Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/629bb7-3cf8-4756-a90e-0414488ae082/1/NFi1jafApiFmU8ewLqoBLYrkwf4.roa
File: NFi1jafApiFmU8ewLqoBLYrkwf4.roa (raw, json)
Hash identifier: 0h6YJNMJo+2kHo1Wldb7QW9tRL/Ia3eM88zwM//zHwc=
Subject key identifier: 34:58:B5:8D:A7:C0:A6:21:66:53:C7:B0:2E:AA:01:2D:8A:E4:C1:FE
Certificate issuer: /CN=da3d3e9492b11c4669155b7c8ee4f14754b85222
Certificate serial: 01823FFAE3A3D96FAEFF319F76C2D25C1273
Authority key identifier: DA:3D:3E:94:92:B1:1C:46:69:15:5B:7C:8E:E4:F1:47:54:B8:52:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2j0-lJKxHEZpFVt8juTxR1S4UiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/629bb7-3cf8-4756-a90e-0414488ae082/1/NFi1jafApiFmU8ewLqoBLYrkwf4.roa
Signing time: Wed 27 Jul 2022 14:06:23 +0000
ROA not before: Wed 27 Jul 2022 14:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49491
IP address blocks: 193.169.80.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3f:fa:e3:a3:d9:6f:ae:ff:31:9f:76:c2:d2:5c:12:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da3d3e9492b11c4669155b7c8ee4f14754b85222
Validity
Not Before: Jul 27 14:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3458b58da7c0a6216653c7b02eaa012d8ae4c1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:25:be:89:e4:ce:b3:64:04:23:8f:e6:72:b8:
3f:7b:f2:de:65:15:59:d2:ee:b2:2c:39:93:73:47:
b2:06:74:71:b0:a4:15:6c:93:8c:7f:72:e2:50:37:
3e:64:70:18:e2:26:c8:b8:fb:ae:e6:97:c4:ce:de:
d3:5f:5f:6d:28:df:ab:d9:2a:d2:96:1e:8a:2f:46:
d6:2c:e8:e4:47:a0:11:68:f4:84:ed:6e:7b:6e:d0:
fe:0a:37:8e:2f:06:46:c9:b5:23:68:e9:c9:b1:b7:
cc:33:2e:31:7a:bb:de:79:1e:96:1e:fa:a1:cc:33:
85:3f:8b:bd:2d:a5:68:bc:63:f9:86:9b:90:c3:6b:
b6:5a:b8:21:60:b1:17:36:e5:fa:91:aa:3a:61:d4:
ce:52:8d:aa:d3:1e:e9:ee:84:e8:f6:2c:8d:f2:3f:
af:02:d2:39:d5:9a:67:36:49:68:80:b6:02:bd:5c:
4c:cc:a8:45:d0:67:82:6e:80:97:7b:dd:9d:ec:a3:
bc:e9:db:70:cd:68:d4:2e:02:e3:08:8e:72:20:00:
aa:e4:93:a2:5f:11:cc:c3:23:78:a6:9c:fd:da:bd:
87:5e:09:2a:ee:3d:9f:64:ac:66:9f:71:4f:77:2b:
f3:78:3d:99:3d:df:bf:0e:86:c5:b7:0b:fa:6a:5f:
d2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:58:B5:8D:A7:C0:A6:21:66:53:C7:B0:2E:AA:01:2D:8A:E4:C1:FE
X509v3 Authority Key Identifier:
keyid:DA:3D:3E:94:92:B1:1C:46:69:15:5B:7C:8E:E4:F1:47:54:B8:52:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2j0-lJKxHEZpFVt8juTxR1S4UiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/629bb7-3cf8-4756-a90e-0414488ae082/1/NFi1jafApiFmU8ewLqoBLYrkwf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/629bb7-3cf8-4756-a90e-0414488ae082/1/2j0-lJKxHEZpFVt8juTxR1S4UiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.80.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:b7:e2:97:36:17:5b:f4:7b:8b:a3:94:ca:18:06:6d:7a:8d:
