Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/NMS3bWHXshzW8J1mpLTh935jOJI.roa
File: NMS3bWHXshzW8J1mpLTh935jOJI.roa (raw, json)
Hash identifier: vQ3biQg7+4Fn9GwtcFQxzo2Z6HtmMO0G2fYNNfmLFeA=
Subject key identifier: 34:C4:B7:6D:61:D7:B2:1C:D6:F0:9D:66:A4:B4:E1:F7:7E:63:38:92
Certificate issuer: /CN=123c3de61011de07101e14dc0727395171cb03ab
Certificate serial: 018C2A7CA7F0505CCB5A1F06E2F62025AF8D
Authority key identifier: 12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/NMS3bWHXshzW8J1mpLTh935jOJI.roa
Signing time: Sat 02 Dec 2023 12:24:21 +0000
ROA not before: Sat 02 Dec 2023 12:24:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206893
IP address blocks: 185.133.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:7c:a7:f0:50:5c:cb:5a:1f:06:e2:f6:20:25:af:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=123c3de61011de07101e14dc0727395171cb03ab
Validity
Not Before: Dec 2 12:24:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34c4b76d61d7b21cd6f09d66a4b4e1f77e633892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a9:fe:d6:2b:31:0b:2a:48:e0:32:d9:51:67:
2a:d2:d2:ad:6b:e7:63:54:65:28:70:46:18:bf:01:
13:78:eb:30:da:6f:b7:a5:a9:64:cf:5d:cc:cc:7e:
de:bb:f5:74:14:ce:df:3c:86:be:40:4c:d7:70:87:
82:97:0c:8d:7b:49:9a:b7:a8:1a:57:d8:e4:e7:90:
7e:e8:65:74:7e:9d:82:0a:2b:60:c4:18:e4:cf:77:
bd:e1:d0:67:29:74:05:17:28:2e:0b:bc:25:57:4e:
c7:2a:fe:f6:5e:f4:49:2b:0d:a0:95:bf:61:da:5f:
67:ca:ee:53:1c:85:d7:82:ba:13:98:dd:41:a7:6e:
d9:f9:8f:7b:da:9a:46:84:01:96:62:58:d3:b5:ac:
20:4e:27:76:81:28:58:1c:d9:56:5e:87:a1:8e:c4:
c8:e1:1f:2a:19:11:7a:4a:aa:97:a9:7e:72:56:79:
8f:56:2b:85:77:23:c9:90:61:be:49:7d:61:4b:08:
9c:b7:b5:42:d9:a9:ea:6e:49:91:84:c8:cc:53:70:
25:3b:ed:85:df:3b:13:6d:4b:a8:0f:14:a0:cf:74:
df:16:d3:89:4c:f8:f7:23:bc:91:50:27:1b:3d:ea:
8d:4e:c7:8d:e2:50:fa:13:6e:df:46:72:3d:07:43:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C4:B7:6D:61:D7:B2:1C:D6:F0:9D:66:A4:B4:E1:F7:7E:63:38:92
X509v3 Authority Key Identifier:
keyid:12:3C:3D:E6:10:11:DE:07:10:1E:14:DC:07:27:39:51:71:CB:03:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ejw95hAR3gcQHhTcByc5UXHLA6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/NMS3bWHXshzW8J1mpLTh935jOJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/229650-8a01-4370-991e-b504c9ae9bbc/1/Ejw95hAR3gcQHhTcByc5UXHLA6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.224.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:97:38:d4:a1:39:ca:70:35:30:4f:ac:07:60:5b:ff:a0:7a:
