Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/nLMDlZbvyg3cIjilD26qs68r0lY.roa
File: nLMDlZbvyg3cIjilD26qs68r0lY.roa (raw, json)
Hash identifier: IxkSRHLo4uJpDI9nACQhQrCG7D2Z3h/SyAUfFTcQ6MY=
Subject key identifier: 9C:B3:03:95:96:EF:CA:0D:DC:22:38:A5:0F:6E:AA:B3:AF:2B:D2:56
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50C6609E
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/nLMDlZbvyg3cIjilD26qs68r0lY.roa
Signing time: Sat 01 Jan 2022 16:01:41 +0000
ROA not before: Sat 01 Jan 2022 16:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13277
IP address blocks: 194.209.13.0/24 maxlen: 24
194.209.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1355178142 (0x50c6609e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cb3039596efca0ddc2238a50f6eaab3af2bd256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:49:5f:0e:41:57:85:6b:3d:bb:04:1a:a6:c1:
17:06:c2:07:73:56:12:6c:cd:07:36:6d:78:df:5a:
bb:84:15:6b:31:11:bb:48:d8:00:e2:07:65:59:37:
b3:4d:55:e4:73:a1:23:9f:46:05:7c:55:65:cf:57:
be:1c:10:0f:d1:b4:d7:f4:3c:80:04:fd:7f:de:6a:
71:56:9b:ad:c9:02:cc:fb:3a:a4:f7:6e:d4:09:28:
95:a6:bc:0c:4d:ca:78:b9:4e:5a:c4:c0:d6:4d:25:
b1:22:6f:67:23:bf:07:0c:a7:fa:63:63:fb:d1:5f:
fa:34:14:fd:5b:c4:78:ab:7f:be:4f:f8:91:84:81:
7c:9f:a6:2b:39:96:a6:62:13:45:5b:fd:cd:36:44:
15:bb:5b:6b:5b:d7:48:5b:79:d5:9b:14:6a:a1:dc:
9f:9f:d6:ce:8f:4f:8b:61:6c:43:24:d6:cf:a0:a3:
a8:5d:8d:49:c7:78:2e:52:25:4f:fd:a9:58:b8:86:
fb:5c:05:61:a9:34:a3:b8:f7:de:fc:ec:4b:11:23:
d2:54:5b:61:23:df:dc:a5:00:b8:2f:ab:ed:9c:9e:
5c:99:f4:c9:92:5d:d8:09:76:24:98:7b:fe:d2:8f:
7f:cc:0b:59:c1:27:97:d7:1b:78:e4:e2:a5:72:ce:
00:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B3:03:95:96:EF:CA:0D:DC:22:38:A5:0F:6E:AA:B3:AF:2B:D2:56
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/nLMDlZbvyg3cIjilD26qs68r0lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.13.0/24
194.209.211.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:10:38:d3:0d:87:22:74:71:57:35:52:3f:bf:35:ac:3b:5a:
4c:43:40:ea:23:12:3f:a7:b0:b9:47:bf:7e:35:be:de:1f:ae:
95:2a:b7:b7:ff:9d:23:9b:e9:be:a2:2f:d2:1d:b2:1d:3d:b1:
21:03:c1:c0:35:a2:99:75:ea:8b:c4:de:4c:21:8d:db:28:82:
1f:2b:56:da:9b:90:64:df:f1:9a:5d:95:24:c2:32:4d:67:a3:
64:d8:87:29:0c:b4:e2:d9:bc:d3:b2:60:fd:da:7d:6d:29:de:
6e:bc:0e:04:1f:d7:a5:6a:3b:95:e8:a2:a2:84:72:e4:3c:e1:
f2:f0:2f:26:d2:21:61:67:42:5d:2c:9d:a4:47:17:ec:78:ce:
42:ef:29:de:7a:a2:42:93:43:76:a8:81:df:ef:1a:67:7d:50:
45:d7:d4:af:f0:a5:51:33:8d:54:bb:9b:a4:05:a1:95:9f:93:
49:21:0e:95:3b:6c:a9:b8:f9:c4:36:c0:94:9d:eb:c6:eb:f2:
a1:e3:c7:02:f9:d4:65:74:48:94:3d:70:26:5a:f9:df:ef:3f:
af:31:69:36:50:ac:15:69:1b:38:33:04:d0:53:f8:ee:52:a7:
77:d1:04:17:06:c7:36:ac:fb:fa:13:0c:a2:1e:03:62:45:61:
48:b1:73:2a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEUMZgnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNiMzAzOTU5NmVm
Y2EwZGRjMjIzOGE1MGY2ZWFhYjNhZjJiZDI1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhJXw5BV4VrPbsEGqbBFwbCB3NWEmzNBzZteN9au4QVazER
u0jYAOIHZVk3s01V5HOhI59GBXxVZc9XvhwQD9G01/Q8gAT9f95qcVabrckCzPs6
pPdu1Akolaa8DE3KeLlOWsTA1k0lsSJvZyO/Bwyn+mNj+9Ff+jQU/VvEeKt/vk/4
kYSBfJ+mKzmWpmITRVv9zTZEFbtba1vXSFt51ZsUaqHcn5/Wzo9Pi2FsQyTWz6Cj
qF2NScd4LlIlT/2pWLiG+1wFYak0o7j33vzsSxEj0lRbYSPf3KUAuC+r7ZyeXJn0
yZJd2Al2JJh7/tKPf8wLWcEnl9cbeOTipXLOANkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBScswOVlu/KDdwiOKUPbqqzryvSVjAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L25MTURsWmJ2eWczY0lqaWxEMjZxczY4cjBsWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMLRDQMEAMLR0zANBgkqhkiG9w0B
AQsFAAOCAQEAqxA40w2HInRxVzVSP781rDtaTENA6iMSP6ewuUe/fjW+3h+ulSq3
t/+dI5vpvqIv0h2yHT2xIQPBwDWimXXqi8TeTCGN2yiCHytW2puQZN/xml2VJMIy
TWejZNiHKQy04tm807Jg/dp9bSnebrwOBB/XpWo7leiiooRy5Dzh8vAvJtIhYWdC
XSydpEcX7HjOQu8p3nqiQpNDdqiB3+8aZ31QRdfUr/ClUTONVLubpAWhlZ+TSSEO
lTtsqbj5xDbAlJ3rxuvyoePHAvnUZXRIlD1wJlr53+8/rzFpNlCsFWkbODME0FP4
7lKnd9EEFwbHNqz7+hMMoh4DYkVhSLFzKg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:00:06 2025 by rpki-client