Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/NyLRneHYTd9qyWP3_jSl-qsnAMg.roa
File: NyLRneHYTd9qyWP3_jSl-qsnAMg.roa (raw, json)
Hash identifier: WUVRAqwWwb6mfzyCidBBbS89S5ftQrS1hCZuqp5MHbQ=
Subject key identifier: 37:22:D1:9D:E1:D8:4D:DF:6A:C9:63:F7:FE:34:A5:FA:AB:27:00:C8
Certificate issuer: /CN=9a03525f68eb6b235f1de22b60b1baed2fc7ff83
Certificate serial: 10A27977
Authority key identifier: 9A:03:52:5F:68:EB:6B:23:5F:1D:E2:2B:60:B1:BA:ED:2F:C7:FF:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mgNSX2jrayNfHeIrYLG67S_H_4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/NyLRneHYTd9qyWP3_jSl-qsnAMg.roa
Signing time: Sat 01 Jan 2022 00:52:43 +0000
ROA not before: Sat 01 Jan 2022 00:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201607
IP address blocks: 185.64.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279083383 (0x10a27977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a03525f68eb6b235f1de22b60b1baed2fc7ff83
Validity
Not Before: Jan 1 00:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3722d19de1d84ddf6ac963f7fe34a5faab2700c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d5:3f:a6:e0:a9:1b:98:6e:f2:2d:ec:92:f2:
93:27:2c:9b:bd:80:2e:63:b8:6d:67:07:58:11:c4:
9a:1c:86:26:12:7a:01:b7:05:f6:78:0c:90:b0:81:
c5:14:03:ed:6e:16:cc:b9:48:b9:92:ea:f5:cb:75:
f0:0e:a8:c4:1d:8b:db:c6:cb:53:17:49:0b:ab:b5:
a4:2a:53:c3:37:2d:a5:f5:d6:51:ea:86:ac:b3:27:
1b:1b:5a:c5:a4:a9:ea:f9:5f:c3:bc:09:cd:0b:c3:
2f:66:0a:6e:44:eb:dd:2a:0d:98:01:7b:79:ca:0a:
97:73:3c:dd:a2:1e:86:7a:96:f3:db:f8:4a:dd:61:
76:be:13:59:8b:0c:70:5e:8b:75:89:79:85:db:1e:
ba:73:53:64:5b:81:fd:2e:4c:e3:40:a0:99:79:1c:
a0:47:9c:2e:1c:5c:d4:b3:b1:0c:8b:10:d3:96:dd:
62:0f:2f:f5:87:3a:98:09:dd:6d:8f:d7:67:18:46:
1f:25:3c:d4:cb:56:2b:fd:bf:e4:53:69:f3:5b:1d:
32:65:99:e5:e1:7e:1c:3e:fa:32:82:f7:2a:a4:32:
55:c0:c5:23:a0:c1:71:61:88:b4:c6:48:2c:22:9d:
58:5e:26:7c:6c:42:84:f1:59:2d:a6:47:ec:e2:2a:
fe:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:22:D1:9D:E1:D8:4D:DF:6A:C9:63:F7:FE:34:A5:FA:AB:27:00:C8
X509v3 Authority Key Identifier:
keyid:9A:03:52:5F:68:EB:6B:23:5F:1D:E2:2B:60:B1:BA:ED:2F:C7:FF:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgNSX2jrayNfHeIrYLG67S_H_4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/NyLRneHYTd9qyWP3_jSl-qsnAMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5a7e46-ce1b-4955-9f39-4b311326c230/1/mgNSX2jrayNfHeIrYLG67S_H_4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.16.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:23:5b:79:c7:f8:a0:55:3a:49:7d:59:48:45:d2:86:dc:64:
