Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nW0oqONcQjJ2-x4XMU0xUTsOnMU.roa
File: nW0oqONcQjJ2-x4XMU0xUTsOnMU.roa (raw, json)
Hash identifier: PUmg98yWzNNiQFojHbuBTlsS5ZgA98kBki7cIgn5exs=
Subject key identifier: 9D:6D:28:A8:E3:5C:42:32:76:FB:1E:17:31:4D:31:51:3B:0E:9C:C5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01882455309835D429C1946ED128CB2D840D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nW0oqONcQjJ2-x4XMU0xUTsOnMU.roa
Signing time: Tue 16 May 2023 11:32:22 +0000
ROA not before: Tue 16 May 2023 11:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15083
IP address blocks: 194.87.121.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:55:30:98:35:d4:29:c1:94:6e:d1:28:cb:2d:84:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 16 11:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d6d28a8e35c423276fb1e17314d31513b0e9cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bb:73:5d:26:d8:e8:56:f6:48:78:71:fe:2f:
64:e5:4c:6d:7a:17:c6:e6:23:0f:46:dc:13:fe:dc:
b2:77:5d:95:de:6c:60:91:a1:78:d2:db:34:e8:12:
d9:aa:17:3f:e0:97:11:45:ec:47:64:e9:8a:89:26:
5e:28:09:07:1d:62:04:a1:54:f9:a2:ca:b7:e3:00:
cd:f2:d0:73:89:24:8c:c3:40:43:f2:f0:40:59:e1:
61:c1:2c:92:d9:e2:39:ad:bd:6f:83:1c:65:8b:4b:
05:ea:1e:6d:5f:f3:12:ec:c3:52:47:be:e8:80:9c:
e6:0b:60:fa:e4:71:16:e5:25:57:dc:38:a6:30:74:
af:42:6c:b7:d5:1d:1f:62:b6:22:de:21:12:49:1d:
10:92:8a:fd:17:2f:20:d2:ad:78:2b:85:ed:ed:cf:
45:2a:57:96:7c:b6:2a:93:b3:57:aa:a1:ea:78:8e:
3b:ca:4b:3f:8e:fd:a1:a1:85:77:a1:70:c9:f6:fd:
e5:b5:45:10:38:1e:06:5b:37:60:23:12:4f:c5:ff:
c7:f3:b1:21:eb:75:45:ff:7c:91:5f:9a:7a:4e:19:
dd:8c:5b:69:31:3b:28:ca:f5:7c:4c:4f:b0:46:5a:
43:af:92:c9:ce:41:77:34:a3:ad:71:d2:be:07:f9:
74:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6D:28:A8:E3:5C:42:32:76:FB:1E:17:31:4D:31:51:3B:0E:9C:C5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nW0oqONcQjJ2-x4XMU0xUTsOnMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.120.0/23
Signature Algorithm: sha256WithRSAEncryption
08:b1:98:1d:68:33:03:fd:a4:c5:fb:1a:f3:02:1c:55:38:bd:
f8:e7:49:ae:03:33:92:b0:35:88:a2:d0:8b:24:ec:61:12:1d:
4b:81:d5:d8:a4:db:ca:85:c3:cd:9f:6c:c0:62:6f:29:52:cb:
e2:ce:5e:36:89:16:e2:05:13:e7:ed:92:a5:0c:cb:09:a8:97:
04:23:66:9d:06:78:aa:9c:5d:0a:45:5c:e7:d0:38:81:e7:b4:
07:63:72:8e:20:af:f6:7d:4d:1c:01:66:9a:4f:5a:4c:dd:dc:
4b:4b:79:7a:47:3a:c1:12:09:bd:6d:98:57:a4:58:a9:e8:b5:
5c:29:7d:7f:4f:d7:4d:27:9e:53:ed:30:af:ef:f2:0d:67:8a:
8e:b1:c0:ae:6a:91:c8:f8:54:17:5e:23:3b:62:46:1c:2b:75:
2b:f2:a8:bb:aa:cc:c2:d8:cf:e2:fb:4c:af:58:aa:0a:d2:27:
80:25:63:5d:4a:42:ca:62:6d:09:c0:0c:6c:2b:aa:b1:29:08:
63:12:59:04:9a:4a:26:20:e9:6d:08:b0:ba:8b:a0:ff:b6:20:
c4:37:e4:a2:90:0d:bb:84:0a:f6:59:02:20:a6:ef:22:5d:59:
9c:e4:5c:9f:37:61:76:36:53:4b:22:3e:20:dc:a3:ff:74:65:
d2:26:b4:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgkVTCYNdQpwZRu0SjLLYQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE2MTEzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZkMjhhOGUzNWM0MjMyNzZmYjFlMTczMTRkMzE1MTNiMGU5Y2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobtzXSbY6Fb2SHhx/i9k5UxtehfG
5iMPRtwT/tyyd12V3mxgkaF40ts06BLZqhc/4JcRRexHZOmKiSZeKAkHHWIEoVT5
osq34wDN8tBziSSMw0BD8vBAWeFhwSyS2eI5rb1vgxxli0sF6h5tX/MS7MNSR77o
gJzmC2D65HEW5SVX3DimMHSvQmy31R0fYrYi3iESSR0Qkor9Fy8g0q14K4Xt7c9F
KleWfLYqk7NXqqHqeI47yks/jv2hoYV3oXDJ9v3ltUUQOB4GWzdgIxJPxf/H87Eh
63VF/3yRX5p6ThndjFtpMTsoyvV8TE+wRlpDr5LJzkF3NKOtcdK+B/l0RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1tKKjjXEIydvseFzFNMVE7DpzFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvblcwb3FPTmNRakoyLXg0WE1VMHhVVHNPbk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwld4MA0G
CSqGSIb3DQEBCwUAA4IBAQAIsZgdaDMD/aTF+xrzAhxVOL3450muAzOSsDWIotCL
JOxhEh1LgdXYpNvKhcPNn2zAYm8pUsvizl42iRbiBRPn7ZKlDMsJqJcEI2adBniq
nF0KRVzn0DiB57QHY3KOIK/2fU0cAWaaT1pM3dxLS3l6RzrBEgm9bZhXpFip6LVc
KX1/T9dNJ55T7TCv7/INZ4qOscCuapHI+FQXXiM7YkYcK3Ur8qi7qszC2M/i+0yv
WKoK0ieAJWNdSkLKYm0JwAxsK6qxKQhjElkEmkomIOltCLC6i6D/tiDEN+SikA27
hAr2WQIgpu8iXVmc5FyfN2F2NlNLIj4g3KP/dGXSJrQs
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:36:15 2025 by rpki-client