Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/NKJn1cJtG9aZAtWy6RLDAu2muB0.roa
File: NKJn1cJtG9aZAtWy6RLDAu2muB0.roa (raw, json)
Hash identifier: dJbzGyx50RFJ7QlQylV4RgYMl42uTDBBMl3Ssqwc8ok=
Subject key identifier: 34:A2:67:D5:C2:6D:1B:D6:99:02:D5:B2:E9:12:C3:02:ED:A6:B8:1D
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 0185BB5DC114D3217DEAC8AD58EEAED3534A
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/NKJn1cJtG9aZAtWy6RLDAu2muB0.roa
Signing time: Mon 16 Jan 2023 16:16:01 +0000
ROA not before: Mon 16 Jan 2023 16:16:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 188.124.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bb:5d:c1:14:d3:21:7d:ea:c8:ad:58:ee:ae:d3:53:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Jan 16 16:16:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34a267d5c26d1bd69902d5b2e912c302eda6b81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:39:3e:5a:9f:12:e7:d6:d1:10:98:90:3e:68:
da:7c:4f:5f:d7:92:b4:84:fa:d6:0a:3d:f5:b1:cd:
97:c3:84:42:a3:16:d5:a6:31:ff:21:bf:af:40:e3:
28:13:83:ff:58:77:2f:fe:09:26:f6:2e:cb:10:e9:
0d:8b:6d:07:09:02:b2:ab:7c:d5:90:28:e2:d2:9f:
7c:12:4f:d6:fc:73:82:f1:16:23:cd:35:38:97:af:
9d:19:3e:c0:2a:d4:c0:0d:e4:dd:bf:69:81:29:db:
14:4f:ed:44:e2:1a:f3:d8:10:71:3e:5c:a2:95:c8:
9a:a1:0c:ce:7a:c6:cd:94:ce:cb:a4:30:fe:a7:8d:
61:b1:0a:ed:1b:53:ce:c6:c0:3f:9b:cf:45:a1:c1:
b7:53:2f:69:67:d7:01:d5:37:79:3b:8b:db:40:00:
fa:91:92:4d:1c:fa:8a:08:1e:29:29:04:81:71:f6:
9f:e9:61:b5:15:9f:58:e1:29:c1:1b:d9:fb:74:0f:
46:e0:8f:62:97:d5:12:43:79:d4:01:10:7a:ca:eb:
da:d4:a6:b0:88:0a:49:17:c7:79:72:a6:f1:db:9c:
37:16:62:3b:44:fc:13:2f:f3:0c:8e:a4:61:eb:a7:
28:fd:d3:bb:0e:bc:96:f7:23:05:3b:74:b4:b9:27:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A2:67:D5:C2:6D:1B:D6:99:02:D5:B2:E9:12:C3:02:ED:A6:B8:1D
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/NKJn1cJtG9aZAtWy6RLDAu2muB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.124.17.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:63:07:17:bf:07:b6:38:79:bf:77:6f:5a:42:d4:b7:c8:25:
5c:c5:70:ac:7c:72:a0:92:76:89:aa:ad:dc:d0:6f:39:d7:75:
2c:52:26:a9:af:b1:97:98:ee:8b:83:1a:0f:a8:43:70:ae:39:
4f:7b:29:75:ab:c4:77:81:fc:4c:70:0d:f5:2d:b6:5d:6a:13:
3a:03:cc:38:41:24:6f:5e:c1:09:3f:66:3c:a0:07:7f:af:79:
57:1c:bc:d8:4c:f0:1c:a8:29:9e:14:3c:79:66:c1:d5:93:77:
a7:3f:30:7d:9c:69:76:1b:d2:0b:80:5e:0f:bf:ab:b3:c8:a6:
82:75:08:67:5c:17:ec:be:71:dc:b4:fc:10:d5:69:c0:96:9d:
9e:de:70:43:d5:25:c7:3d:8a:88:7f:77:2c:4c:79:c8:ab:9a:
cf:57:8f:23:0e:39:4e:9c:7b:bc:01:33:2e:48:66:c4:ee:6c:
02:89:38:ed:a9:31:45:44:64:be:39:37:05:20:fe:84:6d:1a:
fd:72:ce:4e:d3:04:50:c2:32:19:5a:1d:4c:31:8c:7a:3f:c5:
ff:33:12:69:af:17:93:f0:3d:81:f3:02:7a:00:f7:f7:fc:59:
c2:12:c2:f1:f0:51:0e:8f:2b:64:74:ad:af:b7:3d:5d:f9:1a:
a4:cf:3c:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW7XcEU0yF96sitWO6u01NKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjMwMTE2MTYxNjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGEyNjdkNWMyNmQxYmQ2OTkwMmQ1YjJlOTEyYzMwMmVkYTZiODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzk+Wp8S59bREJiQPmjafE9f15K0
hPrWCj31sc2Xw4RCoxbVpjH/Ib+vQOMoE4P/WHcv/gkm9i7LEOkNi20HCQKyq3zV
kCji0p98Ek/W/HOC8RYjzTU4l6+dGT7AKtTADeTdv2mBKdsUT+1E4hrz2BBxPlyi
lciaoQzOesbNlM7LpDD+p41hsQrtG1POxsA/m89FocG3Uy9pZ9cB1Td5O4vbQAD6
kZJNHPqKCB4pKQSBcfaf6WG1FZ9Y4SnBG9n7dA9G4I9il9USQ3nUARB6yuva1Kaw
iApJF8d5cqbx25w3FmI7RPwTL/MMjqRh66co/dO7DryW9yMFO3S0uSczJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSiZ9XCbRvWmQLVsukSwwLtprgdMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvTktKbjFjSnRHOWFaQXRXeTZSTERBdTJtdUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHwRMA0G
CSqGSIb3DQEBCwUAA4IBAQBNYwcXvwe2OHm/d29aQtS3yCVcxXCsfHKgknaJqq3c
0G8513UsUiapr7GXmO6LgxoPqENwrjlPeyl1q8R3gfxMcA31LbZdahM6A8w4QSRv
XsEJP2Y8oAd/r3lXHLzYTPAcqCmeFDx5ZsHVk3enPzB9nGl2G9ILgF4Pv6uzyKaC
dQhnXBfsvnHctPwQ1WnAlp2e3nBD1SXHPYqIf3csTHnIq5rPV48jDjlOnHu8ATMu
SGbE7mwCiTjtqTFFRGS+OTcFIP6EbRr9cs5O0wRQwjIZWh1MMYx6P8X/MxJprxeT
8D2B8wJ6APf3/FnCEsLx8FEOjytkdK2vtz1d+Rqkzzxy
-----END CERTIFICATE-----
Generated at Wed Apr 23 00:50:19 2025 by rpki-client