e0:c8:bc:4b:8a:7a:92:ae:44:ec:17:49:dc:2e:a0:09:68:67:
6a:f7:d1:97:b5:96:95:c1:37:51:47:03:c3:49:d1:6a:c1:c1:
32:60:58:8a:0d:88:87:9a:83:4f:f2:7a:e9:d7:bc:04:b7:ce:
fc:24:02:1b:52:7a:2b:c9:1b:74:3e:95:f3:47:9e:8d:29:e9:
b4:43:8b:2c:58:79:83:95:31:75:7a:49:21:27:5a:24:e2:ef:
01:a4:a8:ce:e2:f5:e3:3c:80:59:6f:92:ea:82:78:52:96:28:
70:23:f1:17:74:0c:d7:a0:2a:d1:c7:f1:a6:ab:ce:11:81:00:
66:73:ac:32:cd:e5:61:f5:48:45:9a:2e:a2:33:f7:78:5b:21:
3f:7e:0b:b2:85:31:8f:9d:47:7f:56:23:93:5f:90:b3:39:fe:
78:89:21:12:b0:bd:88:7c:f1:fc:03:1b:82:0f:d4:52:6d:16:
48:03:a8:8d:12:50:f8:33:d9:f3:a1:bc:14:53:da:92:53:19:
54:c4:77:4d:d9:ed:3f:fe:97:87:4a:7f:ac:04:08:91:0d:72:
90:c8:d0:b8:e6:e3:fc:04:d0:98:ff:a4:e3:e4:73:bf:28:43:
70:98:46:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEKJ5dzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTAzNTI1ZjY4ZWI2YjIzNWYxZGUyMmI2MGIxYmFlZDJmYzdmZjgzMB4XDTIyMDEw
MTAwNTI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzcyMmQxOWRlMWQ4
NGRkZjZhYzk2M2Y3ZmUzNGE1ZmFhYjI3MDBjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzVP6bgqRuYbvIt7JLykycsm72ALmO4bWcHWBHEmhyGJhJ6
AbcF9ngMkLCBxRQD7W4WzLlIuZLq9ct18A6oxB2L28bLUxdJC6u1pCpTwzctpfXW
UeqGrLMnGxtaxaSp6vlfw7wJzQvDL2YKbkTr3SoNmAF7ecoKl3M83aIehnqW89v4
St1hdr4TWYsMcF6LdYl5hdseunNTZFuB/S5M40CgmXkcoEecLhxc1LOxDIsQ05bd
Yg8v9Yc6mAndbY/XZxhGHyU81MtWK/2/5FNp81sdMmWZ5eF+HD76MoL3KqQyVcDF
I6DBcWGItMZILCKdWF4mfGxChPFZLaZH7OIq/k8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3ItGd4dhN32rJY/f+NKX6qycAyDAfBgNVHSMEGDAWgBSaA1JfaOtrI18d
4itgsbrtL8f/gzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21nTlNYMmpyYXlOZkhlSXJZTEc2N1NfSF80TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNWE3ZTQ2LWNlMWItNDk1NS05ZjM5LTRiMzExMzI2YzIzMC8x
L055TFJuZUhZVGQ5cXlXUDNfalNsLXFzbkFNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
NWE3ZTQ2LWNlMWItNDk1NS05ZjM5LTRiMzExMzI2YzIzMC8xL21nTlNYMmpyYXlO
ZkhlSXJZTEc2N1NfSF80TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlAEDANBgkqhkiG9w0BAQsFAAOC
AQEAxSNbecf4oFU6SX1ZSEXShtxk4Mi8S4p6kq5E7BdJ3C6gCWhnavfRl7WWlcE3
UUcDw0nRasHBMmBYig2Ih5qDT/J66de8BLfO/CQCG1J6K8kbdD6V80eejSnptEOL
LFh5g5UxdXpJISdaJOLvAaSozuL14zyAWW+S6oJ4UpYocCPxF3QM16Aq0cfxpqvO
EYEAZnOsMs3lYfVIRZouojP3eFshP34LsoUxj51Hf1Yjk1+Qszn+eIkhErC9iHzx
/AMbgg/UUm0WSAOojRJQ+DPZ86G8FFPaklMZVMR3TdntP/6Xh0p/rAQIkQ1ykMjQ
uObj/ATQmP+k4+RzvyhDcJhGiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:21 2024 by rpki-client on console-fra.rpki-client.org