07 Dec 2022 14:35:00 +0000
ROA not before: Wed 07 Dec 2022 14:35:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 109.95.66.0/24 maxlen: 24
109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:02:e5:3f:eb:1e:7a:23:1b:c9:11:c3:74:d3:43:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Dec 7 14:35:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34217d548741d337ff82e5d2196b782d028c35ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:1b:59:cd:1a:41:81:3e:8c:32:7b:8a:3a:
02:fc:84:c4:74:b6:c6:57:1d:7d:73:21:9c:32:dc:
0a:07:9d:29:7b:8d:a8:ff:28:55:6a:05:46:0e:6c:
05:25:1b:4a:51:2d:17:54:48:a4:98:e7:de:71:90:
98:40:69:ce:97:92:01:db:a1:24:a1:b6:bb:8d:28:
79:ff:14:29:d6:0a:96:d1:7f:0e:fe:c4:a7:33:73:
6f:38:49:f1:f8:2b:3b:14:22:f3:74:f0:fb:cb:7c:
89:f1:16:c0:ea:78:7b:a5:61:0d:13:00:a1:0e:8d:
76:4f:b4:f8:a5:0d:b7:a4:90:19:37:25:53:9a:0d:
93:c4:49:30:2a:06:80:90:42:a1:48:b0:85:3a:01:
70:ba:13:66:d0:54:3c:66:93:64:0c:43:72:ff:ce:
25:15:5a:9f:11:1c:4e:7d:ee:66:a0:4d:a0:33:af:
b9:48:c2:80:83:07:ea:6b:9d:bc:5d:36:98:30:e8:
a6:19:14:15:c5:f3:13:4a:ff:9b:d8:1a:0b:16:c4:
10:3b:46:03:cb:17:ea:ca:66:25:7f:02:75:9a:de:
dd:df:fc:1b:c8:20:c8:19:90:bb:e3:b8:e9:69:74:
24:cc:22:7c:61:4a:80:e1:a8:ba:3a:8f:57:07:a7:
6e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:21:7D:54:87:41:D3:37:FF:82:E5:D2:19:6B:78:2D:02:8C:35:ED
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/NCF9VIdB0zf_guXSGWt4LQKMNe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.66.255
109.95.68.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:b1:64:40:71:ef:10:a0:ce:f6:4c:28:f8:50:0d:38:b1:73:
5f:31:69:92:c3:fe:ef:3f:29:fa:77:9d:9a:c2:a6:3e:7d:dd:
f2:d5:d2:99:7c:23:8f:60:71:1b:6e:c0:e1:af:9d:dd:5a:65:
eb:c1:e8:5e:4f:ac:70:cd:2c:e0:af:a0:d2:0c:17:81:03:c2:
e4:bf:2e:29:e7:aa:00:7e:6e:90:04:20:46:53:32:17:cb:62:
25:81:29:50:14:2e:6b:d4:2f:8c:ab:21:fa:6f:90:ee:ab:3e:
4e:76:e2:56:fd:56:da:a8:ab:55:ad:6c:a3:fd:0b:f8:29:e7:
48:75:c6:90:6f:88:f4:2a:dd:80:26:0f:29:56:3f:2e:57:70:
cd:b7:3c:90:d1:58:2a:25:c6:8f:6d:87:ba:8e:07:65:c8:b0:
68:09:a6:7d:a0:50:c2:05:d8:5f:1d:62:15:f9:93:83:86:39:
a4:66:77:2e:ac:70:20:24:3a:fb:ce:06:3b:a6:e4:04:4f:3e:
18:b3:ae:c3:98:73:3a:43:49:3c:6e:39:a6:56:88:4a:b2:87:
7c:be:ea:be:aa:1d:40:1b:5d:a8:4a:71:12:ec:44:e3:a6:86:
04:b3:5d:23:ea:64:db:59:f8:a1:62:38:c3:48:22:d8:89:ac:
a2:f5:72:42
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYTtAuU/6x56IxvJEcN000NFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjIxMjA3MTQzNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDIxN2Q1NDg3NDFkMzM3ZmY4MmU1ZDIxOTZiNzgyZDAyOGMzNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri8bWc0aQYE+jDJ7ijoC/ITEdLbG
Vx19cyGcMtwKB50pe42o/yhVagVGDmwFJRtKUS0XVEikmOfecZCYQGnOl5IB26Ek
oba7jSh5/xQp1gqW0X8O/sSnM3NvOEnx+Cs7FCLzdPD7y3yJ8RbA6nh7pWENEwCh
Do12T7T4pQ23pJAZNyVTmg2TxEkwKgaAkEKhSLCFOgFwuhNm0FQ8ZpNkDENy/84l
FVqfERxOfe5moE2gM6+5SMKAgwfqa528XTaYMOimGRQVxfMTSv+b2BoLFsQQO0YD
yxfqymYlfwJ1mt7d3/wbyCDIGZC747jpaXQkzCJ8YUqA4ai6Oo9XB6dubQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDQhfVSHQdM3/4Ll0hlreC0CjDXtMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvTkNGOVZJZEIwemZfZ3VYU0dXdDRMUUtNTmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABtX0ED
BABtX0IDBABtX0QwDQYJKoZIhvcNAQELBQADggEBAMCxZEBx7xCgzvZMKPhQDTix
c18xaZLD/u8/Kfp3nZrCpj593fLV0pl8I49gcRtuwOGvnd1aZevB6F5PrHDNLOCv
oNIMF4EDwuS/LinnqgB+bpAEIEZTMhfLYiWBKVAULmvUL4yrIfpvkO6rPk524lb9
Vtqoq1WtbKP9C/gp50h1xpBviPQq3YAmDylWPy5XcM23PJDRWColxo9th7qOB2XI
sGgJpn2gUMIF2F8dYhX5k4OGOaRmdy6scCAkOvvOBjum5ARPPhizrsOYczpDSTxu
OaZWiEqyh3y+6r6qHUAbXahKcRLsROOmhgSzXSPqZNtZ+KFiOMNIItiJrKL1ckI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:33 2024 by rpki-client on console-ams.rpki-client.org