Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/nXBMPTo8XZwTMTPc4KhDSihD12I.roa
File: nXBMPTo8XZwTMTPc4KhDSihD12I.roa (raw, json)
Hash identifier: 4p+XDbRpZ+u64IEOsogITs9EyiLEQxtz/pkio3l2FzM=
Subject key identifier: 9D:70:4C:3D:3A:3C:5D:9C:13:31:33:DC:E0:A8:43:4A:28:43:D7:62
Certificate issuer: /CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Certificate serial: 03C0FCEF
Authority key identifier: AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/nXBMPTo8XZwTMTPc4KhDSihD12I.roa
Signing time: Sat 01 Jan 2022 14:05:08 +0000
ROA not before: Sat 01 Jan 2022 14:05:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198173
IP address blocks: 188.247.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62979311 (0x3c0fcef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8c6c58b607ff23ae7175a61682c75480f1e214
Validity
Not Before: Jan 1 14:05:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d704c3d3a3c5d9c133133dce0a8434a2843d762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2b:c7:3c:e3:bd:f0:a8:6d:ec:2f:00:e0:08:
2a:c3:c3:6c:e1:fa:5b:ed:2c:25:b9:d9:d8:7c:a0:
82:8a:47:ba:cf:12:9a:8d:34:a8:bb:a6:80:df:ac:
64:92:d3:55:53:98:57:9d:3e:db:17:46:42:e5:1e:
d2:f3:68:a2:23:4d:d8:55:8f:27:08:d5:72:c9:27:
b7:50:8c:44:56:6c:74:6a:10:b9:27:57:dc:ed:23:
44:88:b1:07:8f:79:3b:9d:40:f4:d1:df:70:1e:60:
79:e8:47:c0:14:9f:59:f7:3a:13:db:d5:88:72:4f:
26:e7:f5:6f:cf:b2:83:29:7f:08:5e:c7:9a:90:43:
7a:75:01:d2:60:34:6e:dc:17:a4:d6:d3:2a:c6:c6:
6f:c3:b0:bd:95:9e:c3:7c:aa:53:5c:5f:6d:bc:ce:
53:8f:52:f7:0e:e0:4a:f2:ab:46:14:98:78:e7:ed:
e4:c2:04:34:9e:be:00:57:37:bc:93:08:1f:f0:28:
5d:74:05:2c:4e:64:e0:16:9c:22:ee:fb:ab:ad:1e:
fa:07:c9:27:d6:51:6c:c5:d1:ff:0e:8d:b7:64:24:
1c:da:9c:79:8e:06:2d:e5:f8:5c:97:b8:3d:ce:5d:
c5:50:80:e9:90:ad:e4:e3:67:f1:71:6e:75:fc:05:
9a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:70:4C:3D:3A:3C:5D:9C:13:31:33:DC:E0:A8:43:4A:28:43:D7:62
X509v3 Authority Key Identifier:
keyid:AB:8C:6C:58:B6:07:FF:23:AE:71:75:A6:16:82:C7:54:80:F1:E2:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4xsWLYH_yOucXWmFoLHVIDx4hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/nXBMPTo8XZwTMTPc4KhDSihD12I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/efb8ee-c5c4-4467-a0cc-88a3c41faee2/1/q4xsWLYH_yOucXWmFoLHVIDx4hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.247.233.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:43:54:35:48:ec:86:a6:ee:ed:2b:64:2e:55:42:99:78:46:
59:55:27:57:82:e6:16:44:6f:7a:63:d2:eb:b2:4f:d2:dc:cf:
5e:4f:a1:b1:d5:05:4e:71:68:1b:77:b9:c4:50:ba:61:6c:3c:
b1:95:87:5c:c9:b4:8e:34:14:65:e4:a3:ac:07:3d:45:91:52:
c8:c7:d0:a6:aa:14:e3:f6:40:a8:65:ae:da:af:1d:5a:d1:8c:
c3:5f:43:dd:fc:b3:82:8a:87:d1:6b:c4:32:73:aa:ec:5e:d9:
41:33:23:4e:3e:96:d0:db:49:2a:2b:f0:de:b3:41:53:07:8b:
9a:e4:70:ed:b7:9b:e0:07:99:03:c2:cd:df:58:7a:c2:88:e4:
e7:df:2d:a6:9f:49:c3:7a:89:b1:78:f8:89:dd:3b:e9:7b:08:
49:d5:bc:04:d1:e1:ec:9d:ab:3c:04:9b:b3:e4:81:e4:05:51:
63:80:1c:57:7e:1e:47:d7:21:d1:34:65:31:e3:a5:60:0c:6e:
9b:05:9c:08:f2:50:30:fb:d4:34:1c:af:8e:c2:ab:82:57:bc:
7d:56:47:13:2a:a5:62:f8:ed:ab:07:15:7e:59:ca:40:40:a7:
6f:d7:8e:36:80:b6:ac:06:97:9f:ef:8e:4c:b8:93:74:f0:cd:
c4:c5:2a:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8D87zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjhjNmM1OGI2MDdmZjIzYWU3MTc1YTYxNjgyYzc1NDgwZjFlMjE0MB4XDTIyMDEw
MTE0MDUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ3MDRjM2QzYTNj
NWQ5YzEzMzEzM2RjZTBhODQzNGEyODQzZDc2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0rxzzjvfCobewvAOAIKsPDbOH6W+0sJbnZ2HyggopHus8S
mo00qLumgN+sZJLTVVOYV50+2xdGQuUe0vNooiNN2FWPJwjVcsknt1CMRFZsdGoQ
uSdX3O0jRIixB495O51A9NHfcB5geehHwBSfWfc6E9vViHJPJuf1b8+ygyl/CF7H
mpBDenUB0mA0btwXpNbTKsbGb8OwvZWew3yqU1xfbbzOU49S9w7gSvKrRhSYeOft
5MIENJ6+AFc3vJMIH/AoXXQFLE5k4BacIu77q60e+gfJJ9ZRbMXR/w6Nt2QkHNqc
eY4GLeX4XJe4Pc5dxVCA6ZCt5ONn8XFudfwFmtUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSdcEw9OjxdnBMxM9zgqENKKEPXYjAfBgNVHSMEGDAWgBSrjGxYtgf/I65x
daYWgsdUgPHiFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E0eHNXTFlIX3lPdWNYV21Gb0xIVklEeDRoUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvZWZiOGVlLWM1YzQtNDQ2Ny1hMGNjLTg4YTNjNDFmYWVlMi8x
L25YQk1QVG84WFp3VE1UUGM0S2hEU2loRDEySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ZWZiOGVlLWM1YzQtNDQ2Ny1hMGNjLTg4YTNjNDFmYWVlMi8xL3E0eHNXTFlIX3lP
dWNYV21Gb0xIVklEeDRoUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALz36TANBgkqhkiG9w0BAQsFAAOC
AQEAm0NUNUjshqbu7StkLlVCmXhGWVUnV4LmFkRvemPS67JP0tzPXk+hsdUFTnFo
G3e5xFC6YWw8sZWHXMm0jjQUZeSjrAc9RZFSyMfQpqoU4/ZAqGWu2q8dWtGMw19D
3fyzgoqH0WvEMnOq7F7ZQTMjTj6W0NtJKivw3rNBUweLmuRw7beb4AeZA8LN31h6
wojk598tpp9Jw3qJsXj4id076XsISdW8BNHh7J2rPASbs+SB5AVRY4AcV34eR9ch
0TRlMeOlYAxumwWcCPJQMPvUNByvjsKrgle8fVZHEyqlYvjtqwcVflnKQECnb9eO
NoC2rAaXn++OTLiTdPDNxMUqdg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:30 2025 by rpki-client