Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/nXtva8BSHhu09QIwILfaPFnF4L4.roa
File: nXtva8BSHhu09QIwILfaPFnF4L4.roa (raw, json)
Hash identifier: EF9ZT1e1YNm3J8TtFP/L0hbZfhQ9hRIhJ8IrRG4zHMs=
Subject key identifier: 9D:7B:6F:6B:C0:52:1E:1B:B4:F5:02:30:20:B7:DA:3C:59:C5:E0:BE
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 0182A827777A7A02DDC3E6E3F6A1871DAD76
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/nXtva8BSHhu09QIwILfaPFnF4L4.roa
Signing time: Tue 16 Aug 2022 19:35:34 +0000
ROA not before: Tue 16 Aug 2022 19:35:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3227
IP address blocks: 185.37.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a8:27:77:7a:7a:02:dd:c3:e6:e3:f6:a1:87:1d:ad:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Aug 16 19:35:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d7b6f6bc0521e1bb4f5023020b7da3c59c5e0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:50:34:60:41:8b:fc:26:4e:68:c5:1e:91:17:
60:75:14:66:05:a8:4e:0b:45:4d:7f:0b:f1:79:51:
a5:c9:2f:c3:3e:e2:c6:5d:de:46:5f:38:fa:19:75:
52:26:7f:d8:2e:11:46:51:64:cc:53:9c:57:dc:31:
c7:ae:da:a2:15:a2:9b:6d:bf:de:f5:fa:ab:39:c2:
2c:b7:aa:aa:ff:d6:5f:23:47:d9:cd:22:9f:2e:f1:
69:c2:85:3b:f4:e8:75:bb:70:66:4a:e4:60:25:c5:
f3:25:8d:02:92:19:6e:cc:c9:58:51:21:12:c6:f4:
07:1a:c0:83:9f:e9:c2:4c:77:4e:5d:1b:78:f1:5d:
8a:1b:ec:29:40:5e:c8:9a:8d:99:b0:e8:ca:bc:b2:
e8:c5:38:ef:a6:99:0e:10:9b:38:16:4c:7b:02:a2:
9b:20:98:ef:86:86:70:a1:b8:c6:6e:1c:f8:98:c2:
b7:1b:b5:9f:37:d2:30:8a:3b:25:ff:a7:f0:32:73:
ed:2e:24:54:22:b2:bf:02:5b:d8:79:f1:6d:2d:0f:
8d:33:43:88:a7:ec:51:3a:93:a7:5a:13:5d:be:4d:
c3:9f:eb:8d:39:02:ac:e6:25:36:56:4f:76:ca:20:
37:64:8e:58:28:40:63:ba:30:ac:1f:43:65:81:da:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7B:6F:6B:C0:52:1E:1B:B4:F5:02:30:20:B7:DA:3C:59:C5:E0:BE
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/nXtva8BSHhu09QIwILfaPFnF4L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.61.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a4:0b:f6:3e:3b:70:0a:ae:f4:4a:63:4e:67:ba:b6:c4:b2:
32:38:69:df:aa:3e:73:86:79:66:bd:c2:8d:e4:8e:5e:a4:9d:
ca:ab:f5:d7:c6:a3:c1:fd:cc:09:ff:a4:83:58:a9:3a:80:5e:
c2:bf:f1:da:79:d1:c5:b6:4f:de:70:7c:e7:c1:24:dc:81:e0:
cb:65:af:f2:7b:0b:97:52:d6:8b:c2:1d:5d:ec:9e:16:d3:bb:
8c:06:70:ad:c0:a9:e9:63:bf:32:8d:75:6d:c8:73:87:0c:9e:
b2:7b:22:39:e3:c6:d5:15:7a:a7:49:8c:6d:1a:44:74:56:75:
e3:3f:ed:2e:05:30:3f:d7:b9:63:64:07:92:49:3c:73:0d:e5:
29:06:3c:2a:0f:0d:ce:a1:cd:96:99:1c:ba:1f:b0:e1:a8:a0:
78:81:03:48:07:75:b8:94:80:fc:fc:bf:ab:44:1c:a7:91:84:
00:87:e8:c9:83:64:16:4e:29:8f:1a:df:a9:c4:4c:a7:53:87:
48:52:ee:64:26:d3:d4:d9:03:cb:aa:50:0f:08:34:9a:92:8d:
18:3a:c8:92:da:de:bc:65:4d:56:8e:27:ea:39:ce:8d:16:85:
ae:4c:5b:76:5a:0f:0e:4e:76:aa:ee:0f:2f:c6:b8:23:43:c6:
01:95:a5:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKoJ3d6egLdw+bj9qGHHa12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjIwODE2MTkzNTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdiNmY2YmMwNTIxZTFiYjRmNTAyMzAyMGI3ZGEzYzU5YzVlMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlA0YEGL/CZOaMUekRdgdRRmBahO
C0VNfwvxeVGlyS/DPuLGXd5GXzj6GXVSJn/YLhFGUWTMU5xX3DHHrtqiFaKbbb/e
9fqrOcIst6qq/9ZfI0fZzSKfLvFpwoU79Oh1u3BmSuRgJcXzJY0CkhluzMlYUSES
xvQHGsCDn+nCTHdOXRt48V2KG+wpQF7Imo2ZsOjKvLLoxTjvppkOEJs4Fkx7AqKb
IJjvhoZwobjGbhz4mMK3G7WfN9Iwijsl/6fwMnPtLiRUIrK/AlvYefFtLQ+NM0OI
p+xROpOnWhNdvk3Dn+uNOQKs5iU2Vk92yiA3ZI5YKEBjujCsH0NlgdplFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ17b2vAUh4btPUCMCC32jxZxeC+MB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvblh0dmE4QlNIaHUwOVFJd0lMZmFQRm5GNEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSU9MA0G
CSqGSIb3DQEBCwUAA4IBAQCTpAv2PjtwCq70SmNOZ7q2xLIyOGnfqj5zhnlmvcKN
5I5epJ3Kq/XXxqPB/cwJ/6SDWKk6gF7Cv/HaedHFtk/ecHznwSTcgeDLZa/yewuX
UtaLwh1d7J4W07uMBnCtwKnpY78yjXVtyHOHDJ6yeyI548bVFXqnSYxtGkR0VnXj
P+0uBTA/17ljZAeSSTxzDeUpBjwqDw3Ooc2WmRy6H7DhqKB4gQNIB3W4lID8/L+r
RBynkYQAh+jJg2QWTimPGt+pxEynU4dIUu5kJtPU2QPLqlAPCDSako0YOsiS2t68
ZU1WjifqOc6NFoWuTFt2Wg8OTnaq7g8vxrgjQ8YBlaUS
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:53:42 2025 by rpki-client