Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/NH9sb7-H10pJ5j1WaeAbOtwn0NE.roa
File: NH9sb7-H10pJ5j1WaeAbOtwn0NE.roa (raw, json)
Hash identifier: rQ2Gsd/szrhZmyeM2fjaRX6fsLT01RiHy4j/n2qUi7E=
Subject key identifier: 34:7F:6C:6F:BF:87:D7:4A:49:E6:3D:56:69:E0:1B:3A:DC:27:D0:D1
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 013928D4
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/NH9sb7-H10pJ5j1WaeAbOtwn0NE.roa
Signing time: Sat 01 Jan 2022 12:03:45 +0000
ROA not before: Sat 01 Jan 2022 12:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 185.211.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20523220 (0x13928d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jan 1 12:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=347f6c6fbf87d74a49e63d5669e01b3adc27d0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b1:6f:d3:7d:8c:d4:44:04:1b:af:da:b5:32:
e5:06:f3:8c:8d:4d:2d:7a:0c:1f:19:c1:94:91:44:
86:89:55:13:b1:df:52:4d:74:b4:75:71:2b:bc:52:
72:9e:c7:14:21:3c:7b:9c:ea:e2:ec:43:1c:97:b8:
6d:c0:a9:a9:53:3e:73:93:25:1a:25:ea:31:b1:17:
84:77:fb:e9:4f:1b:bb:ea:82:db:9d:3f:f6:63:de:
29:23:0d:8c:6a:da:ac:a4:4a:0b:25:1e:84:3a:f2:
2a:a3:fb:83:40:f8:55:ce:f1:2f:94:cd:da:77:da:
1d:e9:e6:7e:dc:85:bb:7e:d7:2f:41:38:5e:92:17:
fd:8e:b7:9e:14:88:fc:dd:ef:d6:5c:18:c8:b6:3e:
af:88:72:45:34:60:98:a5:82:a6:e6:b3:a4:6c:10:
a6:89:dd:e2:cc:45:42:45:ba:ee:d4:20:de:d2:08:
9a:76:61:d4:b6:9d:ae:e7:ee:7b:06:44:84:83:d4:
e0:a0:ec:19:35:e7:44:40:6c:66:af:23:b0:a3:31:
7f:71:b6:5a:34:64:20:f4:d2:b2:fc:c1:e8:8c:d6:
c9:b0:60:54:76:52:a9:d3:b2:47:94:b1:a7:f5:3b:
b7:c6:8b:7e:69:4e:da:82:94:76:5d:d7:18:79:e1:
3b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7F:6C:6F:BF:87:D7:4A:49:E6:3D:56:69:E0:1B:3A:DC:27:D0:D1
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/NH9sb7-H10pJ5j1WaeAbOtwn0NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.41.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:86:66:d0:1b:fc:8a:84:25:e2:17:79:82:07:21:ab:1b:8c:
e0:cf:95:56:bd:ed:19:3a:5e:45:46:f6:00:ff:a4:14:5b:bc:
7e:3f:14:75:a1:a7:35:83:23:b0:c7:1b:fb:1b:f4:53:65:f9:
35:08:2a:f5:8a:98:14:93:57:94:d6:78:9d:15:bf:3b:0f:43:
b8:fc:e9:91:25:1b:db:df:48:9e:f7:73:01:8a:0e:60:04:df:
da:5d:23:8b:c4:55:ea:31:44:fb:ea:cd:42:38:f6:bb:6e:55:
e4:09:da:7d:1f:5f:a8:e9:27:4d:e5:5d:01:bd:77:42:61:fb:
e1:20:f6:14:c9:60:8f:64:f8:f6:e6:f4:cc:56:c4:06:15:5b:
24:89:80:13:84:05:79:22:c6:77:0c:76:02:34:1f:0f:32:01:
4b:a0:ec:19:bc:18:70:83:5f:17:ad:cc:a9:97:8a:57:b7:26:
eb:3d:9f:ef:8c:37:cf:ef:1c:1d:5f:fe:fe:ea:f4:71:78:2a:
f4:f3:6a:2b:56:dd:45:ef:44:18:5a:60:7b:2e:2a:9b:6a:a2:
85:e6:f6:32:3e:42:65:07:a3:28:22:6d:b9:24:e6:5b:05:fe:
44:c5:44:53:19:8d:55:cc:49:83:d0:5b:2f:0a:68:11:df:6f:
71:84:d2:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATko1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTdiZjRmYmVhODk0ZjQzZWViM2RiMWIyMTZlNTc3NjZlMDFhYjgxMB4XDTIyMDEw
MTEyMDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQ3ZjZjNmZiZjg3
ZDc0YTQ5ZTYzZDU2NjllMDFiM2FkYzI3ZDBkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmxb9N9jNREBBuv2rUy5QbzjI1NLXoMHxnBlJFEholVE7Hf
Uk10tHVxK7xScp7HFCE8e5zq4uxDHJe4bcCpqVM+c5MlGiXqMbEXhHf76U8bu+qC
250/9mPeKSMNjGrarKRKCyUehDryKqP7g0D4Vc7xL5TN2nfaHenmftyFu37XL0E4
XpIX/Y63nhSI/N3v1lwYyLY+r4hyRTRgmKWCpuazpGwQpond4sxFQkW67tQg3tII
mnZh1LadrufuewZEhIPU4KDsGTXnREBsZq8jsKMxf3G2WjRkIPTSsvzB6IzWybBg
VHZSqdOyR5Sxp/U7t8aLfmlO2oKUdl3XGHnhO90CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ0f2xvv4fXSknmPVZp4Bs63CfQ0TAfBgNVHSMEGDAWgBTRe/T76olPQ+6z
2xshbld2bgGrgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBYdjAtLXFKVDBQdXM5c2JJVzVYZG00QnE0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8x
L05IOXNiNy1IMTBwSjVqMVdhZUFiT3R3bjBORS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8xLzBYdjAtLXFKVDBQ
dXM5c2JJVzVYZG00QnE0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnTKTANBgkqhkiG9w0BAQsFAAOC
AQEAXYZm0Bv8ioQl4hd5ggchqxuM4M+VVr3tGTpeRUb2AP+kFFu8fj8UdaGnNYMj
sMcb+xv0U2X5NQgq9YqYFJNXlNZ4nRW/Ow9DuPzpkSUb299InvdzAYoOYATf2l0j
i8RV6jFE++rNQjj2u25V5AnafR9fqOknTeVdAb13QmH74SD2FMlgj2T49ub0zFbE
BhVbJImAE4QFeSLGdwx2AjQfDzIBS6DsGbwYcINfF63MqZeKV7cm6z2f74w3z+8c
HV/+/ur0cXgq9PNqK1bdRe9EGFpgey4qm2qiheb2Mj5CZQejKCJtuSTmWwX+RMVE
UxmNVcxJg9BbLwpoEd9vcYTSLQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:30:40 2025 by rpki-client