Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/NwLqyXpe2iWiBylpVkge1JN78Z4.roa
File: NwLqyXpe2iWiBylpVkge1JN78Z4.roa (raw, json)
Hash identifier: pERxjO4MwjoQBr7C3nfvVVwuB2AO0hBdw1y8Qhg1agA=
Subject key identifier: 37:02:EA:C9:7A:5E:DA:25:A2:07:29:69:56:48:1E:D4:93:7B:F1:9E
Certificate issuer: /CN=96e6f77cbda101987d9dfc84be90b6fba66adc9f
Certificate serial: 01857169A1B767A2372F787F98839B55C4E5
Authority key identifier: 96:E6:F7:7C:BD:A1:01:98:7D:9D:FC:84:BE:90:B6:FB:A6:6A:DC:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/NwLqyXpe2iWiBylpVkge1JN78Z4.roa
Signing time: Mon 02 Jan 2023 07:37:06 +0000
ROA not before: Mon 02 Jan 2023 07:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212263
IP address blocks: 185.222.21.0/24 maxlen: 24
2a10:f300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a1:b7:67:a2:37:2f:78:7f:98:83:9b:55:c4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96e6f77cbda101987d9dfc84be90b6fba66adc9f
Validity
Not Before: Jan 2 07:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3702eac97a5eda25a207296956481ed4937bf19e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:be:22:84:9e:ce:3a:6c:28:a8:2b:fb:00:f0:
31:78:51:d8:1b:73:4e:44:52:6a:ce:51:bf:60:95:
41:ce:ac:a1:f6:8f:89:03:e6:4a:04:d5:3c:c7:33:
64:7e:67:23:32:e1:05:43:0b:92:de:b3:44:51:14:
42:2e:c6:80:1f:5c:df:43:ca:7a:1d:e7:49:b9:b4:
26:6d:66:85:1e:3d:30:79:5d:cd:19:51:d0:8b:43:
2a:7d:d4:a9:d3:8e:b3:1b:3e:21:1f:5b:f4:3d:0a:
08:0b:44:75:53:2f:29:a3:4d:56:06:a9:86:31:2d:
39:d7:1a:50:64:54:b5:53:cd:c3:19:1e:8f:2c:fc:
36:ac:26:87:ab:4c:c1:a4:7c:df:9f:01:98:7f:25:
67:07:e6:11:49:9f:0e:6b:d2:e7:d9:51:8a:ed:7c:
74:3c:c8:d7:53:fc:63:54:5f:b4:01:35:ba:fe:fe:
00:0c:7b:e8:77:38:8f:89:d4:fa:d0:ad:46:c2:9b:
13:52:ef:26:a3:93:be:ff:7f:8f:92:f1:11:b4:57:
07:5c:45:7a:8a:12:07:d3:be:b9:c1:e2:31:ae:83:
15:26:72:81:3d:4c:87:3f:ff:58:8e:cf:1b:30:73:
02:b7:b8:60:cb:b5:bc:44:77:85:c7:db:a1:78:f9:
7d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:02:EA:C9:7A:5E:DA:25:A2:07:29:69:56:48:1E:D4:93:7B:F1:9E
X509v3 Authority Key Identifier:
keyid:96:E6:F7:7C:BD:A1:01:98:7D:9D:FC:84:BE:90:B6:FB:A6:6A:DC:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/NwLqyXpe2iWiBylpVkge1JN78Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/lub3fL2hAZh9nfyEvpC2-6Zq3J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.21.0/24
IPv6:
2a10:f300::/29
Signature Algorithm: sha256WithRSAEncryption
5f:dc:61:a5:bb:f9:49:ca:27:61:19:5e:fb:d3:57:c1:b6:a4:
