Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/ngFgxlfAC376dH3HlknCciG5oDQ.roa
File: ngFgxlfAC376dH3HlknCciG5oDQ.roa (raw, json)
Hash identifier: d3GPSC0CxHpLVP1IO60OS9hR2aRBzFy0khb/NmMqDIY=
Subject key identifier: 9E:01:60:C6:57:C0:0B:7E:FA:74:7D:C7:96:49:C2:72:21:B9:A0:34
Certificate issuer: /CN=d4474c1c06cbfde94614d65c7d05f614a6e23998
Certificate serial: 018572FA5A8EBB197E8A2C5785AC1A92630D
Authority key identifier: D4:47:4C:1C:06:CB:FD:E9:46:14:D6:5C:7D:05:F6:14:A6:E2:39:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EdMHAbL_elGFNZcfQX2FKbiOZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/ngFgxlfAC376dH3HlknCciG5oDQ.roa
Signing time: Mon 02 Jan 2023 14:54:47 +0000
ROA not before: Mon 02 Jan 2023 14:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201926
IP address blocks: 185.59.120.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5a:8e:bb:19:7e:8a:2c:57:85:ac:1a:92:63:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4474c1c06cbfde94614d65c7d05f614a6e23998
Validity
Not Before: Jan 2 14:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e0160c657c00b7efa747dc79649c27221b9a034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e2:f3:b9:32:e4:d7:44:2a:d8:3b:c4:4b:ba:
22:a0:c2:6b:ec:e7:cd:da:09:f0:60:06:87:ae:f0:
91:92:2f:73:36:84:4a:97:86:96:23:b3:9c:65:dc:
a9:99:4d:d7:26:8c:35:e0:c3:f7:ee:65:51:3d:26:
83:18:9f:7b:86:39:42:72:4a:5b:9a:e9:de:14:b7:
8c:86:3f:23:94:3d:34:ef:0e:95:b3:6b:a9:bf:f0:
e6:d4:b0:ce:26:ae:09:99:4f:f4:b7:3e:2f:50:cc:
0d:2c:a8:44:63:0e:70:fa:2e:03:25:36:bd:74:93:
9b:81:34:f1:94:71:36:9f:cc:8f:20:33:d9:4b:d3:
07:36:12:9a:b1:76:2f:db:f6:aa:e7:bd:cb:2e:23:
12:c1:ed:e1:89:20:86:48:b3:21:02:a0:de:27:88:
ee:e9:c9:05:3d:4f:3b:89:b8:9e:39:fb:c4:0d:6f:
90:07:c1:56:7c:e4:98:2e:43:fe:68:a0:86:5f:17:
d4:ba:1d:81:04:87:63:3e:0c:57:b7:60:1d:40:e3:
1b:6b:30:bf:eb:69:e0:95:f9:78:8e:a3:d6:15:94:
32:25:dd:94:2b:62:1c:ff:48:b8:4e:21:f3:9b:cb:
58:a7:91:37:7f:13:29:ed:40:bb:41:63:9b:6e:f9:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:01:60:C6:57:C0:0B:7E:FA:74:7D:C7:96:49:C2:72:21:B9:A0:34
X509v3 Authority Key Identifier:
keyid:D4:47:4C:1C:06:CB:FD:E9:46:14:D6:5C:7D:05:F6:14:A6:E2:39:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EdMHAbL_elGFNZcfQX2FKbiOZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/ngFgxlfAC376dH3HlknCciG5oDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d75759-8dcb-4532-8bfe-5b688acdb676/1/1EdMHAbL_elGFNZcfQX2FKbiOZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.120.0/22
