Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/nXqPfW-9l7fnBZiiVeW9OLnxHOc.roa
File: nXqPfW-9l7fnBZiiVeW9OLnxHOc.roa (raw, json)
Hash identifier: ZJlLnTLQJifr7GzWmG99xc4bTmQZxS+KiV11jj/Ycjc=
Subject key identifier: 9D:7A:8F:7D:6F:BD:97:B7:E7:05:98:A2:55:E5:BD:38:B9:F1:1C:E7
Certificate issuer: /CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Certificate serial: 017321D4
Authority key identifier: D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/nXqPfW-9l7fnBZiiVeW9OLnxHOc.roa
Signing time: Fri 14 Jan 2022 09:14:09 +0000
ROA not before: Fri 14 Jan 2022 09:14:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61150
IP address blocks: 46.18.111.0/24 maxlen: 24
2a0e:11c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24322516 (0x17321d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Validity
Not Before: Jan 14 09:14:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d7a8f7d6fbd97b7e70598a255e5bd38b9f11ce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:56:e4:42:1c:29:ae:37:6b:da:68:fe:4d:
fa:8b:68:de:23:6b:d3:4f:3c:30:22:a5:99:0a:95:
ed:21:e6:fe:89:06:5f:b0:17:2f:a7:de:f6:61:05:
e1:30:62:99:9f:bb:76:35:83:2f:bb:b9:ae:fa:7a:
ab:ee:b4:c6:ab:09:a1:f3:56:b2:e9:de:33:e3:6c:
3c:ac:44:03:d6:54:bf:9a:15:6f:20:21:61:78:67:
eb:c5:b8:ae:8c:6d:e4:67:c3:73:29:0d:4e:da:d5:
52:59:7d:c8:da:24:02:65:f4:a3:50:bf:54:f3:90:
4e:b7:08:a2:ae:3f:68:4f:4d:d1:1c:47:7a:61:d1:
e2:19:97:d0:7f:80:f4:9e:96:01:f2:fb:4b:fd:80:
cf:e0:ae:87:c6:7c:c4:ea:6c:2c:a5:4e:1a:bb:23:
ce:1f:3f:cb:6e:f2:de:7d:8c:bd:01:60:29:a3:70:
5a:49:6e:85:ab:05:88:d8:40:5e:e7:ce:70:3b:07:
b7:f6:44:e1:bd:1c:c7:b0:39:1c:68:9e:3f:98:e3:
86:43:a1:55:98:36:f5:df:7f:0b:c9:d0:94:c3:ce:
f9:d9:e9:01:3e:ef:a9:37:12:84:7e:6d:48:31:38:
8e:3c:a8:5c:bd:b6:6a:05:d2:7d:9c:5f:01:50:0b:
cd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7A:8F:7D:6F:BD:97:B7:E7:05:98:A2:55:E5:BD:38:B9:F1:1C:E7
X509v3 Authority Key Identifier:
keyid:D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/nXqPfW-9l7fnBZiiVeW9OLnxHOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.111.0/24
IPv6:
2a0e:11c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:32:73:25:5b:55:ab:73:bb:b2:99:3b:36:ae:4f:ab:50:07:
76:68:5b:cf:be:e1:8a:94:73:d3:9c:72:58:95:ad:8d:95:ca:
0d:f1:3e:c5:3f:67:82:80:a1:aa:cf:3d:5b:86:a7:03:a0:6a:
8f:e6:64:9e:ba:19:e3:be:56:48:19:69:c4:28:89:bc:e7:a9:
1d:0c:cf:4f:ef:80:f0:64:af:7d:4c:3d:51:6a:87:3c:01:0d:
d4:e2:d3:69:61:99:bb:57:e6:78:76:5a:eb:b0:14:4a:12:dd:
b0:06:38:52:cb:98:93:ea:9d:9a:96:9a:6d:ee:8c:78:18:05:
3f:f3:a1:33:69:aa:0b:7f:48:e4:02:41:1b:ef:67:06:54:f0:
de:60:ed:29:b8:bf:92:fa:7f:c7:1f:08:91:bb:5b:fe:3c:ce:
9b:14:37:0e:0d:52:19:b8:ab:1e:61:cf:52:11:1f:74:65:a8:
9a:19:36:e0:27:75:6f:9d:49:74:0e:ea:1c:42:fd:79:37:b8:
ef:36:3d:1f:32:6a:d9:1d:7c:b3:80:65:8f:89:12:a3:16:82:
c9:17:63:69:53:f2:de:3c:a9:54:21:30:05:d2:57:83:28:8f:
b1:a9:98:38:bc:ed:62:8b:56:a0:c7:0a:a3:a1:76:48:2d:22:
95:9e:8f:58
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAXMh1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzM3ODI0ZTBmZmE3OWYxOGI5ZmM0OWQ2Y2IwZGQ4MWM5YTZjYTI4MB4XDTIyMDEx
NDA5MTQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ3YThmN2Q2ZmJk
OTdiN2U3MDU5OGEyNTVlNWJkMzhiOWYxMWNlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMySVuRCHCmuN2vaaP5N+oto3iNr0088MCKlmQqV7SHm/okG
X7AXL6fe9mEF4TBimZ+7djWDL7u5rvp6q+60xqsJofNWsuneM+NsPKxEA9ZUv5oV
byAhYXhn68W4roxt5GfDcykNTtrVUll9yNokAmX0o1C/VPOQTrcIoq4/aE9N0RxH
emHR4hmX0H+A9J6WAfL7S/2Az+Cuh8Z8xOpsLKVOGrsjzh8/y27y3n2MvQFgKaNw
WkluhasFiNhAXufOcDsHt/ZE4b0cx7A5HGieP5jjhkOhVZg29d9/C8nQlMPO+dnp
AT7vqTcShH5tSDE4jjyoXL22agXSfZxfAVALzXkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSdeo99b72Xt+cFmKJV5b04ufEc5zAfBgNVHSMEGDAWgBTXN4JOD/p58Yuf
xJ1ssN2ByabKKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF6ZUNUZ182ZWZHTG44U2RiTERkZ2NtbXlpZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNDQ2ZDQwLTU3ODItNGRlMC1hMmM1LWI2OGY1ZDhmNjUxYS8x
L25YcVBmVy05bDdmbkJaaWlWZVc5T0xueEhPYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NDQ2ZDQwLTU3ODItNGRlMC1hMmM1LWI2OGY1ZDhmNjUxYS8xLzF6ZUNUZ182ZWZH
TG44U2RiTERkZ2NtbXlpZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC4SbzANBAIAAjAHAwUAKg4RwDAN
BgkqhkiG9w0BAQsFAAOCAQEAKTJzJVtVq3O7spk7Nq5Pq1AHdmhbz77hipRz05xy
WJWtjZXKDfE+xT9ngoChqs89W4anA6Bqj+ZknroZ475WSBlpxCiJvOepHQzPT++A
8GSvfUw9UWqHPAEN1OLTaWGZu1fmeHZa67AUShLdsAY4UsuYk+qdmpaabe6MeBgF
P/OhM2mqC39I5AJBG+9nBlTw3mDtKbi/kvp/xx8Ikbtb/jzOmxQ3Dg1SGbirHmHP
UhEfdGWomhk24Cd1b51JdA7qHEL9eTe47zY9HzJq2R18s4Blj4kSoxaCyRdjaVPy
3jypVCEwBdJXgyiPsamYOLztYotWoMcKo6F2SC0ilZ6PWA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-fra.rpki-client.org