Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/NcVfsDw8I18ksPvOk8B9hvxrlzs.roa
File: NcVfsDw8I18ksPvOk8B9hvxrlzs.roa (raw, json)
Hash identifier: eClWCp+Tp3u9HBSiQJ5M6kuucG11AauhWowbgwm82ac=
Subject key identifier: 35:C5:5F:B0:3C:3C:23:5F:24:B0:FB:CE:93:C0:7D:86:FC:6B:97:3B
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 0187B7BD81553A08696A7B528A46174C9CCF
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/NcVfsDw8I18ksPvOk8B9hvxrlzs.roa
Signing time: Tue 25 Apr 2023 09:27:42 +0000
ROA not before: Tue 25 Apr 2023 09:27:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208905
IP address blocks: 85.130.248.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:bd:81:55:3a:08:69:6a:7b:52:8a:46:17:4c:9c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Apr 25 09:27:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35c55fb03c3c235f24b0fbce93c07d86fc6b973b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:99:42:bf:5e:a3:6d:e6:41:33:03:5e:e1:9a:
50:7d:00:65:86:c4:85:79:ab:e3:23:c9:72:df:1c:
27:07:b4:2b:7f:22:34:8b:fa:b8:d1:40:5b:f3:79:
e3:06:d4:58:fc:ce:4b:a9:5a:38:61:5d:c9:cd:5a:
a8:5a:8f:a6:0d:d2:83:62:5f:d3:75:63:76:97:38:
16:6c:ad:1a:ed:fd:1a:bd:dc:af:eb:f3:e3:89:19:
dc:51:f9:71:d4:3e:95:5e:c0:56:fe:1f:93:c5:39:
3f:2c:5e:16:17:e6:b2:d9:2e:66:42:2d:dd:87:65:
e3:b7:30:bf:c5:69:bd:7c:4e:a0:a3:0e:89:a0:e4:
55:df:7c:d1:4d:e8:23:92:9c:6c:e3:e2:ee:b3:cf:
51:7e:09:12:bb:dd:e5:e7:60:30:c3:44:14:c5:51:
4e:40:5c:8d:3f:e5:ce:76:7b:dd:1c:c3:ca:cd:5b:
65:ee:53:bd:74:21:cb:3f:6d:33:64:37:08:27:5e:
c8:14:ef:4d:00:84:1d:03:61:89:32:5c:e4:74:a5:
21:a0:c9:4a:b9:00:b6:65:a1:02:c1:69:a3:3e:88:
7f:2d:78:5e:a5:07:de:13:33:1c:87:a2:23:38:91:
09:af:5b:1a:64:5e:fb:8a:92:58:a8:c0:ab:26:eb:
99:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C5:5F:B0:3C:3C:23:5F:24:B0:FB:CE:93:C0:7D:86:FC:6B:97:3B
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/NcVfsDw8I18ksPvOk8B9hvxrlzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.130.248.0/21
Signature Algorithm: sha256WithRSAEncryption
26:99:9d:11:14:a0:01:a1:76:88:49:87:44:09:a5:57:96:12:
6a:15:22:08:20:95:0f:6f:2f:c7:55:40:fc:14:96:01:1b:39:
56:49:77:21:44:39:d6:09:7a:3a:94:c0:a4:4d:34:b4:e8:a1:
fe:77:76:22:02:1a:44:11:63:bf:8a:9e:86:24:95:bc:64:4a:
80:50:a8:44:48:22:f3:32:c4:b6:a9:34:91:06:d5:fd:17:94:
39:2d:49:d2:eb:ba:21:f1:0c:17:fb:01:fa:c5:db:f7:5f:00:
97:f9:27:ea:4c:c9:bc:05:ec:20:68:76:97:aa:8f:0e:15:ac:
00:a8:7a:3e:ce:f8:a8:4d:21:6c:ed:75:00:5d:14:38:ad:4e:
0b:67:e0:37:0e:3a:67:90:62:61:79:ca:94:c6:53:4f:9c:b0:
c0:df:6c:fc:3d:70:a7:69:31:51:0f:46:cb:a9:c9:9d:4a:e0:
44:4c:f0:16:1f:b5:d0:22:05:65:2b:d2:cc:5c:f8:0d:6d:30:
84:5a:af:da:6a:c2:a1:a1:a6:c8:38:1c:55:c6:17:0d:ca:ff:
1b:dc:ec:8d:ae:cb:a7:b4:18:94:c0:fe:d2:23:f9:cd:25:3a:
3d:a8:81:d5:d6:65:c0:cf:8f:24:98:eb:89:c2:91:ef:28:03:
2d:ce:90:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe3vYFVOghpantSikYXTJzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMwNDI1MDkyNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWM1NWZiMDNjM2MyMzVmMjRiMGZiY2U5M2MwN2Q4NmZjNmI5NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6plCv16jbeZBMwNe4ZpQfQBlhsSF
eavjI8ly3xwnB7QrfyI0i/q40UBb83njBtRY/M5LqVo4YV3JzVqoWo+mDdKDYl/T
dWN2lzgWbK0a7f0avdyv6/PjiRncUflx1D6VXsBW/h+TxTk/LF4WF+ay2S5mQi3d
h2XjtzC/xWm9fE6gow6JoORV33zRTegjkpxs4+Lus89RfgkSu93l52Aww0QUxVFO
QFyNP+XOdnvdHMPKzVtl7lO9dCHLP20zZDcIJ17IFO9NAIQdA2GJMlzkdKUhoMlK
uQC2ZaECwWmjPoh/LXhepQfeEzMch6IjOJEJr1saZF77ipJYqMCrJuuZcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXFX7A8PCNfJLD7zpPAfYb8a5c7MB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvTmNWZnNEdzhJMThrc1B2T2s4QjlodnhybHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVYL4MA0G
CSqGSIb3DQEBCwUAA4IBAQAmmZ0RFKABoXaISYdECaVXlhJqFSIIIJUPby/HVUD8
FJYBGzlWSXchRDnWCXo6lMCkTTS06KH+d3YiAhpEEWO/ip6GJJW8ZEqAUKhESCLz
MsS2qTSRBtX9F5Q5LUnS67oh8QwX+wH6xdv3XwCX+SfqTMm8BewgaHaXqo8OFawA
qHo+zvioTSFs7XUAXRQ4rU4LZ+A3DjpnkGJhecqUxlNPnLDA32z8PXCnaTFRD0bL
qcmdSuBETPAWH7XQIgVlK9LMXPgNbTCEWq/aasKhoabIOBxVxhcNyv8b3OyNrsun
tBiUwP7SI/nNJTo9qIHV1mXAz48kmOuJwpHvKAMtzpAM
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:39:16 2025 by rpki-client