da:15:ec:56:7a:00:db:8d:0c:35:0d:d9:e7:66:58:83:ca:e9:
91:3e:51:ce:1f:11:c8:dc:e0:bc:36:00:28:70:0f:7f:e4:10:
0c:0c:9d:2a:f6:88:b4:6f:17:2d:bb:5a:6e:cc:9a:78:63:3d:
af:ee:38:81:ea:bd:fd:7c:d8:ad:48:f5:69:1b:19:f2:0a:c1:
15:09:17:52:1f:e1:84:d2:06:46:21:31:31:e7:16:ed:fb:3d:
25:e4:8f:40:07:35:26:77:4f:3d:6a:d9:ad:9d:b5:28:c4:ca:
9c:f7:b4:7a:b3:19:01:41:ab:ee:cb:a7:92:de:3d:3e:80:5c:
50:70:4b:b8:c5:a0:53:3b:85:34:e3:11:ee:a7:1c:9f:8b:1f:
0c:36:38:25:23:e0:f5:37:9f:d7:9f:cc:a9:d6:e7:b3:6f:e5:
5e:aa:65:ac:63:c2:1f:be:36:42:d5:ae:0f:62:5a:f6:d1:4c:
bb:51:2c:cc:9e:13:68:69:ca:b3:bf:37:81:16:fc:09:d8:49:
f4:b9:6a:cb:d9:b4:35:01:6b:02:78:c2:0e:b2:24:62:54:6e:
88:92:9b:fc:47:aa:96:1e:8c:cf:ce:d6:07:99:0f:ba:fa:1e:
cc:5f:b5:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI/+uOj2W+u/zGfdsLSXBJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhM2QzZTk0OTJiMTFjNDY2OTE1NWI3YzhlZTRmMTQ3NTRi
ODUyMjIwHhcNMjIwNzI3MTQwNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU4YjU4ZGE3YzBhNjIxNjY1M2M3YjAyZWFhMDEyZDhhZTRjMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiW+ieTOs2QEI4/mcrg/e/LeZRVZ
0u6yLDmTc0eyBnRxsKQVbJOMf3LiUDc+ZHAY4ibIuPuu5pfEzt7TX19tKN+r2SrS
lh6KL0bWLOjkR6ARaPSE7W57btD+CjeOLwZGybUjaOnJsbfMMy4xerveeR6WHvqh
zDOFP4u9LaVovGP5hpuQw2u2WrghYLEXNuX6kao6YdTOUo2q0x7p7oTo9iyN8j+v
AtI51ZpnNklogLYCvVxMzKhF0GeCboCXe92d7KO86dtwzWjULgLjCI5yIACq5JOi
XxHMwyN4ppz92r2HXgkq7j2fZKxmn3FPdyvzeD2ZPd+/DobFtwv6al/S/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRYtY2nwKYhZlPHsC6qAS2K5MH+MB8GA1UdIwQY
MBaAFNo9PpSSsRxGaRVbfI7k8UdUuFIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmowLWxKS3hIRVpwRlZ0OGp1VHhSMVM0VWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MjliYjctM2NmOC00NzU2LWE5MGUt
MDQxNDQ4OGFlMDgyLzEvTkZpMWphZkFwaUZtVThld0xxb0JMWXJrd2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MjliYjctM2NmOC00NzU2LWE5MGUtMDQxNDQ4OGFlMDgy
LzEvMmowLWxKS3hIRVpwRlZ0OGp1VHhSMVM0VWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwalQMA0G
CSqGSIb3DQEBCwUAA4IBAQAft+KXNhdb9HuLo5TKGAZteo3aFexWegDbjQw1Ddnn
ZliDyumRPlHOHxHI3OC8NgAocA9/5BAMDJ0q9oi0bxctu1puzJp4Yz2v7jiB6r39
fNitSPVpGxnyCsEVCRdSH+GE0gZGITEx5xbt+z0l5I9ABzUmd089atmtnbUoxMqc
97R6sxkBQavuy6eS3j0+gFxQcEu4xaBTO4U04xHupxyfix8MNjglI+D1N5/Xn8yp
1uezb+VeqmWsY8IfvjZC1a4PYlr20Uy7USzMnhNoacqzvzeBFvwJ2En0uWrL2bQ1
AWsCeMIOsiRiVG6Ikpv8R6qWHozPztYHmQ+6+h7MX7Uq
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:14 2025 by rpki-client