Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/NCIPhqvklzpsDmAajxJ79ZobByA.roa
File: NCIPhqvklzpsDmAajxJ79ZobByA.roa (raw, json)
Hash identifier: NKTZsFDLg52rWw+3Y4Te9chB8ql9+nUOR3riHrzid7w=
Subject key identifier: 34:22:0F:86:AB:E4:97:3A:6C:0E:60:1A:8F:12:7B:F5:9A:1B:07:20
Certificate issuer: /CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Certificate serial: 01856E2FCD034336F7309EDC6278BA47D2D1
Authority key identifier: 81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/NCIPhqvklzpsDmAajxJ79ZobByA.roa
Signing time: Sun 01 Jan 2023 16:35:04 +0000
ROA not before: Sun 01 Jan 2023 16:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45043
IP address blocks: 195.64.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:cd:03:43:36:f7:30:9e:dc:62:78:ba:47:d2:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81fa48f40bc84540c46bd23be9b90897aa184f4d
Validity
Not Before: Jan 1 16:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34220f86abe4973a6c0e601a8f127bf59a1b0720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d1:97:c2:42:f7:d2:dd:6f:7b:7f:b8:19:6f:
06:b5:a7:9a:86:f1:ce:71:06:4c:b6:53:c9:a7:da:
2d:49:2f:12:f3:2e:39:96:ef:51:68:74:8c:d4:e9:
49:c3:01:da:1c:0a:ad:c2:bb:46:7b:06:0e:24:09:
6e:e5:b7:68:b1:d7:db:78:98:0d:eb:2e:a9:69:f5:
5f:04:37:64:b2:00:a8:bd:79:2b:ab:b4:9f:12:57:
22:b6:59:69:6f:46:e4:70:6b:59:aa:2d:a5:c1:b9:
ec:99:13:1b:80:76:7d:54:f1:87:e1:41:4c:3b:45:
0f:3a:06:2d:63:cf:d6:af:a1:c5:88:4f:90:b5:aa:
27:5c:dc:9b:d1:4b:45:9c:69:b0:1e:03:86:45:0f:
88:ed:74:99:4f:98:9d:47:54:b5:fa:0b:d5:ec:f2:
d9:31:a7:5c:e4:40:0f:96:48:3a:e4:8e:e7:03:3c:
ae:cd:89:13:12:7f:f2:a4:88:e4:0f:8d:e8:7a:36:
76:85:35:d8:e7:ac:59:1e:94:c7:89:18:07:0b:c2:
29:24:f1:46:a6:c6:26:09:09:21:46:65:34:c6:d6:
ea:09:1a:c1:f1:49:ad:4a:9c:c1:e2:a4:45:f0:cb:
9d:b1:a1:4f:0b:7f:d1:fd:46:d7:06:a7:0c:68:1a:
91:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:22:0F:86:AB:E4:97:3A:6C:0E:60:1A:8F:12:7B:F5:9A:1B:07:20
X509v3 Authority Key Identifier:
keyid:81:FA:48:F4:0B:C8:45:40:C4:6B:D2:3B:E9:B9:08:97:AA:18:4F:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gfpI9AvIRUDEa9I76bkIl6oYT00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/NCIPhqvklzpsDmAajxJ79ZobByA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/146078-f9b2-4163-af1a-8e93cb5c5355/1/gfpI9AvIRUDEa9I76bkIl6oYT00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.244.0/22
