Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/NXbiDulSqB0EQRQaai2HRB0hj_k.roa
File: NXbiDulSqB0EQRQaai2HRB0hj_k.roa (raw, json)
Hash identifier: ldBCEuHqof/bXtUZChVadL1xobzr7PXnpMz9ze2PxVM=
Subject key identifier: 35:76:E2:0E:E9:52:A8:1D:04:41:14:1A:6A:2D:87:44:1D:21:8F:F9
Certificate issuer: /CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Certificate serial: 0182FCF26E12AD9467C3E6D98AA80C79302E
Authority key identifier: C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/NXbiDulSqB0EQRQaai2HRB0hj_k.roa
Signing time: Fri 02 Sep 2022 06:45:22 +0000
ROA not before: Fri 02 Sep 2022 06:45:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 188.119.104.0/24 maxlen: 24
185.50.207.0/24 maxlen: 24
193.43.75.0/24 maxlen: 24
193.43.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fc:f2:6e:12:ad:94:67:c3:e6:d9:8a:a8:0c:79:30:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Validity
Not Before: Sep 2 06:45:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3576e20ee952a81d0441141a6a2d87441d218ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:56:52:d2:c1:98:7b:2a:48:13:e5:06:de:96:
bb:6b:4e:bf:cf:f2:4a:35:7c:5c:f1:c7:1d:0a:34:
cc:bd:7b:0e:37:8f:25:29:18:7c:a6:d9:ca:a3:bb:
c0:78:23:ea:d8:a9:c9:0e:d0:60:97:cf:2d:61:57:
36:af:27:94:f8:9a:84:85:fb:ff:52:d0:65:66:7c:
79:1c:37:eb:24:2a:78:53:bd:73:ee:83:37:99:b9:
c8:78:a1:58:2b:90:1c:a5:39:4d:1b:61:30:83:c7:
b5:b3:f9:19:91:b9:4d:6f:c5:4e:29:83:9e:77:02:
03:e5:1b:4f:f9:07:e9:b3:d2:c4:73:49:b7:52:bf:
4b:21:14:16:cd:37:19:1c:69:fc:25:a5:a1:b8:80:
50:2f:58:55:8c:2e:70:9c:dd:c0:ba:7b:39:b6:2c:
cc:c7:d8:d7:94:96:a5:c1:b4:8d:08:8e:11:e8:2e:
a3:97:1f:ab:bc:cc:0c:ce:ff:15:68:45:56:fd:c0:
4b:4c:93:e0:30:92:6b:44:40:d0:3b:c2:95:10:56:
83:32:c1:49:0c:54:45:5a:e2:8d:29:4b:4e:7d:de:
28:e1:53:df:11:ee:f3:df:f9:df:d7:f9:01:f6:e8:
c8:8e:55:c8:b0:f9:42:83:1b:e8:62:65:1e:db:fa:
99:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:76:E2:0E:E9:52:A8:1D:04:41:14:1A:6A:2D:87:44:1D:21:8F:F9
X509v3 Authority Key Identifier:
keyid:C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/NXbiDulSqB0EQRQaai2HRB0hj_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.207.0/24
188.119.104.0/24
193.43.75.0/24
193.43.98.0/24
Signature Algorithm: sha256WithRSAEncryption
54:05:1d:84:2f:ff:07:f0:ef:31:7a:8c:0e:5c:19:cc:96:93:
0b:42:13:54:6d:33:46:b9:4c:b6:66:dd:b6:2a:69:70:21:8c:
b2:d5:ef:41:e7:d2:79:ee:ed:68:44:32:43:06:aa:fa:6a:6a:
01:96:be:25:46:0a:e6:82:da:3b:ab:91:8e:42:11:4f:5e:ab:
5d:9c:3e:8d:8a:1f:87:fc:2a:af:70:9c:9a:71:d6:f1:47:07:
d5:7c:1c:30:fd:17:83:23:27:94:4e:75:44:75:5a:b2:a5:3b:
34:59:19:77:85:e4:7e:25:14:bd:1c:30:58:ec:f6:22:b1:6b:
e8:c8:99:8c:80:92:96:04:4f:09:e4:c7:57:86:ea:b5:93:18:
69:52:8f:b8:3f:99:15:a8:e2:d1:4a:36:6a:13:99:e1:d2:ae:
35:98:35:cf:46:7d:bc:5f:3b:f9:2f:aa:7f:31:ea:8e:76:94:
78:6a:84:d0:91:8d:3d:c0:66:27:e3:4d:ce:0b:a2:5a:a1:ca:
d0:df:12:0c:7c:df:d9:9c:8f:f3:3c:15:60:c8:ee:6a:b3:62:
79:13:da:1c:61:52:ad:c5:29:9d:12:51:3f:d5:6c:07:0c:4a:
3f:7b:a6:4b:cf:05:2a:4d:09:a8:4e:ec:a9:a8:ab:a4:2f:4f:
11:04:c7:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYL88m4SrZRnw+bZiqgMeTAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjBkNTM1ZWViY2YyOGU2MGFjOThhZTQ5NWIzNDk4MWI1
YTkzZWMwHhcNMjIwOTAyMDY0NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc2ZTIwZWU5NTJhODFkMDQ0MTE0MWE2YTJkODc0NDFkMjE4ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFZS0sGYeypIE+UG3pa7a06/z/JK
NXxc8ccdCjTMvXsON48lKRh8ptnKo7vAeCPq2KnJDtBgl88tYVc2ryeU+JqEhfv/
UtBlZnx5HDfrJCp4U71z7oM3mbnIeKFYK5AcpTlNG2Ewg8e1s/kZkblNb8VOKYOe
dwID5RtP+Qfps9LEc0m3Ur9LIRQWzTcZHGn8JaWhuIBQL1hVjC5wnN3Auns5tizM
x9jXlJalwbSNCI4R6C6jlx+rvMwMzv8VaEVW/cBLTJPgMJJrREDQO8KVEFaDMsFJ
DFRFWuKNKUtOfd4o4VPfEe7z3/nf1/kB9ujIjlXIsPlCgxvoYmUe2/qZ+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDV24g7pUqgdBEEUGmoth0QdIY/5MB8GA1UdIwQY
MBaAFMOw1TXuvPKOYKyYrklbNJgbWpPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmIt
OTUxOTY5M2VhYTdiLzEvTlhiaUR1bFNxQjBFUVJRYWFpMkhSQjBoal9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmItOTUxOTY5M2VhYTdi
LzEvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuTLPAwQA
vHdoAwQAwStLAwQAwStiMA0GCSqGSIb3DQEBCwUAA4IBAQBUBR2EL/8H8O8xeowO
XBnMlpMLQhNUbTNGuUy2Zt22KmlwIYyy1e9B59J57u1oRDJDBqr6amoBlr4lRgrm
gto7q5GOQhFPXqtdnD6Nih+H/CqvcJyacdbxRwfVfBww/ReDIyeUTnVEdVqypTs0
WRl3heR+JRS9HDBY7PYisWvoyJmMgJKWBE8J5MdXhuq1kxhpUo+4P5kVqOLRSjZq
E5nh0q41mDXPRn28Xzv5L6p/MeqOdpR4aoTQkY09wGYn403OC6JaocrQ3xIMfN/Z
nI/zPBVgyO5qs2J5E9ocYVKtxSmdElE/1WwHDEo/e6ZLzwUqTQmoTuypqKukL08R
BMd+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:19 2025 by rpki-client