Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NfJsxR8NLk9y_jYLiY7gPV8L2ag.roa
File: NfJsxR8NLk9y_jYLiY7gPV8L2ag.roa (raw, json)
Hash identifier: 6uKVQAMfrBGpwfP3EhGa4x7YngtKFKhUTnP/LXSWleM=
Subject key identifier: 35:F2:6C:C5:1F:0D:2E:4F:72:FE:36:0B:89:8E:E0:3D:5F:0B:D9:A8
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 01856F42A8424A9396C5D1648BEA4A98E8C2
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NfJsxR8NLk9y_jYLiY7gPV8L2ag.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209860
IP address blocks: 212.87.242.0/23 maxlen: 23
212.87.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a8:42:4a:93:96:c5:d1:64:8b:ea:4a:98:e8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35f26cc51f0d2e4f72fe360b898ee03d5f0bd9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9b:19:02:f5:e8:00:36:20:69:c2:ef:01:15:
9e:5f:d2:e1:ec:93:9b:39:8f:ac:5c:bd:14:0c:5c:
c6:e4:6e:1a:8e:02:56:c5:3d:38:6f:d3:d6:22:57:
4b:da:5e:36:26:f9:60:9b:d3:4b:54:34:ad:cf:ea:
bd:4b:6d:90:d5:16:40:3c:37:fa:9b:1b:c7:b4:62:
1b:3f:1b:0a:4f:20:6f:e0:a2:b1:b3:78:2a:d1:8c:
d3:02:61:bb:bd:4c:84:57:fe:b1:96:3b:53:c9:70:
b4:15:d2:d1:8a:f5:70:2e:ab:0a:f1:36:80:16:62:
b5:28:0b:28:be:d6:37:8c:7e:15:0f:87:42:0e:60:
98:69:50:7e:2d:55:7d:2f:72:01:8f:93:76:fb:4f:
2c:56:5c:b7:17:32:63:56:20:0e:da:2f:92:06:f6:
01:6e:00:f3:ec:ce:49:ac:11:44:24:c6:a7:29:c1:
bd:d1:82:87:c8:9c:1a:e0:43:e9:aa:12:17:d2:16:
47:54:c4:e3:04:26:58:e8:1c:c9:3a:ce:a7:19:24:
2b:96:ce:e1:16:df:a1:99:e3:6e:a4:dc:68:31:37:
2a:5a:4d:4e:2d:77:2c:6b:f8:b4:51:93:e7:75:28:
40:bf:99:b5:1f:03:07:a2:b4:c0:59:d3:2e:e8:19:
e2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F2:6C:C5:1F:0D:2E:4F:72:FE:36:0B:89:8E:E0:3D:5F:0B:D9:A8
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/NfJsxR8NLk9y_jYLiY7gPV8L2ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.242.0/23
212.87.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:2e:63:05:b5:d4:6f:f3:ff:23:41:41:22:0c:44:90:e3:6a:
7d:74:c4:fe:03:ef:d6:a8:5c:0b:a2:50:e8:39:fe:a7:60:79:
6e:54:fd:34:bd:86:b9:77:15:5d:10:3e:d4:e5:ae:f7:6c:7d:
85:3d:f1:db:84:9c:87:73:fc:a8:1a:c9:67:32:a1:39:3f:a6:
df:97:36:59:4c:14:52:1c:69:aa:3e:d4:99:cb:04:55:8b:41:
df:ad:03:1c:37:3f:b4:05:f6:be:b4:d6:7f:db:34:39:aa:32:
0d:28:82:df:74:d3:90:92:e4:4d:92:ea:e1:74:ef:eb:ce:da:
24:0b:cd:2a:a6:80:14:08:1e:f0:f5:f0:94:c8:c6:63:8a:2c:
93:d0:0b:ba:15:9e:c5:cd:92:3a:8f:ee:c1:2c:fd:d1:20:6e:
14:1b:da:d7:db:ba:7c:59:19:ba:af:88:55:af:61:5c:9a:ec:
fc:0e:7a:91:5d:6e:b9:b2:9a:e9:36:f5:17:5b:ed:6f:33:c6:
f5:c6:9c:cf:f9:23:9d:9f:2a:6b:38:79:91:ca:7f:cc:12:ae:
c2:64:75:ef:7f:e5:0f:d7:12:e3:ca:dd:50:93:eb:22:30:d0:
d5:0b:13:bf:87:10:60:65:4b:33:df:10:6b:1f:67:0d:16:9e:
53:a8:65:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQqhCSpOWxdFki+pKmOjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYyNmNjNTFmMGQyZTRmNzJmZTM2MGI4OThlZTAzZDVmMGJkOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZsZAvXoADYgacLvARWeX9Lh7JOb
OY+sXL0UDFzG5G4ajgJWxT04b9PWIldL2l42Jvlgm9NLVDStz+q9S22Q1RZAPDf6
mxvHtGIbPxsKTyBv4KKxs3gq0YzTAmG7vUyEV/6xljtTyXC0FdLRivVwLqsK8TaA
FmK1KAsovtY3jH4VD4dCDmCYaVB+LVV9L3IBj5N2+08sVly3FzJjViAO2i+SBvYB
bgDz7M5JrBFEJManKcG90YKHyJwa4EPpqhIX0hZHVMTjBCZY6BzJOs6nGSQrls7h
Ft+hmeNupNxoMTcqWk1OLXcsa/i0UZPndShAv5m1HwMHorTAWdMu6BniGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDXybMUfDS5Pcv42C4mO4D1fC9moMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvTmZKc3hSOE5Mazl5X2pZTGlZN2dQVjhMMmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1FfyAwQA
1Ff5MA0GCSqGSIb3DQEBCwUAA4IBAQChLmMFtdRv8/8jQUEiDESQ42p9dMT+A+/W
qFwLolDoOf6nYHluVP00vYa5dxVdED7U5a73bH2FPfHbhJyHc/yoGslnMqE5P6bf
lzZZTBRSHGmqPtSZywRVi0HfrQMcNz+0Bfa+tNZ/2zQ5qjINKILfdNOQkuRNkurh
dO/rztokC80qpoAUCB7w9fCUyMZjiiyT0Au6FZ7FzZI6j+7BLP3RIG4UG9rX27p8
WRm6r4hVr2Fcmuz8DnqRXW65sprpNvUXW+1vM8b1xpzP+SOdnyprOHmRyn/MEq7C
ZHXvf+UP1xLjyt1Qk+siMNDVCxO/hxBgZUsz3xBrH2cNFp5TqGVp
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:04 2025 by rpki-client