21:13:ca:53:08:c8:a3:35:b4:a2:48:3b:52:50:a8:b9:51:ef:
39:7a:29:0e:67:87:6a:c4:d9:06:93:4c:03:4f:21:5d:b9:a3:
3c:0f:6d:03:6e:45:2a:f7:04:38:5a:b5:59:a6:00:b0:e3:0c:
78:66:72:21:65:0a:c1:3b:6f:82:24:0c:2e:8b:27:80:47:3c:
79:aa:37:45:32:ee:80:2c:bc:3b:f2:19:15:0e:d1:8a:65:9d:
23:12:6d:dd:44:27:a0:71:45:00:ad:38:86:0a:80:52:b1:06:
d2:d7:81:a2:f7:98:5e:da:f9:05:15:c1:2b:14:2a:2f:56:81:
3e:8e:3c:55:98:d9:b4:e1:7e:f7:8d:c2:35:82:e8:cf:d7:c6:
46:a7:a2:63:f0:53:9d:86:cc:d2:86:a5:49:47:82:ac:1d:d2:
4f:19:19:a4:b4:2f:ab:ad:22:51:b0:b5:bf:c5:cd:c0:ef:80:
b4:74:d9:a6:91:f0:7e:65:28:48:40:32:75:b2:03:16:27:fa:
f5:8f:db:d1:ce:a6:d6:c5:b2:15:dc:6e:1f:74:b5:e7:e2:ef:
ed:01:e8:41:19:55:6c:6a:d1:dc:d2:43:36:68:73:df:5c:30:
68:8c:35:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxaaG3Z6I3L3h/mIObVcTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZTZmNzdjYmRhMTAxOTg3ZDlkZmM4NGJlOTBiNmZiYTY2
YWRjOWYwHhcNMjMwMTAyMDczNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAyZWFjOTdhNWVkYTI1YTIwNzI5Njk1NjQ4MWVkNDkzN2JmMTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb4ihJ7OOmwoqCv7APAxeFHYG3NO
RFJqzlG/YJVBzqyh9o+JA+ZKBNU8xzNkfmcjMuEFQwuS3rNEURRCLsaAH1zfQ8p6
HedJubQmbWaFHj0weV3NGVHQi0MqfdSp046zGz4hH1v0PQoIC0R1Uy8po01WBqmG
MS051xpQZFS1U83DGR6PLPw2rCaHq0zBpHzfnwGYfyVnB+YRSZ8Oa9Ln2VGK7Xx0
PMjXU/xjVF+0ATW6/v4ADHvodziPidT60K1GwpsTUu8mo5O+/3+PkvERtFcHXEV6
ihIH0765weIxroMVJnKBPUyHP/9Yjs8bMHMCt7hgy7W8RHeFx9uhePl9IwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDcC6sl6XtologcpaVZIHtSTe/GeMB8GA1UdIwQY
MBaAFJbm93y9oQGYfZ38hL6QtvumatyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHViM2ZMMmhBWmg5bmZ5RXZwQzItNlpxM0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8xY2JjMWUtNGQ0Ni00YjViLWIyNDkt
MzIwOGRlMzljMDlkLzEvTndMcXlYcGUyaVdpQnlscFZrZ2UxSk43OFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8xY2JjMWUtNGQ0Ni00YjViLWIyNDktMzIwOGRlMzljMDlk
LzEvbHViM2ZMMmhBWmg5bmZ5RXZwQzItNlpxM0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAud4VMA0E
AgACMAcDBQMqEPMAMA0GCSqGSIb3DQEBCwUAA4IBAQBf3GGlu/lJyidhGV7701fB
tqQhE8pTCMijNbSiSDtSUKi5Ue85eikOZ4dqxNkGk0wDTyFduaM8D20DbkUq9wQ4
WrVZpgCw4wx4ZnIhZQrBO2+CJAwuiyeARzx5qjdFMu6ALLw78hkVDtGKZZ0jEm3d
RCegcUUArTiGCoBSsQbS14Gi95he2vkFFcErFCovVoE+jjxVmNm04X73jcI1gujP
18ZGp6Jj8FOdhszShqVJR4KsHdJPGRmktC+rrSJRsLW/xc3A74C0dNmmkfB+ZShI
QDJ1sgMWJ/r1j9vRzqbWxbIV3G4fdLXn4u/tAehBGVVsatHc0kM2aHPfXDBojDU0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:32 2025 by rpki-client