c6:1a:de:f7:1c:e2:ca:b6:38:2d:0d:69:da:a3:f5:27:70:48:
dc:1f:8d:1a:d7:96:b1:34:4d:cf:76:6a:be:cb:a6:dc:94:72:
a2:60:22:8f:7c:66:58:f6:66:22:a4:62:d4:4b:60:e5:cc:16:
6d:8a:ae:58:27:fb:ec:47:f7:40:1a:70:b2:71:e1:f9:b6:60:
d6:82:90:21:0d:56:9e:b8:cc:dd:0e:fa:42:e3:27:95:01:38:
18:8a:bb:1d:96:00:76:c7:c6:e3:8d:4d:9f:03:56:bd:e9:39:
bc:05:b0:1e:98:df:d1:b8:02:6c:92:71:6c:26:2b:7e:8f:f9:
33:ae:88:b4:23:d2:99:af:52:2c:f5:a4:c3:74:79:0c:8e:22:
ca:0b:07:73:42:0e:43:79:90:c2:a2:37:74:13:cb:eb:60:7f:
c1:b7:0f:c2:e7:af:d6:be:cc:b7:a1:e1:36:96:91:33:90:d7:
1a:33:c5:d8:c5:d7:9d:58:ea:cb:19:df:69:88:db:17:3c:c2:
07:d4:8b:89:ca:16:0c:28:d9:41:e0:03:eb:f8:fa:d7:12:00:
52:4b:5e:d4:6b:ea:a9:5e:83:2e:0a:4e:54:51:57:01:7e:73:
c6:e3:26:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwqfKfwUFzLWh8G4vYgJa+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyM2MzZGU2MTAxMWRlMDcxMDFlMTRkYzA3MjczOTUxNzFj
YjAzYWIwHhcNMjMxMjAyMTIyNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGM0Yjc2ZDYxZDdiMjFjZDZmMDlkNjZhNGI0ZTFmNzdlNjMzODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoan+1isxCypI4DLZUWcq0tKta+dj
VGUocEYYvwETeOsw2m+3palkz13MzH7eu/V0FM7fPIa+QEzXcIeClwyNe0mat6ga
V9jk55B+6GV0fp2CCitgxBjkz3e94dBnKXQFFyguC7wlV07HKv72XvRJKw2glb9h
2l9nyu5THIXXgroTmN1Bp27Z+Y972ppGhAGWYljTtawgTid2gShYHNlWXoehjsTI
4R8qGRF6SqqXqX5yVnmPViuFdyPJkGG+SX1hSwict7VC2anqbkmRhMjMU3AlO+2F
3zsTbUuoDxSgz3TfFtOJTPj3I7yRUCcbPeqNTseN4lD6E27fRnI9B0NfPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTEt21h17Ic1vCdZqS04fd+YziSMB8GA1UdIwQY
MBaAFBI8PeYQEd4HEB4U3AcnOVFxywOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUt
YjUwNGM5YWU5YmJjLzEvTk1TM2JXSFhzaHpXOEoxbXBMVGg5MzVqT0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjk2NTAtOGEwMS00MzcwLTk5MWUtYjUwNGM5YWU5YmJj
LzEvRWp3OTVoQVIzZ2NRSGhUY0J5YzVVWEhMQTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYXgMA0G
CSqGSIb3DQEBCwUAA4IBAQCdlzjUoTnKcDUwT6wHYFv/oHrGGt73HOLKtjgtDWna
o/UncEjcH40a15axNE3Pdmq+y6bclHKiYCKPfGZY9mYipGLUS2DlzBZtiq5YJ/vs
R/dAGnCyceH5tmDWgpAhDVaeuMzdDvpC4yeVATgYirsdlgB2x8bjjU2fA1a96Tm8
BbAemN/RuAJsknFsJit+j/kzroi0I9KZr1Is9aTDdHkMjiLKCwdzQg5DeZDCojd0
E8vrYH/Btw/C56/Wvsy3oeE2lpEzkNcaM8XYxdedWOrLGd9piNsXPMIH1IuJyhYM
KNlB4APr+PrXEgBSS17Ua+qpXoMuCk5UUVcBfnPG4yYU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:46 2025 by rpki-client