Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/nrPG9XfRFuGzxPANv0rEOFAm94U.roa
File: nrPG9XfRFuGzxPANv0rEOFAm94U.roa (raw, json)
Hash identifier: zoaHfLGFJARsBKfo6nhtq6k5OTnRVEzdkDDMZa4EZEo=
Subject key identifier: 9E:B3:C6:F5:77:D1:16:E1:B3:C4:F0:0D:BF:4A:C4:38:50:26:F7:85
Certificate issuer: /CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Certificate serial: 018323048CD424A0771AE7E42264ADEF0DDF
Authority key identifier: C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/nrPG9XfRFuGzxPANv0rEOFAm94U.roa
Signing time: Fri 09 Sep 2022 16:10:44 +0000
ROA not before: Fri 09 Sep 2022 16:10:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201263
IP address blocks: 147.229.255.0/24 maxlen: 24
2001:67c:1223::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:23:04:8c:d4:24:a0:77:1a:e7:e4:22:64:ad:ef:0d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Validity
Not Before: Sep 9 16:10:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eb3c6f577d116e1b3c4f00dbf4ac4385026f785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d3:37:b0:c1:3d:79:21:36:9a:fd:a0:8d:f3:
30:1a:05:25:5f:bf:01:12:a9:6e:fd:50:ef:c1:17:
c6:fe:b4:71:b1:5d:ae:ff:07:3c:e3:22:f4:b7:a2:
73:51:62:73:80:19:f2:2b:e4:c8:89:be:3b:e9:cb:
3b:d7:39:b3:5c:7c:50:26:af:b9:3b:5a:0a:39:7d:
ce:9f:41:3f:6c:22:0d:7b:3f:90:ff:6d:d7:95:50:
cb:3c:7b:b3:08:e2:24:f4:3a:7a:39:8c:22:3c:b7:
aa:45:f4:13:40:d5:63:3e:1f:bd:56:82:26:81:8d:
17:83:8a:6f:fd:8f:44:f4:f5:e8:5f:d5:70:ed:32:
1f:88:d0:de:f5:40:ae:75:41:c3:85:9f:da:1d:b3:
5c:50:0b:03:fc:b6:f3:59:da:03:32:e7:b7:f5:4d:
03:5a:bd:a8:64:4e:e3:91:87:d1:0d:40:a7:ad:ad:
1d:b1:82:dc:1a:1d:2c:26:77:2d:e3:20:6e:ca:fe:
fd:b6:cc:25:36:ee:01:0e:a2:fe:10:30:01:c9:37:
4f:2e:27:f3:2a:04:e0:69:e4:f6:1f:b1:aa:11:96:
d0:43:5a:6a:db:7b:30:d8:b8:b9:27:ca:1e:65:b6:
0f:b5:f4:5e:65:b4:35:a2:12:4c:3f:bc:cc:7e:e2:
1f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B3:C6:F5:77:D1:16:E1:B3:C4:F0:0D:BF:4A:C4:38:50:26:F7:85
X509v3 Authority Key Identifier:
keyid:C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/nrPG9XfRFuGzxPANv0rEOFAm94U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/xUUK-nPwuHpCACjCsqSMzg_pKwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.229.255.0/24
IPv6:
2001:67c:1223::/48
Signature Algorithm: sha256WithRSAEncryption
cd:d1:9d:af:c8:62:9f:9a:68:34:21:da:c1:ad:0c:66:f5:87:
94:32:65:ea:75:3b:ec:51:f8:24:6a:98:76:54:f4:3c:91:c1:
ba:4c:9c:0f:d5:07:58:17:79:1c:82:0f:b3:f7:8b:13:b5:f7:
74:db:05:97:b6:86:72:1d:7c:d3:18:c5:2a:19:83:e5:a3:4d:
8d:58:4d:24:f0:32:b6:43:20:9b:d3:e7:26:a0:a0:ec:75:f5:
a3:0b:f4:2c:9e:5f:df:d7:32:04:fe:47:44:4c:47:3a:7d:94:
50:94:ca:c2:12:e6:6a:c7:00:d6:a3:44:2a:c8:b5:17:3d:0c:
c8:4e:16:21:ba:57:c7:d6:97:37:b5:01:b2:50:82:32:c9:8d:
3b:57:1a:24:95:85:4c:9c:04:9d:4d:71:54:4f:ba:b2:77:ed:
78:ab:89:db:21:57:6f:17:3d:28:c8:79:c9:ae:65:5a:29:36:
56:63:58:33:0c:32:1b:d1:d7:39:5c:ec:eb:65:7e:ab:bf:42:
2e:c2:1f:80:9a:8e:c4:ed:8b:26:29:85:ac:fd:13:dd:b1:b9:
92:0a:2f:89:15:3d:97:dc:d5:6a:c6:d6:fa:3a:42:f8:55:31:
7f:11:a2:5a:74:7d:97:37:6d:79:af:a7:e2:48:8d:8d:0d:26:
9b:28:a5:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMjBIzUJKB3GufkImSt7w3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDUwYWZhNzNmMGI4N2E0MjAwMjhjMmIyYTQ4Y2NlMGZl
OTJiMGEwHhcNMjIwOTA5MTYxMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWIzYzZmNTc3ZDExNmUxYjNjNGYwMGRiZjRhYzQzODUwMjZmNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NM3sME9eSE2mv2gjfMwGgUlX78B
Eqlu/VDvwRfG/rRxsV2u/wc84yL0t6JzUWJzgBnyK+TIib476cs71zmzXHxQJq+5
O1oKOX3On0E/bCINez+Q/23XlVDLPHuzCOIk9Dp6OYwiPLeqRfQTQNVjPh+9VoIm
gY0Xg4pv/Y9E9PXoX9Vw7TIfiNDe9UCudUHDhZ/aHbNcUAsD/LbzWdoDMue39U0D
Wr2oZE7jkYfRDUCnra0dsYLcGh0sJnct4yBuyv79tswlNu4BDqL+EDAByTdPLifz
KgTgaeT2H7GqEZbQQ1pq23sw2Li5J8oeZbYPtfReZbQ1ohJMP7zMfuIfoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ6zxvV30Rbhs8TwDb9KxDhQJveFMB8GA1UdIwQY
MBaAFMVFCvpz8Lh6QgAowrKkjM4P6SsKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUt
NjY0YTk5MjZmMzMzLzEvbnJQRzlYZlJGdUd6eFBBTnYwckVPRkFtOTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUtNjY0YTk5MjZmMzMz
LzEveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAk+X/MA8E
AgACMAkDBwAgAQZ8EiMwDQYJKoZIhvcNAQELBQADggEBAM3Rna/IYp+aaDQh2sGt
DGb1h5QyZep1O+xR+CRqmHZU9DyRwbpMnA/VB1gXeRyCD7P3ixO193TbBZe2hnId
fNMYxSoZg+WjTY1YTSTwMrZDIJvT5yagoOx19aML9CyeX9/XMgT+R0RMRzp9lFCU
ysIS5mrHANajRCrItRc9DMhOFiG6V8fWlze1AbJQgjLJjTtXGiSVhUycBJ1NcVRP
urJ37XiridshV28XPSjIecmuZVopNlZjWDMMMhvR1zlc7Otlfqu/Qi7CH4CajsTt
iyYphaz9E92xuZIKL4kVPZfc1WrG1vo6QvhVMX8Rolp0fZc3bXmvp+JIjY0NJpso
pTs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:37:38 2025 by rpki-client