Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/ncuxhXgAUabCLh1r1M8qbwBj8Lw.roa
File: ncuxhXgAUabCLh1r1M8qbwBj8Lw.roa (raw, json)
Hash identifier: Ejkek1P9XSwFI6QnCrZXA9kVsTbCqIPrHZU/1YezSlw=
Subject key identifier: 9D:CB:B1:85:78:00:51:A6:C2:2E:1D:6B:D4:CF:2A:6F:00:63:F0:BC
Certificate issuer: /CN=2dea78b12d435b97defbf92c74265c3433bbd029
Certificate serial: 0184EC54EF9905614A8A6D3FEB5827DCA932
Authority key identifier: 2D:EA:78:B1:2D:43:5B:97:DE:FB:F9:2C:74:26:5C:34:33:BB:D0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lep4sS1DW5fe-_ksdCZcNDO70Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/ncuxhXgAUabCLh1r1M8qbwBj8Lw.roa
Signing time: Wed 07 Dec 2022 11:25:00 +0000
ROA not before: Wed 07 Dec 2022 11:25:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42668
IP address blocks: 89.223.32.0/19 maxlen: 21
89.107.11.0/24 maxlen: 24
31.134.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:54:ef:99:05:61:4a:8a:6d:3f:eb:58:27:dc:a9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dea78b12d435b97defbf92c74265c3433bbd029
Validity
Not Before: Dec 7 11:25:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dcbb185780051a6c22e1d6bd4cf2a6f0063f0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7c:a8:c6:5f:2a:52:99:18:d4:27:51:f8:72:
cf:16:9a:ae:8f:f7:f5:28:bb:17:c6:c2:39:fd:6e:
bd:3a:62:21:53:3b:fe:f7:21:1e:f9:b5:d3:b1:03:
0a:d6:dd:ec:35:5f:2c:c8:0e:b6:42:5c:a3:41:ed:
28:cb:e7:42:4c:60:99:cf:ca:b4:0d:1b:73:7a:e0:
d7:5f:f2:13:0b:cd:cb:92:7a:a9:89:7c:c5:7b:8a:
86:c3:b7:46:da:3d:b2:1e:2b:0c:2a:fa:f2:4f:f2:
a9:78:c4:41:2f:38:d2:5b:12:f2:5d:0c:64:5c:9a:
82:4a:54:8e:06:09:7e:de:be:7c:ed:60:f7:5a:e6:
6d:25:2e:6f:a8:89:40:3d:d4:ef:93:1d:7f:16:44:
7c:3b:b9:47:76:c9:a0:dc:e4:6f:f7:c9:1a:b8:33:
d3:87:91:1d:3b:f3:db:f9:f4:92:5e:74:fd:8d:0d:
0a:d9:cf:a0:0a:83:06:a2:da:01:3a:38:59:6e:9c:
6b:02:9d:8b:0c:cf:6f:41:93:e3:08:dc:85:5d:b0:
07:9b:1e:38:63:30:88:d7:1c:3f:c6:9b:93:51:25:
b5:4b:28:ef:30:51:64:3c:4d:ac:f4:08:97:ed:32:
05:3d:32:dd:67:ff:2d:5f:13:7d:07:75:7b:9d:16:
ab:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CB:B1:85:78:00:51:A6:C2:2E:1D:6B:D4:CF:2A:6F:00:63:F0:BC
X509v3 Authority Key Identifier:
keyid:2D:EA:78:B1:2D:43:5B:97:DE:FB:F9:2C:74:26:5C:34:33:BB:D0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lep4sS1DW5fe-_ksdCZcNDO70Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/ncuxhXgAUabCLh1r1M8qbwBj8Lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/96faed-87c0-4b00-8178-a1dcc3fb9a4f/1/Lep4sS1DW5fe-_ksdCZcNDO70Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.128.0/18
