Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/_9xNYsr3EwLDtbDbYHpk9njCNtc.roa
File: _9xNYsr3EwLDtbDbYHpk9njCNtc.roa (raw, json)
Hash identifier: QKG6BzBbQ60/159fKukQVz+on/M0sOIVBxokn6UJltI=
Subject key identifier: FF:DC:4D:62:CA:F7:13:02:C3:B5:B0:DB:60:7A:64:F6:78:C2:36:D7
Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Certificate serial: 0A04497A
Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/_9xNYsr3EwLDtbDbYHpk9njCNtc.roa
Signing time: Sat 01 Jan 2022 06:54:40 +0000
ROA not before: Sat 01 Jan 2022 06:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60349
IP address blocks: 194.38.38.0/24 maxlen: 24
194.38.36.0/22 maxlen: 23
194.38.37.0/24 maxlen: 24
194.38.36.0/24 maxlen: 24
194.38.39.0/24 maxlen: 24
2a09:6d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168053114 (0xa04497a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Validity
Not Before: Jan 1 06:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffdc4d62caf71302c3b5b0db607a64f678c236d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:80:65:16:fc:61:cf:27:1a:1d:c6:b3:76:
3c:1b:fc:db:64:75:45:2c:6e:4b:b0:06:c1:3a:f9:
ae:7f:e1:9d:86:c2:c0:0a:42:9a:d0:8e:61:81:03:
f5:61:95:d9:b8:c1:21:7e:66:65:5f:0e:f8:79:91:
07:53:66:8a:c7:91:11:b2:86:b5:17:cc:1d:6f:f5:
d7:f9:df:46:f0:f7:e4:12:bd:9c:a0:e0:d5:e6:95:
b5:39:4d:99:e7:12:fc:b5:11:4e:fd:67:24:17:6a:
9f:97:8f:18:fe:6b:42:b8:fb:66:d2:e1:04:98:6e:
79:85:d1:e5:1d:63:36:e1:dd:00:38:1b:c6:31:df:
d2:96:ee:a9:83:94:e2:74:e4:64:38:2e:ef:e0:bb:
6d:c5:de:9b:83:a7:39:56:f6:9a:23:16:76:18:1c:
77:6e:10:a0:9b:b8:83:f8:72:20:2e:39:a2:b7:9d:
1d:26:19:49:0f:ec:92:b8:5d:82:fc:1c:99:33:90:
da:e0:a1:19:53:65:26:6a:09:ea:80:a5:46:b0:36:
ae:f2:44:ab:c9:3c:90:57:db:dc:a0:07:26:6b:39:
cf:6f:b6:bc:ea:4b:31:91:ff:cc:de:00:85:6f:7e:
3d:be:75:e0:27:f0:bd:87:9a:d7:64:27:58:b2:84:
21:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DC:4D:62:CA:F7:13:02:C3:B5:B0:DB:60:7A:64:F6:78:C2:36:D7
X509v3 Authority Key Identifier:
keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/_9xNYsr3EwLDtbDbYHpk9njCNtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.36.0/22
IPv6:
2a09:6d40::/32
Signature Algorithm: sha256WithRSAEncryption
d5:15:e0:78:08:59:1b:34:28:41:1e:64:82:65:4e:39:9e:6a:
e0:72:17:08:82:4e:8a:28:13:07:ef:01:19:2b:5e:d2:3c:53:
ee:d7:9d:e7:a7:7c:a5:f7:12:da:52:8b:a0:c7:36:17:9c:d8:
1b:80:03:cc:77:49:5e:fe:38:e6:bf:82:b0:81:d4:dd:33:c4:
9c:f4:fc:50:8b:3a:e7:8c:1c:85:26:ea:37:17:71:3c:61:91:
ae:c0:af:b1:1e:e4:21:aa:ef:3f:b8:74:9c:02:df:fe:95:12:
44:53:d6:fa:1d:4d:de:e8:e8:08:bb:cf:b4:e4:17:75:0a:69:
01:25:bc:09:bf:2d:47:2c:ab:51:d6:ba:66:03:2e:ad:87:34:
ca:e5:41:63:e0:2c:e7:53:6a:55:22:52:12:7a:ac:5e:f6:71:
9e:94:62:f9:e4:8e:92:e2:2b:69:45:42:fb:53:a5:b4:43:df:
ed:63:d6:68:f6:b2:e9:a9:4c:93:06:ae:5a:e3:f3:90:a4:93:
82:49:3e:49:21:d7:ab:d0:5d:b6:55:c4:71:84:08:53:15:11:
dd:1c:61:33:da:4d:43:41:f3:9e:0e:b1:ba:79:8b:e3:f9:42:
8e:76:48:07:4a:00:2c:25:05:80:a0:c7:f0:10:91:a7:20:96:
d1:7a:48:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECgRJejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
M2YzNTkwODA5ZDE4N2Y3YjM2MWZiMjRjZDQzZjkzZjY2NGIyMGIzMB4XDTIyMDEw
MTA2NTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZkYzRkNjJjYWY3
MTMwMmMzYjViMGRiNjA3YTY0ZjY3OGMyMzZkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWagGUW/GHPJxodxrN2PBv822R1RSxuS7AGwTr5rn/hnYbC
wApCmtCOYYED9WGV2bjBIX5mZV8O+HmRB1NmiseREbKGtRfMHW/11/nfRvD35BK9
nKDg1eaVtTlNmecS/LURTv1nJBdqn5ePGP5rQrj7ZtLhBJhueYXR5R1jNuHdADgb
xjHf0pbuqYOU4nTkZDgu7+C7bcXem4OnOVb2miMWdhgcd24QoJu4g/hyIC45ored
HSYZSQ/skrhdgvwcmTOQ2uChGVNlJmoJ6oClRrA2rvJEq8k8kFfb3KAHJms5z2+2
vOpLMZH/zN4AhW9+Pb514CfwvYea12QnWLKEIVUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT/3E1iyvcTAsO1sNtgemT2eMI21zAfBgNVHSMEGDAWgBRT81kICdGH97Nh
+yTNQ/k/ZksgszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VfTlpDQW5SaF9lellmc2t6VVA1UDJaTElMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvZGU2MzgzLTRhZDUtNDU3Yi05NTNjLWE3NzZmZWRlOTkwNS8x
L185eE5Zc3IzRXdMRHRiRGJZSHBrOW5qQ050Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
ZGU2MzgzLTRhZDUtNDU3Yi05NTNjLWE3NzZmZWRlOTkwNS8xL1VfTlpDQW5SaF9l
ellmc2t6VVA1UDJaTElMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsImJDANBAIAAjAHAwUAKgltQDAN
BgkqhkiG9w0BAQsFAAOCAQEA1RXgeAhZGzQoQR5kgmVOOZ5q4HIXCIJOiigTB+8B
GSte0jxT7ted56d8pfcS2lKLoMc2F5zYG4ADzHdJXv445r+CsIHU3TPEnPT8UIs6
54wchSbqNxdxPGGRrsCvsR7kIarvP7h0nALf/pUSRFPW+h1N3ujoCLvPtOQXdQpp
ASW8Cb8tRyyrUda6ZgMurYc0yuVBY+As51NqVSJSEnqsXvZxnpRi+eSOkuIraUVC
+1OltEPf7WPWaPay6alMkwauWuPzkKSTgkk+SSHXq9BdtlXEcYQIUxUR3RxhM9pN
Q0Hzng6xunmL4/lCjnZIB0oALCUFgKDH8BCRpyCW0XpI8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org