Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/NUZb-KAY6imwsJY4De7lX_KtSws.roa
File: NUZb-KAY6imwsJY4De7lX_KtSws.roa (raw, json)
Hash identifier: Q5lduRhq3DKh2H7oahnja0YLrHTXFuKMlx6d9xfKk2Q=
Subject key identifier: 35:46:5B:F8:A0:18:EA:29:B0:B0:96:38:0D:EE:E5:5F:F2:AD:4B:0B
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 0184CE3611D29CCFD64C703E31B36D1DA370
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/NUZb-KAY6imwsJY4De7lX_KtSws.roa
Signing time: Thu 01 Dec 2022 15:02:40 +0000
ROA not before: Thu 01 Dec 2022 15:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20847
IP address blocks: 195.211.72.0/22 maxlen: 24
141.138.168.0/21 maxlen: 24
2a03:3c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:36:11:d2:9c:cf:d6:4c:70:3e:31:b3:6d:1d:a3:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Dec 1 15:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35465bf8a018ea29b0b096380deee55ff2ad4b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:51:2c:23:46:e7:6b:d0:47:fd:a2:6e:10:98:
ff:47:9c:56:d2:5d:6d:9d:7f:70:f8:29:c6:9e:71:
30:af:fd:cc:fb:d3:1d:9f:be:50:2a:04:eb:d7:7c:
6a:f1:4b:fd:8b:f0:0a:10:d1:41:ec:c4:79:9b:44:
24:79:d7:04:96:10:a7:20:75:d2:c4:e1:47:34:3d:
dd:5b:8d:fd:06:58:8c:fd:94:77:ca:e4:1a:e9:aa:
a3:14:88:48:90:e9:d8:48:fa:81:da:64:1d:3c:2a:
eb:c8:03:fd:2a:90:3e:f5:1f:3a:da:7c:08:05:44:
e2:0f:3e:0c:0b:6b:77:a4:f9:94:b5:bb:67:fc:f1:
31:68:a4:0b:b5:6c:b8:b8:13:38:92:00:fa:2f:5e:
c1:e4:7b:63:37:a6:d0:fa:27:15:86:6e:8d:f1:35:
94:7b:9f:e5:ea:4b:5e:c1:54:2d:c0:27:3a:f6:7f:
1d:ff:4a:15:05:bf:e0:63:3f:e7:b6:02:84:02:4f:
49:5b:95:37:d7:5f:ed:b9:ec:46:92:a4:44:fd:51:
ec:d1:64:68:80:d2:a4:22:5d:54:5b:23:5b:6c:45:
e5:8f:57:bc:3d:d3:53:77:a0:e8:25:2b:97:87:d6:
4a:9d:31:cc:72:22:83:9d:2b:65:ff:0a:8e:7a:47:
bb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:46:5B:F8:A0:18:EA:29:B0:B0:96:38:0D:EE:E5:5F:F2:AD:4B:0B
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/NUZb-KAY6imwsJY4De7lX_KtSws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/21
195.211.72.0/22
IPv6:
2a03:3c00::/32
Signature Algorithm: sha256WithRSAEncryption
4e:c4:d5:6f:66:21:30:fa:d9:5a:2a:36:0c:82:d3:84:50:86:
4f:5f:b2:42:d5:48:26:c9:3b:9a:bd:13:d0:30:aa:5e:8c:8d:
99:11:28:be:03:a2:b4:53:f4:b5:01:8b:5a:0c:25:f4:23:47:
f4:b7:f3:c7:90:ae:d7:80:f9:01:7d:20:f8:05:93:af:63:56:
41:a7:91:8e:78:00:84:93:55:5e:6b:c4:3c:a2:fb:42:7c:e0:
bb:a6:84:c3:a7:bd:5e:41:a0:09:00:88:6d:e8:7a:a1:a1:22:
27:51:3f:d7:74:2b:4f:47:5a:f9:e7:01:3c:1a:bb:a9:6f:66:
c3:1e:bf:35:34:ca:d1:9a:98:55:5c:8e:9a:4c:c4:77:76:7f:
f0:04:f5:6b:6a:70:8e:b6:54:ed:70:84:54:bd:07:5b:30:06:
81:a3:0a:79:ab:c7:8c:a4:0d:31:a3:2e:44:fb:1a:fe:8f:98:
3c:62:e7:20:10:32:1e:49:02:b6:dd:c3:48:e6:74:c9:bc:c2:
8e:f2:70:50:16:6c:8c:05:a4:87:33:26:df:42:bc:31:58:49:
04:51:22:6a:e3:ef:bd:11:4c:2a:c8:e1:be:6a:fc:83:54:48:
e1:83:b8:44:35:69:d2:69:02:a5:1f:ad:63:9a:c3:e4:16:71:
68:33:8f:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYTONhHSnM/WTHA+MbNtHaNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjIxMjAxMTUwMjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ2NWJmOGEwMThlYTI5YjBiMDk2MzgwZGVlZTU1ZmYyYWQ0YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31EsI0bna9BH/aJuEJj/R5xW0l1t
nX9w+CnGnnEwr/3M+9Mdn75QKgTr13xq8Uv9i/AKENFB7MR5m0QkedcElhCnIHXS
xOFHND3dW439BliM/ZR3yuQa6aqjFIhIkOnYSPqB2mQdPCrryAP9KpA+9R862nwI
BUTiDz4MC2t3pPmUtbtn/PExaKQLtWy4uBM4kgD6L17B5HtjN6bQ+icVhm6N8TWU
e5/l6ktewVQtwCc69n8d/0oVBb/gYz/ntgKEAk9JW5U311/tuexGkqRE/VHs0WRo
gNKkIl1UWyNbbEXlj1e8PdNTd6DoJSuXh9ZKnTHMciKDnStl/wqOeke7EwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDVGW/igGOopsLCWOA3u5V/yrUsLMB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEvTlVaYi1LQVk2aW13c0pZNERlN2xYX0t0U3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDjYqoAwQC
w9NIMA0EAgACMAcDBQAqAzwAMA0GCSqGSIb3DQEBCwUAA4IBAQBOxNVvZiEw+tla
KjYMgtOEUIZPX7JC1UgmyTuavRPQMKpejI2ZESi+A6K0U/S1AYtaDCX0I0f0t/PH
kK7XgPkBfSD4BZOvY1ZBp5GOeACEk1Vea8Q8ovtCfOC7poTDp71eQaAJAIht6Hqh
oSInUT/XdCtPR1r55wE8Grupb2bDHr81NMrRmphVXI6aTMR3dn/wBPVranCOtlTt
cIRUvQdbMAaBowp5q8eMpA0xoy5E+xr+j5g8YucgEDIeSQK23cNI5nTJvMKO8nBQ
FmyMBaSHMybfQrwxWEkEUSJq4++9EUwqyOG+avyDVEjhg7hENWnSaQKlH61jmsPk
FnFoM4+O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:27 2024 by rpki-client on console-ams.rpki-client.org