Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/NCEGKDeZjxdLaKe7sHOWwxACXf8.roa
File: NCEGKDeZjxdLaKe7sHOWwxACXf8.roa (raw, json)
Hash identifier: GwJkWHzeOXiV6CW2UXY/rT7MNRxJB9eRd3at0+l0iho=
Subject key identifier: 34:21:06:28:37:99:8F:17:4B:68:A7:BB:B0:73:96:C3:10:02:5D:FF
Certificate issuer: /CN=ef584b511d96a4ae6c96300197f84f96a3afc246
Certificate serial: 0185703057E03693F6A0ACF5B756B18F5656
Authority key identifier: EF:58:4B:51:1D:96:A4:AE:6C:96:30:01:97:F8:4F:96:A3:AF:C2:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71hLUR2WpK5sljABl_hPlqOvwkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/NCEGKDeZjxdLaKe7sHOWwxACXf8.roa
Signing time: Mon 02 Jan 2023 01:54:54 +0000
ROA not before: Mon 02 Jan 2023 01:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41486
IP address blocks: 194.9.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:57:e0:36:93:f6:a0:ac:f5:b7:56:b1:8f:56:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef584b511d96a4ae6c96300197f84f96a3afc246
Validity
Not Before: Jan 2 01:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3421062837998f174b68a7bbb07396c310025dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:06:55:fd:43:f8:f2:96:14:e9:0f:e8:f2:30:
d7:6f:55:58:9f:61:a4:2b:fe:f3:05:24:ad:7c:0e:
27:4e:01:b4:52:b4:ac:67:91:85:92:d4:3e:70:e1:
ab:86:4d:5c:b0:21:b5:03:c1:31:18:d2:d6:47:1e:
69:8a:a2:3e:e2:86:2b:75:f2:80:cf:ca:66:16:24:
d7:7a:d0:00:37:bc:bf:91:6d:6f:55:89:b3:f7:aa:
96:5a:d2:5a:c5:cb:2e:86:f8:d6:a9:36:fc:d2:ca:
bb:83:86:98:9a:0e:51:a0:9c:5a:bf:dc:1b:b2:f1:
d8:ac:5d:e5:0a:f9:7e:68:ad:13:c9:68:94:e8:2d:
4d:70:1c:8e:89:6a:f0:c1:78:fc:c5:cc:8b:a3:7d:
4d:3b:06:56:50:bb:de:8f:e3:80:4a:73:28:ed:6c:
66:3f:b2:9a:d4:de:81:6b:45:a2:84:a2:c9:24:3b:
6a:57:72:b8:2f:15:a9:4c:5b:94:c7:79:28:2b:e3:
0e:83:a7:10:8f:59:40:1e:f9:f2:34:16:64:11:d8:
f3:da:28:8f:31:ae:14:7c:2d:1e:de:42:03:f9:5b:
60:df:e1:ab:89:95:62:3b:8e:e5:3f:69:6e:dc:9d:
28:2e:b8:69:89:e0:b1:27:38:34:4c:06:73:55:a9:
ba:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:21:06:28:37:99:8F:17:4B:68:A7:BB:B0:73:96:C3:10:02:5D:FF
X509v3 Authority Key Identifier:
keyid:EF:58:4B:51:1D:96:A4:AE:6C:96:30:01:97:F8:4F:96:A3:AF:C2:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71hLUR2WpK5sljABl_hPlqOvwkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/NCEGKDeZjxdLaKe7sHOWwxACXf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/71hLUR2WpK5sljABl_hPlqOvwkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.60.0/23
Signature Algorithm: sha256WithRSAEncryption
