Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/d8fc78-a51b-43dc-b50a-8ae43081aa36/1/NoEhgZ-krOaKqRtj_eFYOCdx5iM.roa
File: NoEhgZ-krOaKqRtj_eFYOCdx5iM.roa (raw, json)
Hash identifier: wcURU+p5EGnWcbwNiKaQfHT7aiIMZHuGqAtvqxPb2G0=
Subject key identifier: 36:81:21:81:9F:A4:AC:E6:8A:A9:1B:63:FD:E1:58:38:27:71:E6:23
Certificate issuer: /CN=9aae46e2135930da268c064dce5adbb63a0cec36
Certificate serial: 01856D41A6B34BDCF1669F4AD4F5B1F4D381
Authority key identifier: 9A:AE:46:E2:13:59:30:DA:26:8C:06:4D:CE:5A:DB:B6:3A:0C:EC:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mq5G4hNZMNomjAZNzlrbtjoM7DY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/d8fc78-a51b-43dc-b50a-8ae43081aa36/1/NoEhgZ-krOaKqRtj_eFYOCdx5iM.roa
Signing time: Sun 01 Jan 2023 12:14:57 +0000
ROA not before: Sun 01 Jan 2023 12:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210875
IP address blocks: 87.236.160.0/24 maxlen: 24
2a11:4c80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a6:b3:4b:dc:f1:66:9f:4a:d4:f5:b1:f4:d3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aae46e2135930da268c064dce5adbb63a0cec36
Validity
Not Before: Jan 1 12:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=368121819fa4ace68aa91b63fde158382771e623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:e3:aa:19:16:22:24:56:7d:8e:8d:23:c3:
54:0d:e9:d9:d1:46:4b:77:34:52:62:30:5b:0f:f9:
31:12:94:ff:b4:15:bf:e2:a4:fb:25:d1:e9:53:8c:
59:58:34:c5:a6:17:17:27:20:c6:24:fa:47:1a:41:
6b:68:70:ab:48:b7:77:57:37:5d:84:04:e7:94:be:
49:2f:0d:5a:37:4f:d9:65:db:de:f1:4a:ea:63:01:
42:ec:45:49:29:fb:8a:82:e8:9b:4b:1d:0f:c6:02:
28:d4:eb:99:dd:08:1a:06:4c:70:b6:bf:51:9c:da:
97:05:fe:23:53:72:b3:ee:bc:3d:ef:33:ef:17:8a:
4b:3a:8b:31:51:35:06:c4:4f:7f:e8:9f:6d:bc:99:
d6:86:dc:e6:41:a7:32:83:da:ad:1f:86:2a:56:50:
f9:85:7d:15:99:31:be:65:32:18:db:10:67:1e:74:
6e:df:66:5c:44:f2:06:43:67:12:7b:77:2b:9b:e5:
ad:d6:cd:22:c2:43:f6:b6:ed:9b:fb:28:97:21:27:
16:b9:ce:4a:6d:8a:fa:4a:4a:67:3b:e8:22:67:1e:
f4:a0:4b:42:d7:d8:4d:72:df:3f:5f:75:0e:26:2f:
20:7c:07:7d:15:59:78:46:8e:7b:0f:51:2a:4e:b6:
f1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:81:21:81:9F:A4:AC:E6:8A:A9:1B:63:FD:E1:58:38:27:71:E6:23
X509v3 Authority Key Identifier:
keyid:9A:AE:46:E2:13:59:30:DA:26:8C:06:4D:CE:5A:DB:B6:3A:0C:EC:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mq5G4hNZMNomjAZNzlrbtjoM7DY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d8fc78-a51b-43dc-b50a-8ae43081aa36/1/NoEhgZ-krOaKqRtj_eFYOCdx5iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d8fc78-a51b-43dc-b50a-8ae43081aa36/1/mq5G4hNZMNomjAZNzlrbtjoM7DY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.160.0/24
