Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/3c9878-fc2f-40c6-b482-4d7f4cba7867/1/nkOLb1a45ySYWMBvQ-bvhQmc5tc.roa
File: nkOLb1a45ySYWMBvQ-bvhQmc5tc.roa (raw, json)
Hash identifier: 6nHk9Yvem+j4RdG1Xv5sqTj6a4AA3Ij7jexsnI5F6VY=
Subject key identifier: 9E:43:8B:6F:56:B8:E7:24:98:58:C0:6F:43:E6:EF:85:09:9C:E6:D7
Certificate issuer: /CN=0d613fe9844a63439eae8a1aa0c3ca8c60b45d45
Certificate serial: 01856C4137AF3B490E240D6B86379E27C4A7
Authority key identifier: 0D:61:3F:E9:84:4A:63:43:9E:AE:8A:1A:A0:C3:CA:8C:60:B4:5D:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWE_6YRKY0OerooaoMPKjGC0XUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/3c9878-fc2f-40c6-b482-4d7f4cba7867/1/nkOLb1a45ySYWMBvQ-bvhQmc5tc.roa
Signing time: Sun 01 Jan 2023 07:34:51 +0000
ROA not before: Sun 01 Jan 2023 07:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210172
IP address blocks: 194.53.178.0/24 maxlen: 24
194.53.179.0/24 maxlen: 24
194.53.176.0/22 maxlen: 22
194.53.176.0/24 maxlen: 24
194.53.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:37:af:3b:49:0e:24:0d:6b:86:37:9e:27:c4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d613fe9844a63439eae8a1aa0c3ca8c60b45d45
Validity
Not Before: Jan 1 07:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e438b6f56b8e7249858c06f43e6ef85099ce6d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c6:54:d3:91:68:c5:ab:34:d5:f7:45:df:06:
c3:fb:4e:13:63:07:4b:23:c2:9a:90:97:87:50:02:
32:1a:cb:07:45:cd:ed:c0:e9:29:c9:d5:98:41:b8:
60:9a:09:95:83:58:42:f3:5c:8a:12:b0:f6:fc:47:
5f:3f:65:0f:29:98:09:48:61:9c:a3:9b:cd:11:95:
ba:d5:eb:96:89:64:ee:f7:8f:f0:20:49:16:38:34:
26:65:e1:36:27:f8:9b:37:71:ca:82:31:49:a6:3f:
d3:c2:58:0b:ef:d3:05:5b:0e:af:23:4a:2a:12:ec:
cc:92:6f:d4:86:53:86:61:e3:ff:c5:94:1f:29:32:
74:e4:88:56:d1:ed:af:c4:2b:fe:ee:8b:a0:a2:44:
d3:28:49:e6:24:9c:d7:c5:56:86:ac:70:f6:2a:c7:
db:ea:c6:4d:cb:65:97:52:79:45:c1:31:83:59:3a:
e6:f2:a8:48:27:69:26:b3:a5:d5:0e:00:c0:3f:e3:
02:43:25:86:1b:4c:41:e3:67:5a:b7:2c:90:51:54:
0d:8a:85:cb:22:ce:11:d7:df:66:df:58:d9:e7:91:
92:f8:d3:99:f6:a4:af:a6:01:4a:21:ae:2c:a1:f4:
18:8b:67:d8:d1:cd:22:21:40:e7:93:37:11:e8:2d:
83:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:43:8B:6F:56:B8:E7:24:98:58:C0:6F:43:E6:EF:85:09:9C:E6:D7
X509v3 Authority Key Identifier:
keyid:0D:61:3F:E9:84:4A:63:43:9E:AE:8A:1A:A0:C3:CA:8C:60:B4:5D:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWE_6YRKY0OerooaoMPKjGC0XUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3c9878-fc2f-40c6-b482-4d7f4cba7867/1/nkOLb1a45ySYWMBvQ-bvhQmc5tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/3c9878-fc2f-40c6-b482-4d7f4cba7867/1/DWE_6YRKY0OerooaoMPKjGC0XUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.176.0/22
