Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NK5XonwFl8TvpKuRKhWgO0tAILA.roa
File: NK5XonwFl8TvpKuRKhWgO0tAILA.roa (raw, json)
Hash identifier: s9lUoXOsyWikPlZk23sAxSnKxav028CNlAwOfqFwm4E=
Subject key identifier: 34:AE:57:A2:7C:05:97:C4:EF:A4:AB:91:2A:15:A0:3B:4B:40:20:B0
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1A259EB4
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NK5XonwFl8TvpKuRKhWgO0tAILA.roa
Signing time: Sat 14 May 2022 18:23:29 +0000
ROA not before: Sat 14 May 2022 18:23:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 193.187.153.0/24 maxlen: 24
213.232.104.0/24 maxlen: 24
92.119.150.0/24 maxlen: 32
91.188.203.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 438673076 (0x1a259eb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: May 14 18:23:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34ae57a27c0597c4efa4ab912a15a03b4b4020b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3e:35:37:be:f6:3c:28:d1:46:aa:dc:72:0c:
d1:ad:72:76:03:66:2e:ec:20:c4:58:b8:13:d1:b8:
cf:0b:67:a6:fa:a9:0d:e0:5e:7b:03:d6:90:39:9f:
32:fc:f3:59:af:9a:a2:ce:20:88:20:af:6a:71:97:
44:2c:cd:78:dd:a3:4e:c3:0e:8c:4c:a3:b5:67:64:
20:1b:62:8c:e0:b1:1a:cc:9c:c1:6e:46:06:28:ed:
96:0d:ef:f6:f4:d4:3d:82:b3:d3:ec:a0:48:f4:5e:
90:fa:4b:a8:ac:bc:3e:72:78:6d:5f:d2:a4:16:8b:
bb:5a:af:5f:2d:d7:47:58:0c:4d:19:16:5f:76:0c:
cc:63:31:d0:7c:2c:0e:f9:8c:7b:2b:10:f5:11:68:
a8:0a:ec:a4:16:71:89:9d:05:bf:5d:f3:b6:b4:e1:
ef:6d:8f:1d:48:f5:ca:f8:82:34:31:77:e8:13:5c:
dc:d8:6b:1d:fa:e1:c2:60:87:04:f1:65:38:94:23:
1b:d8:46:65:a2:a1:6c:63:a4:ee:41:f5:61:63:85:
26:88:fc:79:e0:0d:ed:e7:2a:80:85:1f:a2:78:64:
04:25:36:7b:f2:23:a5:dc:98:1c:e7:ba:f0:05:f6:
f4:56:80:c6:be:24:c8:64:e6:c0:e1:35:b4:c2:c1:
2e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AE:57:A2:7C:05:97:C4:EF:A4:AB:91:2A:15:A0:3B:4B:40:20:B0
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/NK5XonwFl8TvpKuRKhWgO0tAILA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.203.0/24
92.119.150.0/24
193.187.153.0/24
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a4:14:e7:3d:33:65:3e:98:bd:bf:6e:9e:08:78:5a:6a:49:
c6:94:5b:67:ab:05:52:7e:cd:c9:09:ca:14:c6:b3:67:2c:66:
ed:9a:a6:7a:b2:91:c3:5b:1e:9e:35:16:5f:72:db:a6:f7:aa:
fb:3a:25:5f:e7:39:4f:b2:10:21:1e:5d:66:bd:0b:6d:52:50:
87:df:fb:4c:8c:fb:3e:47:e7:98:8b:d9:d3:b6:26:b0:72:b6:
4b:66:7d:96:6c:98:49:c8:d0:78:14:5f:f3:92:9b:20:d1:3e:
0d:6c:ae:3d:62:a5:8f:cf:ad:ee:ca:3c:04:7a:48:23:4d:16:
d9:63:a8:a6:9e:79:cb:c8:ab:1f:42:68:01:f5:dc:84:d0:7c:
df:43:16:3f:d6:b7:5d:2f:17:62:f9:b7:e6:77:7f:5d:43:bb:
46:98:23:81:17:11:a7:8b:00:fa:90:10:9e:23:91:ce:ed:84:
54:b4:84:06:47:bc:e7:3c:33:38:61:38:66:1f:ab:40:9f:93:
f9:42:61:56:88:e2:c5:d9:65:09:72:eb:c1:30:b3:ab:d4:18:
02:4f:d1:fd:d3:8c:dc:0e:87:0c:45:bd:f9:b2:14:2f:3a:4c:
90:b6:bc:17:11:5e:c8:90:d0:26:0b:22:bc:54:a8:be:11:3a:
07:dd:67:e2
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGiWetDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDUx
NDE4MjMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRhZTU3YTI3YzA1
OTdjNGVmYTRhYjkxMmExNWEwM2I0YjQwMjBiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOY+NTe+9jwo0Uaq3HIM0a1ydgNmLuwgxFi4E9G4zwtnpvqp
DeBeewPWkDmfMvzzWa+aos4giCCvanGXRCzNeN2jTsMOjEyjtWdkIBtijOCxGsyc
wW5GBijtlg3v9vTUPYKz0+ygSPRekPpLqKy8PnJ4bV/SpBaLu1qvXy3XR1gMTRkW
X3YMzGMx0HwsDvmMeysQ9RFoqArspBZxiZ0Fv13ztrTh722PHUj1yviCNDF36BNc
3NhrHfrhwmCHBPFlOJQjG9hGZaKhbGOk7kH1YWOFJoj8eeAN7ecqgIUfonhkBCU2
e/IjpdyYHOe68AX29FaAxr4kyGTmwOE1tMLBLv8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ0rleifAWXxO+kq5EqFaA7S0AgsDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L05LNVhvbndGbDhUdnBLdVJLaFdnTzB0QUlMQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFu8ywMEAFx3lgMEAMG7mQMEANXo
aDANBgkqhkiG9w0BAQsFAAOCAQEAAKQU5z0zZT6Yvb9ungh4WmpJxpRbZ6sFUn7N
yQnKFMazZyxm7ZqmerKRw1senjUWX3Lbpveq+zolX+c5T7IQIR5dZr0LbVJQh9/7
TIz7PkfnmIvZ07YmsHK2S2Z9lmyYScjQeBRf85KbINE+DWyuPWKlj8+t7so8BHpI
I00W2WOopp55y8irH0JoAfXchNB830MWP9a3XS8XYvm35nd/XUO7RpgjgRcRp4sA
+pAQniORzu2EVLSEBke85zwzOGE4Zh+rQJ+T+UJhVojixdllCXLrwTCzq9QYAk/R
/dOM3A6HDEW9+bIULzpMkLa8FxFeyJDQJgsivFSovhE6B91n4g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org