Signature Algorithm: sha256WithRSAEncryption
12:bf:11:e6:8f:84:3f:3d:7e:82:79:3e:f1:83:f5:cc:ad:32:
31:6a:0d:d6:c0:6c:c6:0c:be:a6:01:43:e6:f0:00:a8:57:47:
15:04:42:7c:29:17:63:f3:77:65:f2:c0:8d:d8:1b:1e:75:4d:
42:de:15:97:61:db:5a:e7:e3:ec:9a:ab:ac:e0:10:64:a3:b4:
80:bf:2d:66:c7:f2:b3:ca:e9:e8:65:dd:db:40:22:00:98:64:
ee:cb:7d:84:bd:db:94:46:b4:e2:6a:fa:5d:e0:bf:b3:28:56:
c9:1e:91:e5:70:3d:b1:3b:39:d3:99:a3:ac:04:ce:12:b9:22:
25:5d:6e:1f:9d:df:ed:62:db:01:8c:b1:b8:cf:00:0f:d9:d4:
0d:51:4f:fe:18:85:de:ae:13:85:03:b8:fc:72:4d:28:52:53:
a8:b4:d9:45:24:8a:54:17:6b:aa:0e:f9:30:5b:d5:44:96:e0:
ec:40:4e:4b:e7:05:ca:08:79:1d:2b:3c:b8:8b:92:6d:a4:e8:
b0:93:3e:fe:86:19:92:84:38:11:d4:c3:ef:29:c9:d3:38:b5:
28:57:78:22:7b:7c:5f:9f:08:e4:2e:e4:99:24:8f:61:b2:3b:
a3:3b:5d:0b:34:04:d9:17:e7:ad:15:9b:d9:27:a1:6d:0c:c3:
c2:59:5d:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+lqOuxl+iixXhawakmMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc0YzFjMDZjYmZkZTk0NjE0ZDY1YzdkMDVmNjE0YTZl
MjM5OTgwHhcNMjMwMTAyMTQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTAxNjBjNjU3YzAwYjdlZmE3NDdkYzc5NjQ5YzI3MjIxYjlhMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuLzuTLk10Qq2DvES7oioMJr7OfN
2gnwYAaHrvCRki9zNoRKl4aWI7OcZdypmU3XJow14MP37mVRPSaDGJ97hjlCckpb
muneFLeMhj8jlD007w6Vs2upv/Dm1LDOJq4JmU/0tz4vUMwNLKhEYw5w+i4DJTa9
dJObgTTxlHE2n8yPIDPZS9MHNhKasXYv2/aq573LLiMSwe3hiSCGSLMhAqDeJ4ju
6ckFPU87ibieOfvEDW+QB8FWfOSYLkP+aKCGXxfUuh2BBIdjPgxXt2AdQOMbazC/
62nglfl4jqPWFZQyJd2UK2Ic/0i4TiHzm8tYp5E3fxMp7UC7QWObbvkZBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4BYMZXwAt++nR9x5ZJwnIhuaA0MB8GA1UdIwQY
MBaAFNRHTBwGy/3pRhTWXH0F9hSm4jmYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVkTUhBYkxfZWxHRk5aY2ZRWDJGS2JpT1pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kNzU3NTktOGRjYi00NTMyLThiZmUt
NWI2ODhhY2RiNjc2LzEvbmdGZ3hsZkFDMzc2ZEgzSGxrbkNjaUc1b0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kNzU3NTktOGRjYi00NTMyLThiZmUtNWI2ODhhY2RiNjc2
LzEvMUVkTUhBYkxfZWxHRk5aY2ZRWDJGS2JpT1pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTt4MA0G
CSqGSIb3DQEBCwUAA4IBAQASvxHmj4Q/PX6CeT7xg/XMrTIxag3WwGzGDL6mAUPm
8ACoV0cVBEJ8KRdj83dl8sCN2BsedU1C3hWXYdta5+Psmqus4BBko7SAvy1mx/Kz
yunoZd3bQCIAmGTuy32EvduURrTiavpd4L+zKFbJHpHlcD2xOznTmaOsBM4SuSIl
XW4fnd/tYtsBjLG4zwAP2dQNUU/+GIXerhOFA7j8ck0oUlOotNlFJIpUF2uqDvkw
W9VEluDsQE5L5wXKCHkdKzy4i5JtpOiwkz7+hhmShDgR1MPvKcnTOLUoV3gie3xf
nwjkLuSZJI9hsjujO10LNATZF+etFZvZJ6FtDMPCWV3h
-----END CERTIFICATE-----
Generated at Wed Apr 16 08:21:08 2025 by rpki-client