22:c4:23:6e:73:d8:6e:f4:4c:a9:7e:41:73:e0:d6:5b:80:62:
49:aa:25:64:04:d2:49:bb:ff:79:a6:38:76:f1:ed:c3:ee:43:
9c:d7:22:34:09:a9:22:4d:a9:bb:d4:ec:eb:4e:1f:dc:52:9f:
eb:c7:d1:81:da:84:31:1b:32:4c:84:ba:d0:a5:66:48:f8:d4:
92:a2:d2:02:3f:26:98:cf:63:91:5b:da:82:2b:c6:b6:8a:a4:
ed:a1:4b:56:cc:58:22:18:c3:8d:ad:c6:71:d9:8a:bd:09:ec:
df:3c:47:a3:1f:a1:4c:a6:86:6b:70:1b:77:eb:98:f3:64:a6:
f5:24:af:68:47:5e:c3:46:fb:6c:d5:a8:68:b9:31:c9:14:4d:
0f:11:ff:e0:e3:ad:c7:a7:30:6a:1c:65:e3:72:3a:07:38:c0:
b6:32:20:10:ae:38:9f:4b:78:aa:3d:1a:e9:9a:96:bc:c3:54:
d9:5d:35:e5:2b:2f:ac:b8:f4:e7:b4:6e:a0:d0:76:ba:46:21:
59:da:ba:bf:fe:4a:bf:9b:25:cd:ef:23:a6:2b:87:b9:27:6b:
ee:cc:1b:0e:6d:96:c7:3e:2e:f9:fc:93:09:bd:ea:8c:27:e7:
aa:12:be:38:d9:74:a7:d0:00:a4:99:88:51:6d:5b:3d:e6:06:
64:5f:e6:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMFfgNpP2oKz1t1axj1ZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTg0YjUxMWQ5NmE0YWU2Yzk2MzAwMTk3Zjg0Zjk2YTNh
ZmMyNDYwHhcNMjMwMTAyMDE1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDIxMDYyODM3OTk4ZjE3NGI2OGE3YmJiMDczOTZjMzEwMDI1ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQZV/UP48pYU6Q/o8jDXb1VYn2Gk
K/7zBSStfA4nTgG0UrSsZ5GFktQ+cOGrhk1csCG1A8ExGNLWRx5piqI+4oYrdfKA
z8pmFiTXetAAN7y/kW1vVYmz96qWWtJaxcsuhvjWqTb80sq7g4aYmg5RoJxav9wb
svHYrF3lCvl+aK0TyWiU6C1NcByOiWrwwXj8xcyLo31NOwZWULvej+OASnMo7Wxm
P7Ka1N6Ba0WihKLJJDtqV3K4LxWpTFuUx3koK+MOg6cQj1lAHvnyNBZkEdjz2iiP
Ma4UfC0e3kID+Vtg3+GriZViO47lP2lu3J0oLrhpieCxJzg0TAZzVam6KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQhBig3mY8XS2inu7BzlsMQAl3/MB8GA1UdIwQY
MBaAFO9YS1EdlqSubJYwAZf4T5ajr8JGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFoTFVSMldwSzVzbGpBQmxfaFBscU92d2tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84ZDZjYjAtMDM5Ni00ZjJiLWFlYzMt
NDdlMzA0OTgzMGIwLzEvTkNFR0tEZVpqeGRMYUtlN3NIT1d3eEFDWGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84ZDZjYjAtMDM5Ni00ZjJiLWFlYzMtNDdlMzA0OTgzMGIw
LzEvNzFoTFVSMldwSzVzbGpBQmxfaFBscU92d2tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgk8MA0G
CSqGSIb3DQEBCwUAA4IBAQAixCNuc9hu9EypfkFz4NZbgGJJqiVkBNJJu/95pjh2
8e3D7kOc1yI0CakiTam71OzrTh/cUp/rx9GB2oQxGzJMhLrQpWZI+NSSotICPyaY
z2ORW9qCK8a2iqTtoUtWzFgiGMONrcZx2Yq9CezfPEejH6FMpoZrcBt365jzZKb1
JK9oR17DRvts1ahouTHJFE0PEf/g463HpzBqHGXjcjoHOMC2MiAQrjifS3iqPRrp
mpa8w1TZXTXlKy+suPTntG6g0Ha6RiFZ2rq//kq/myXN7yOmK4e5J2vuzBsObZbH
Pi75/JMJveqMJ+eqEr442XSn0ACkmYhRbVs95gZkX+Zv
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:50:09 2025 by rpki-client