Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NGb7pCsCsapOsoxTpilaUF-T2wc.roa
File: NGb7pCsCsapOsoxTpilaUF-T2wc.roa (raw, json)
Hash identifier: yB6tTXUhVoNpbn3LLbrvR/4/U5ajw+XXhUAXJo8TjHM=
Subject key identifier: 34:66:FB:A4:2B:02:B1:AA:4E:B2:8C:53:A6:29:5A:50:5F:93:DB:07
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B10807C4FA3EFB7C936AC99602F3B
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NGb7pCsCsapOsoxTpilaUF-T2wc.roa
Signing time: Sun 01 Jan 2023 13:35:08 +0000
ROA not before: Sun 01 Jan 2023 13:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203042
IP address blocks: 194.209.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:10:80:7c:4f:a3:ef:b7:c9:36:ac:99:60:2f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3466fba42b02b1aa4eb28c53a6295a505f93db07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:67:e7:74:4e:11:fc:94:96:28:11:ba:df:23:
df:5c:49:97:bc:5e:40:a8:00:22:48:3d:b8:5b:15:
14:4b:df:69:0b:8d:81:69:9b:eb:f2:8d:8a:6a:37:
34:e5:c9:7f:63:9b:81:c0:c2:21:c5:b0:2c:12:84:
8d:b6:ca:74:0b:b7:02:27:22:4a:3b:3d:8c:77:de:
c4:13:4d:b6:73:dd:31:5a:8e:0d:06:e4:93:44:c1:
ff:40:fe:1b:bb:ea:1f:a0:73:1f:01:5e:99:91:52:
2c:34:40:f2:77:f7:6d:39:3b:06:38:bc:b0:b9:3d:
f9:4b:1b:35:5d:d4:a6:85:b4:f3:50:43:c1:6d:f6:
db:5f:9d:db:37:6b:5e:25:ae:39:2d:e5:ef:f9:05:
a5:60:58:ea:2f:a0:17:b6:c0:86:40:c7:5a:3c:53:
d3:02:19:dd:2e:8d:38:e6:67:d6:36:9d:3d:c2:5a:
92:27:a2:a6:b3:24:1c:fc:a8:2f:cb:be:6e:9a:1c:
46:d2:df:54:54:0d:74:66:4b:1a:bc:58:4f:de:b1:
0a:90:7b:c0:5b:74:d1:cd:b3:c0:83:66:16:ce:d6:
94:8a:74:a5:b2:12:72:93:fd:28:19:99:fb:b9:71:
9e:1d:ca:15:f9:3c:19:97:e1:6f:6b:36:47:d7:6c:
88:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:66:FB:A4:2B:02:B1:AA:4E:B2:8C:53:A6:29:5A:50:5F:93:DB:07
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/NGb7pCsCsapOsoxTpilaUF-T2wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.64.0/24
Signature Algorithm: sha256WithRSAEncryption
17:54:98:4f:4c:5f:77:05:fb:aa:83:2c:26:bf:9f:2b:c8:2d:
2b:80:53:f6:d4:dc:72:40:d2:d5:d0:e2:40:dc:0f:be:ea:fd:
41:0f:b9:b4:c0:9b:3d:0c:3c:39:3d:f1:6f:3c:68:ca:51:4d:
04:cf:34:6c:f2:54:dd:86:f5:0b:b0:90:53:b3:80:e4:87:7b:
97:9b:e6:40:13:28:0e:ec:f2:22:1a:0c:03:78:fb:cf:25:89:
08:61:f6:35:82:2e:eb:ff:25:f1:2d:ca:46:05:03:8f:e7:a0:
bd:26:af:c9:cb:e5:52:08:15:c4:69:da:8b:50:02:37:ec:d8:
c6:96:98:8a:30:50:89:dd:f5:9c:49:96:91:fa:68:b9:63:c6:
36:58:5e:9d:ce:c0:c2:19:41:17:1e:b8:6d:bd:0e:d8:b9:11:
23:37:45:97:93:f6:75:77:2c:29:b8:c2:95:75:5d:f1:25:0c:
1f:25:f5:30:46:82:2b:7a:01:5f:83:d3:04:56:8e:13:ff:e0:
39:e7:62:95:e8:4a:e4:6a:5d:89:dd:70:5d:0d:3e:4e:20:35:
a4:9e:bd:84:2e:64:be:cc:77:36:52:d0:50:ab:ef:88:69:73:
ff:6a:6b:35:7a:9c:43:6f:41:ec:e7:b6:a6:cc:cf:fb:cd:7c:
fc:b0:82:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtixCAfE+j77fJNqyZYC87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY2ZmJhNDJiMDJiMWFhNGViMjhjNTNhNjI5NWE1MDVmOTNkYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2fndE4R/JSWKBG63yPfXEmXvF5A
qAAiSD24WxUUS99pC42BaZvr8o2Kajc05cl/Y5uBwMIhxbAsEoSNtsp0C7cCJyJK
Oz2Md97EE022c90xWo4NBuSTRMH/QP4bu+ofoHMfAV6ZkVIsNEDyd/dtOTsGOLyw
uT35Sxs1XdSmhbTzUEPBbfbbX53bN2teJa45LeXv+QWlYFjqL6AXtsCGQMdaPFPT
AhndLo045mfWNp09wlqSJ6KmsyQc/Kgvy75umhxG0t9UVA10ZksavFhP3rEKkHvA
W3TRzbPAg2YWztaUinSlshJyk/0oGZn7uXGeHcoV+TwZl+FvazZH12yIkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRm+6QrArGqTrKMU6YpWlBfk9sHMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvTkdiN3BDc0NzYXBPc294VHBpbGFVRi1UMndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwtFAMA0G
CSqGSIb3DQEBCwUAA4IBAQAXVJhPTF93Bfuqgywmv58ryC0rgFP21NxyQNLV0OJA
3A++6v1BD7m0wJs9DDw5PfFvPGjKUU0EzzRs8lTdhvULsJBTs4Dkh3uXm+ZAEygO
7PIiGgwDePvPJYkIYfY1gi7r/yXxLcpGBQOP56C9Jq/Jy+VSCBXEadqLUAI37NjG
lpiKMFCJ3fWcSZaR+mi5Y8Y2WF6dzsDCGUEXHrhtvQ7YuREjN0WXk/Z1dywpuMKV
dV3xJQwfJfUwRoIregFfg9MEVo4T/+A552KV6Erkal2J3XBdDT5OIDWknr2ELmS+
zHc2UtBQq++IaXP/ams1epxDb0Hs57amzM/7zXz8sIIZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:47:54 2025 by rpki-client