89.107.11.0/24
89.223.32.0/19
Signature Algorithm: sha256WithRSAEncryption
29:a1:2b:ec:62:e1:f9:21:cb:85:01:8c:5a:b3:b4:43:ff:52:
19:77:a6:ed:7a:b3:9f:1f:45:6a:c7:e5:d1:82:27:7c:b3:e3:
b2:e9:c3:cb:c5:4c:af:cd:58:c9:b3:68:e0:3c:33:e2:ff:df:
fb:c7:4b:bd:8e:68:ad:f2:f8:16:5a:4c:0f:97:f6:78:2f:eb:
da:19:17:90:a0:d0:f6:e5:ff:a2:38:b2:26:60:a6:fa:16:62:
aa:06:ec:25:3c:2f:18:7e:0f:86:ff:3f:50:c7:57:40:8e:02:
4b:f8:d8:53:76:c8:3f:3b:18:17:7c:3b:4b:c9:fe:51:0d:37:
40:bc:31:6e:3a:e6:fe:0d:d5:48:70:62:5c:f9:b4:89:78:a4:
85:f7:6c:a3:ed:1f:ac:be:5c:52:4d:47:c3:fb:12:a2:45:cc:
b4:04:a7:d1:19:05:76:5d:d2:c1:d9:62:8d:f1:8d:ae:51:b9:
92:98:40:f6:1c:93:70:04:08:cf:bc:05:a6:cc:63:78:fc:7d:
6a:d2:c9:83:df:7a:13:2c:0d:c7:f7:02:f0:a2:14:81:ec:cd:
31:88:f3:c1:06:df:ab:86:79:70:b0:08:c6:5d:6b:ca:d9:7d:
a4:11:b3:3a:c3:1e:ae:dc:5c:0d:b5:e0:90:ca:34:4b:14:32:
86:17:e0:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTsVO+ZBWFKim0/61gn3KkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWE3OGIxMmQ0MzViOTdkZWZiZjkyYzc0MjY1YzM0MzNi
YmQwMjkwHhcNMjIxMjA3MTEyNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNiYjE4NTc4MDA1MWE2YzIyZTFkNmJkNGNmMmE2ZjAwNjNmMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3yoxl8qUpkY1CdR+HLPFpquj/f1
KLsXxsI5/W69OmIhUzv+9yEe+bXTsQMK1t3sNV8syA62QlyjQe0oy+dCTGCZz8q0
DRtzeuDXX/ITC83LknqpiXzFe4qGw7dG2j2yHisMKvryT/KpeMRBLzjSWxLyXQxk
XJqCSlSOBgl+3r587WD3WuZtJS5vqIlAPdTvkx1/FkR8O7lHdsmg3ORv98kauDPT
h5EdO/Pb+fSSXnT9jQ0K2c+gCoMGotoBOjhZbpxrAp2LDM9vQZPjCNyFXbAHmx44
YzCI1xw/xpuTUSW1SyjvMFFkPE2s9AiX7TIFPTLdZ/8tXxN9B3V7nRar5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ3LsYV4AFGmwi4da9TPKm8AY/C8MB8GA1UdIwQY
MBaAFC3qeLEtQ1uX3vv5LHQmXDQzu9ApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGVwNHNTMURXNWZlLV9rc2RDWmNORE83MENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85NmZhZWQtODdjMC00YjAwLTgxNzgt
YTFkY2MzZmI5YTRmLzEvbmN1eGhYZ0FVYWJDTGgxcjFNOHFid0JqOEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS85NmZhZWQtODdjMC00YjAwLTgxNzgtYTFkY2MzZmI5YTRm
LzEvTGVwNHNTMURXNWZlLV9rc2RDWmNORE83MENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGH4aAAwQA
WWsLAwQFWd8gMA0GCSqGSIb3DQEBCwUAA4IBAQApoSvsYuH5IcuFAYxas7RD/1IZ
d6bterOfH0Vqx+XRgid8s+Oy6cPLxUyvzVjJs2jgPDPi/9/7x0u9jmit8vgWWkwP
l/Z4L+vaGReQoND25f+iOLImYKb6FmKqBuwlPC8Yfg+G/z9Qx1dAjgJL+NhTdsg/
OxgXfDtLyf5RDTdAvDFuOub+DdVIcGJc+bSJeKSF92yj7R+svlxSTUfD+xKiRcy0
BKfRGQV2XdLB2WKN8Y2uUbmSmED2HJNwBAjPvAWmzGN4/H1q0smD33oTLA3H9wLw
ohSB7M0xiPPBBt+rhnlwsAjGXWvK2X2kEbM6wx6u3FwNteCQyjRLFDKGF+CM
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:46:48 2025 by rpki-client