Signature Algorithm: sha256WithRSAEncryption
05:fa:ce:b9:bb:47:92:3a:26:dd:13:6d:66:0a:ac:8e:c4:67:
02:b1:70:37:a6:05:30:15:c0:c7:31:f5:fb:c9:66:89:97:49:
74:0d:6c:af:c9:d1:32:17:2d:2a:47:a6:a7:46:23:b0:de:32:
24:b7:31:3a:4b:8c:fd:cf:8a:1c:a0:92:5a:30:b4:7e:c3:ec:
71:fe:8d:d0:cb:9b:de:f4:97:7a:e0:ff:29:e2:4a:59:95:fa:
46:b9:f6:2f:58:57:05:ee:3a:51:1d:8c:8f:fa:1d:98:83:5c:
9f:6a:4d:78:49:69:ca:cf:03:6c:0f:ed:5c:3f:fc:ee:77:84:
bb:36:ca:15:42:70:e4:6c:6b:07:5e:27:bf:65:9d:72:a4:11:
a1:36:4f:51:86:87:7a:c6:1c:c2:66:04:54:9b:af:a1:45:ba:
b1:0e:e9:98:38:f0:ba:dc:01:3b:97:88:4a:b3:db:38:8c:ec:
a7:42:bf:7f:07:32:c2:f6:3e:bf:2f:d0:ce:d2:b1:ab:c7:e3:
47:0a:f8:c0:5f:42:4d:38:a1:6f:b5:15:28:87:8e:43:ed:bf:
13:ab:62:b6:7a:db:00:4c:6e:49:a1:ce:47:6b:3a:65:a6:51:
58:fe:cc:0e:66:4f:31:ec:c3:56:5b:fb:d0:93:18:13:73:9b:
28:5c:0d:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL80DQzb3MJ7cYni6R9LRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZmE0OGY0MGJjODQ1NDBjNDZiZDIzYmU5YjkwODk3YWEx
ODRmNGQwHhcNMjMwMTAxMTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDIyMGY4NmFiZTQ5NzNhNmMwZTYwMWE4ZjEyN2JmNTlhMWIwNzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNGXwkL30t1ve3+4GW8GtaeahvHO
cQZMtlPJp9otSS8S8y45lu9RaHSM1OlJwwHaHAqtwrtGewYOJAlu5bdosdfbeJgN
6y6pafVfBDdksgCovXkrq7SfElcitllpb0bkcGtZqi2lwbnsmRMbgHZ9VPGH4UFM
O0UPOgYtY8/Wr6HFiE+QtaonXNyb0UtFnGmwHgOGRQ+I7XSZT5idR1S1+gvV7PLZ
Madc5EAPlkg65I7nAzyuzYkTEn/ypIjkD43oejZ2hTXY56xZHpTHiRgHC8IpJPFG
psYmCQkhRmU0xtbqCRrB8UmtSpzB4qRF8MudsaFPC3/R/UbXBqcMaBqRbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQiD4ar5Jc6bA5gGo8Se/WaGwcgMB8GA1UdIwQY
MBaAFIH6SPQLyEVAxGvSO+m5CJeqGE9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEt
OGU5M2NiNWM1MzU1LzEvTkNJUGhxdmtsenBzRG1BYWp4Sjc5Wm9iQnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8xNDYwNzgtZjliMi00MTYzLWFmMWEtOGU5M2NiNWM1MzU1
LzEvZ2ZwSTlBdklSVURFYTlJNzZia0lsNm9ZVDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0D0MA0G
CSqGSIb3DQEBCwUAA4IBAQAF+s65u0eSOibdE21mCqyOxGcCsXA3pgUwFcDHMfX7
yWaJl0l0DWyvydEyFy0qR6anRiOw3jIktzE6S4z9z4ocoJJaMLR+w+xx/o3Qy5ve
9Jd64P8p4kpZlfpGufYvWFcF7jpRHYyP+h2Yg1yfak14SWnKzwNsD+1cP/zud4S7
NsoVQnDkbGsHXie/ZZ1ypBGhNk9Rhod6xhzCZgRUm6+hRbqxDumYOPC63AE7l4hK
s9s4jOynQr9/BzLC9j6/L9DO0rGrx+NHCvjAX0JNOKFvtRUoh45D7b8Tq2K2etsA
TG5Joc5HazplplFY/swOZk8x7MNWW/vQkxgTc5soXA2j
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:53 2025 by rpki-client