Signature Algorithm: sha256WithRSAEncryption
58:1a:0b:e2:a6:0a:5d:ae:e2:01:cb:25:44:8a:2b:7a:c1:fa:
7f:f8:01:d2:62:c4:72:2e:fd:73:d6:fd:ff:de:8d:76:e3:26:
b7:91:fe:7a:d6:d0:9e:bd:f7:1f:5d:ea:0b:31:1a:7b:f7:40:
0d:29:9c:4f:db:c0:61:3d:15:a6:18:13:cc:08:4b:5e:26:15:
79:7b:ed:a0:e2:8f:da:64:45:30:1f:5b:91:3a:d0:8e:53:55:
59:78:1e:70:70:2c:52:25:80:f8:1b:18:d1:a9:96:b9:21:23:
8d:9b:1f:c1:56:d9:7d:6c:ef:4d:ba:95:52:59:7e:44:1d:c9:
3a:98:a6:6d:69:6e:3c:5f:be:ea:40:19:b4:0b:33:59:7a:54:
25:4f:38:e2:e7:46:7a:0b:cd:ec:62:49:74:3d:92:23:ce:e6:
b2:74:88:f9:c5:13:65:9b:17:bd:32:73:33:d2:2c:9c:ec:24:
bd:75:31:38:63:c9:9f:0c:93:35:af:61:23:d4:34:d0:d6:00:
67:c5:91:39:9a:b3:72:69:43:69:6d:23:9b:ae:fe:b3:81:26:
8b:d0:91:a0:f7:1d:6a:ac:49:35:34:ec:24:66:34:1b:32:86:
f9:47:51:58:2a:c9:85:1e:c3:f0:8f:a2:0b:b0:1c:05:4e:92:
58:8c:cb:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQTevO0kOJA1rhjeeJ8SnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjEzZmU5ODQ0YTYzNDM5ZWFlOGExYWEwYzNjYThjNjBi
NDVkNDUwHhcNMjMwMTAxMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQzOGI2ZjU2YjhlNzI0OTg1OGMwNmY0M2U2ZWY4NTA5OWNlNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcZU05Foxas01fdF3wbD+04TYwdL
I8KakJeHUAIyGssHRc3twOkpydWYQbhgmgmVg1hC81yKErD2/EdfP2UPKZgJSGGc
o5vNEZW61euWiWTu94/wIEkWODQmZeE2J/ibN3HKgjFJpj/TwlgL79MFWw6vI0oq
EuzMkm/UhlOGYeP/xZQfKTJ05IhW0e2vxCv+7ougokTTKEnmJJzXxVaGrHD2Ksfb
6sZNy2WXUnlFwTGDWTrm8qhIJ2kms6XVDgDAP+MCQyWGG0xB42datyyQUVQNioXL
Is4R199m31jZ55GS+NOZ9qSvpgFKIa4sofQYi2fY0c0iIUDnkzcR6C2DPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5Di29WuOckmFjAb0Pm74UJnObXMB8GA1UdIwQY
MBaAFA1hP+mESmNDnq6KGqDDyoxgtF1FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFdFXzZZUktZME9lcm9vYW9NUEtqR0MwWFVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8zYzk4NzgtZmMyZi00MGM2LWI0ODIt
NGQ3ZjRjYmE3ODY3LzEvbmtPTGIxYTQ1eVNZV01CdlEtYnZoUW1jNXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8zYzk4NzgtZmMyZi00MGM2LWI0ODItNGQ3ZjRjYmE3ODY3
LzEvRFdFXzZZUktZME9lcm9vYW9NUEtqR0MwWFVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjWwMA0G
CSqGSIb3DQEBCwUAA4IBAQBYGgvipgpdruIByyVEiit6wfp/+AHSYsRyLv1z1v3/
3o124ya3kf561tCevfcfXeoLMRp790ANKZxP28BhPRWmGBPMCEteJhV5e+2g4o/a
ZEUwH1uROtCOU1VZeB5wcCxSJYD4GxjRqZa5ISONmx/BVtl9bO9NupVSWX5EHck6
mKZtaW48X77qQBm0CzNZelQlTzji50Z6C83sYkl0PZIjzuaydIj5xRNlmxe9MnMz
0iyc7CS9dTE4Y8mfDJM1r2Ej1DTQ1gBnxZE5mrNyaUNpbSObrv6zgSaL0JGg9x1q
rEk1NOwkZjQbMob5R1FYKsmFHsPwj6ILsBwFTpJYjMsF
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:43 2025 by rpki-client