Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/NW2S5z-2-CMs77fpc4DKnoGRarc.roa
File: NW2S5z-2-CMs77fpc4DKnoGRarc.roa (raw, json)
Hash identifier: 60FIhyqjzOEDLG/U6vlJWKKnS3Ni3ETSVIzSL2CUH8Y=
Subject key identifier: 35:6D:92:E7:3F:B6:F8:23:2C:EF:B7:E9:73:80:CA:9E:81:91:6A:B7
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 01837DB30CD01E5D32F65FDE265C339445C0
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/NW2S5z-2-CMs77fpc4DKnoGRarc.roa
Signing time: Tue 27 Sep 2022 06:47:09 +0000
ROA not before: Tue 27 Sep 2022 06:47:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.174.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:b3:0c:d0:1e:5d:32:f6:5f:de:26:5c:33:94:45:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Sep 27 06:47:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=356d92e73fb6f8232cefb7e97380ca9e81916ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:69:17:ad:88:3a:05:53:39:6b:dc:ca:ca:f0:
af:88:58:3d:60:6a:84:58:58:ae:5c:37:0a:d7:1d:
1a:23:db:3e:20:6e:ae:e0:cd:9f:3f:64:ef:e5:a5:
63:5c:42:b0:63:ce:20:19:f5:49:2e:5d:49:81:30:
7d:c2:2c:bd:33:e4:7f:ee:4d:e6:10:d2:97:ee:d5:
f8:e2:fb:d8:da:b5:d1:4b:63:6c:1f:7f:e6:36:9d:
fa:34:a6:31:f3:2c:af:06:fc:40:98:a5:dc:e7:f4:
7a:c7:0a:12:b4:69:e8:30:d7:75:88:42:ae:fb:13:
0d:13:6e:ce:f6:e8:ba:ef:30:c7:3b:0d:67:85:39:
44:37:79:1f:f0:2f:9e:6f:a5:6e:9f:0b:af:74:90:
87:b6:17:79:fe:3c:e7:e4:2c:8c:6b:f6:52:b0:fe:
3a:2e:bd:1f:ee:2a:db:f8:f4:59:90:c0:5f:67:05:
8b:dd:9f:76:7a:53:3a:b9:13:ac:ab:da:95:20:cb:
de:81:cc:0b:9e:d1:8c:6d:cc:b5:e3:9f:bc:23:ed:
56:2c:40:78:70:6c:7d:22:42:a3:51:f6:9e:81:49:
1d:4d:6c:53:51:ab:bb:72:43:15:83:51:a2:70:79:
02:cd:da:dc:de:7e:a2:ef:ae:0a:91:b7:43:74:56:
4b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6D:92:E7:3F:B6:F8:23:2C:EF:B7:E9:73:80:CA:9E:81:91:6A:B7
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/NW2S5z-2-CMs77fpc4DKnoGRarc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.41.0/24
Signature Algorithm: sha256WithRSAEncryption
73:d6:e0:86:c9:85:42:90:ff:a4:c8:2b:c2:76:f8:6b:fa:05:
fc:12:3c:63:b4:44:de:1f:34:7d:70:db:ce:f3:e0:f5:3a:e1:
2f:0b:26:67:d9:39:aa:52:22:82:4a:ba:bd:ac:78:db:ed:50:
0a:27:68:3d:8f:52:52:36:fc:cd:d2:92:c8:90:89:d7:e4:6b:
ce:76:1c:0a:0f:de:e8:6d:11:28:ad:b0:36:f9:8a:76:d4:ea:
1b:ca:63:08:97:ce:2d:f7:06:43:d9:ad:78:92:86:44:0c:90:
e5:df:57:a7:4c:f8:f0:eb:2d:e7:ef:3a:a4:aa:3e:bc:ad:f2:
cc:69:3f:6c:e6:05:c9:10:db:ba:f9:b5:87:7e:aa:ee:d4:6d:
6f:bb:33:cc:09:2a:4f:58:d9:44:bb:6b:1d:00:c2:19:3e:6b:
92:2a:08:1f:77:dc:08:67:c1:ad:91:ad:52:32:a5:6b:a7:e0:
57:63:4e:f1:6c:64:dc:7b:26:ec:16:91:ac:52:c8:d0:3b:9d:
d0:58:7b:d7:c3:d2:d5:ea:6c:04:63:15:37:83:38:28:0b:e5:
b3:3c:8b:9f:c7:68:ac:ec:8a:17:38:13:7e:62:bf:6d:4c:8d:
63:07:a0:7a:b6:16:58:f1:c8:db:24:9d:77:44:3e:20:3f:2b:
45:18:58:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN9swzQHl0y9l/eJlwzlEXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjIwOTI3MDY0NzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZkOTJlNzNmYjZmODIzMmNlZmI3ZTk3MzgwY2E5ZTgxOTE2YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmkXrYg6BVM5a9zKyvCviFg9YGqE
WFiuXDcK1x0aI9s+IG6u4M2fP2Tv5aVjXEKwY84gGfVJLl1JgTB9wiy9M+R/7k3m
ENKX7tX44vvY2rXRS2NsH3/mNp36NKYx8yyvBvxAmKXc5/R6xwoStGnoMNd1iEKu
+xMNE27O9ui67zDHOw1nhTlEN3kf8C+eb6VunwuvdJCHthd5/jzn5CyMa/ZSsP46
Lr0f7irb+PRZkMBfZwWL3Z92elM6uROsq9qVIMvegcwLntGMbcy145+8I+1WLEB4
cGx9IkKjUfaegUkdTWxTUau7ckMVg1GicHkCzdrc3n6i764KkbdDdFZLzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVtkuc/tvgjLO+36XOAyp6BkWq3MB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvTlcyUzV6LTItQ01zNzdmcGM0REtub0dSYXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4pMA0G
CSqGSIb3DQEBCwUAA4IBAQBz1uCGyYVCkP+kyCvCdvhr+gX8EjxjtETeHzR9cNvO
8+D1OuEvCyZn2TmqUiKCSrq9rHjb7VAKJ2g9j1JSNvzN0pLIkInX5GvOdhwKD97o
bREorbA2+Yp21OobymMIl84t9wZD2a14koZEDJDl31enTPjw6y3n7zqkqj68rfLM
aT9s5gXJENu6+bWHfqru1G1vuzPMCSpPWNlEu2sdAMIZPmuSKggfd9wIZ8Gtka1S
MqVrp+BXY07xbGTceybsFpGsUsjQO53QWHvXw9LV6mwEYxU3gzgoC+WzPIufx2is
7IoXOBN+Yr9tTI1jB6B6thZY8cjbJJ13RD4gPytFGFjo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:21 2023 by rpki-client on console-fra.rpki-client.org