IPv6:
2a11:4c80::/29
Signature Algorithm: sha256WithRSAEncryption
70:20:13:99:c5:cb:d4:87:af:51:de:71:90:5f:73:86:dd:05:
0f:ef:84:44:0c:28:0f:4d:31:db:97:9d:bf:44:ea:27:46:6a:
76:f6:b9:ba:7c:87:ac:30:3f:2c:af:13:33:4e:da:88:ba:cd:
5c:78:cd:58:ab:63:90:d0:d0:be:49:30:e8:50:4b:97:7e:48:
ab:fd:ca:f9:91:0d:c7:58:c2:b5:a0:03:16:c0:6b:e5:52:0f:
64:88:96:1a:a3:f3:a6:45:b5:50:94:fe:fe:da:56:a0:4d:9f:
db:fd:40:c2:b1:bd:43:cd:24:99:ed:9b:05:dd:31:98:73:4f:
a2:57:d2:88:cb:71:4a:15:23:ef:f2:bd:7a:93:aa:a1:1c:07:
8d:88:12:e4:d8:20:aa:d0:70:8c:40:50:69:68:bd:5d:14:58:
7c:f8:51:74:23:b2:67:6d:24:39:8a:5e:a6:4e:89:fa:e1:cf:
75:19:f5:fe:9a:07:35:21:fc:bb:7c:92:20:20:9f:ec:83:47:
cb:75:a6:f9:66:77:43:a7:ec:c2:42:0c:cb:bb:a9:5b:b6:b8:
66:22:81:0b:74:43:e1:1b:39:56:1c:3a:dd:41:49:a8:b3:bb:
6e:3d:19:af:2d:5d:bf:fe:dc:d3:e5:b3:e7:85:d8:37:99:b4:
be:41:50:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtQaazS9zxZp9K1PWx9NOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhYWU0NmUyMTM1OTMwZGEyNjhjMDY0ZGNlNWFkYmI2M2Ew
Y2VjMzYwHhcNMjMwMTAxMTIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjgxMjE4MTlmYTRhY2U2OGFhOTFiNjNmZGUxNTgzODI3NzFlNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzbjqhkWIiRWfY6NI8NUDenZ0UZL
dzRSYjBbD/kxEpT/tBW/4qT7JdHpU4xZWDTFphcXJyDGJPpHGkFraHCrSLd3Vzdd
hATnlL5JLw1aN0/ZZdve8UrqYwFC7EVJKfuKguibSx0PxgIo1OuZ3QgaBkxwtr9R
nNqXBf4jU3Kz7rw97zPvF4pLOosxUTUGxE9/6J9tvJnWhtzmQacyg9qtH4YqVlD5
hX0VmTG+ZTIY2xBnHnRu32ZcRPIGQ2cSe3crm+Wt1s0iwkP2tu2b+yiXIScWuc5K
bYr6SkpnO+giZx70oEtC19hNct8/X3UOJi8gfAd9FVl4Ro57D1EqTrbxVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDaBIYGfpKzmiqkbY/3hWDgnceYjMB8GA1UdIwQY
MBaAFJquRuITWTDaJowGTc5a27Y6DOw2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXE1RzRoTlpNTm9takFaTnpscmJ0am9NN0RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kOGZjNzgtYTUxYi00M2RjLWI1MGEt
OGFlNDMwODFhYTM2LzEvTm9FaGdaLWtyT2FLcVJ0al9lRllPQ2R4NWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kOGZjNzgtYTUxYi00M2RjLWI1MGEtOGFlNDMwODFhYTM2
LzEvbXE1RzRoTlpNTm9takFaTnpscmJ0am9NN0RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAV+ygMA0E
AgACMAcDBQMqEUyAMA0GCSqGSIb3DQEBCwUAA4IBAQBwIBOZxcvUh69R3nGQX3OG
3QUP74REDCgPTTHbl52/ROonRmp29rm6fIesMD8srxMzTtqIus1ceM1Yq2OQ0NC+
STDoUEuXfkir/cr5kQ3HWMK1oAMWwGvlUg9kiJYao/OmRbVQlP7+2lagTZ/b/UDC
sb1DzSSZ7ZsF3TGYc0+iV9KIy3FKFSPv8r16k6qhHAeNiBLk2CCq0HCMQFBpaL1d
FFh8+FF0I7JnbSQ5il6mTon64c91GfX+mgc1Ify7fJIgIJ/sg0fLdab5ZndDp+zC
QgzLu6lbtrhmIoELdEPhGzlWHDrdQUmos7tuPRmvLV2//tzT5bPnhdg3mbS+QVDl
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:52:53 2025 by rpki-client