Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/427456-4957-4d33-9c64-16f4057fac26/1/cNMY-7ZmjzQggxd21jecehmhXvQ.roa
File: cNMY-7ZmjzQggxd21jecehmhXvQ.roa (raw, json)
Hash identifier: mZR1EH/TeeYwTYfnXD0bfnu+1jOhvOpgyfXbxCa9bZg=
Subject key identifier: 70:D3:18:FB:B6:66:8F:34:20:83:17:76:D6:37:9C:7A:19:A1:5E:F4
Certificate issuer: /CN=1bcd9cd3160399c1e3c80cf074867a729f7dd4f9
Certificate serial: 018570951D575EE8675A898D33A99721682D
Authority key identifier: 1B:CD:9C:D3:16:03:99:C1:E3:C8:0C:F0:74:86:7A:72:9F:7D:D4:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G82c0xYDmcHjyAzwdIZ6cp991Pk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/427456-4957-4d33-9c64-16f4057fac26/1/cNMY-7ZmjzQggxd21jecehmhXvQ.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204760
IP address blocks: 194.56.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1d:57:5e:e8:67:5a:89:8d:33:a9:97:21:68:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bcd9cd3160399c1e3c80cf074867a729f7dd4f9
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70d318fbb6668f3420831776d6379c7a19a15ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3a:8f:80:0f:9f:bf:ac:7c:a3:eb:c3:55:7e:
6f:8d:29:a2:be:fc:87:72:8a:89:67:81:cc:53:f3:
cb:af:62:5c:c1:da:b4:76:1c:f6:9c:23:c2:37:73:
09:13:c2:d5:7f:54:db:52:f2:bf:a2:06:de:8c:fb:
e7:fe:0b:49:fd:04:60:81:d5:4d:99:52:e4:82:f6:
05:d1:29:93:c2:74:fa:96:49:65:f1:af:ac:91:56:
fd:cd:24:29:f8:f6:80:a7:71:f2:1d:c9:01:89:7e:
60:c0:cc:dd:49:7d:03:e1:38:2a:fe:d9:f7:bd:cf:
63:ad:36:f2:9d:b7:3a:55:cd:ed:02:80:57:2d:96:
f3:61:cc:07:87:2d:61:ef:ee:50:9c:39:41:89:86:
21:21:ff:16:1e:32:27:62:ac:87:cd:3f:87:fc:ed:
7a:a3:e1:c7:b2:4f:fc:8f:a8:90:17:ec:70:1c:d7:
c9:b8:0f:1c:51:e1:f0:48:bf:06:7c:b0:19:ab:52:
96:e3:a9:6e:93:e4:03:9c:23:08:a2:68:5f:b6:2c:
95:8e:a7:3c:ad:96:cc:3c:0a:7c:3a:60:bc:aa:14:
3e:86:d7:13:a1:da:bb:c6:0a:7f:2c:8d:cd:eb:60:
b6:93:73:03:31:77:47:6f:ae:cb:5a:81:d7:47:57:
8e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D3:18:FB:B6:66:8F:34:20:83:17:76:D6:37:9C:7A:19:A1:5E:F4
X509v3 Authority Key Identifier:
keyid:1B:CD:9C:D3:16:03:99:C1:E3:C8:0C:F0:74:86:7A:72:9F:7D:D4:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G82c0xYDmcHjyAzwdIZ6cp991Pk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/427456-4957-4d33-9c64-16f4057fac26/1/cNMY-7ZmjzQggxd21jecehmhXvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/427456-4957-4d33-9c64-16f4057fac26/1/G82c0xYDmcHjyAzwdIZ6cp991Pk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.88.0/22
Signature Algorithm: sha256WithRSAEncryption
71:aa:5e:bd:bc:53:0f:1a:f9:db:c5:11:ca:bf:f4:4d:4e:53:
30:7b:83:35:88:e1:9d:80:26:e5:47:aa:35:68:2d:00:f2:f8:
69:17:09:b2:bb:84:48:59:79:e4:00:d7:ac:5a:b2:dd:97:1f:
09:63:42:b5:07:ad:50:db:77:5a:55:f9:8e:f1:36:48:fd:69:
0d:93:77:e9:6f:be:50:bb:c7:67:23:87:30:ca:b0:3b:d2:1a:
7f:8c:3e:88:4d:57:ca:c9:48:27:7a:4b:c5:f0:94:a5:73:1a:
d0:b9:73:84:aa:3d:40:a5:44:92:22:9f:0a:dc:6f:47:0e:65:
5a:a0:a7:34:5d:98:62:2d:da:4b:b0:b7:6d:13:f5:5c:c0:19:
a2:90:90:50:fc:4e:cb:d6:5f:28:45:35:b2:17:4e:5b:87:93:
78:9d:1c:c0:95:17:11:89:dd:d1:65:3e:9d:70:b8:ea:81:da:
47:98:86:69:bc:b7:e5:f9:9f:51:64:e8:83:5b:6c:ab:5f:7c:
00:a9:5b:18:53:39:ba:85:57:37:82:68:fc:a5:4d:ad:5c:11:
fb:da:36:23:3d:60:02:dd:98:12:2b:69:6f:4a:97:2e:d8:c4:
ad:d5:48:54:31:3e:72:12:33:59:da:11:cc:6b:25:9b:24:06:
a4:8f:65:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlR1XXuhnWomNM6mXIWgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiY2Q5Y2QzMTYwMzk5YzFlM2M4MGNmMDc0ODY3YTcyOWY3
ZGQ0ZjkwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQzMThmYmI2NjY4ZjM0MjA4MzE3NzZkNjM3OWM3YTE5YTE1ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTqPgA+fv6x8o+vDVX5vjSmivvyH
coqJZ4HMU/PLr2Jcwdq0dhz2nCPCN3MJE8LVf1TbUvK/ogbejPvn/gtJ/QRggdVN
mVLkgvYF0SmTwnT6lkll8a+skVb9zSQp+PaAp3HyHckBiX5gwMzdSX0D4Tgq/tn3
vc9jrTbynbc6Vc3tAoBXLZbzYcwHhy1h7+5QnDlBiYYhIf8WHjInYqyHzT+H/O16
o+HHsk/8j6iQF+xwHNfJuA8cUeHwSL8GfLAZq1KW46luk+QDnCMIomhftiyVjqc8
rZbMPAp8OmC8qhQ+htcTodq7xgp/LI3N62C2k3MDMXdHb67LWoHXR1eOlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDTGPu2Zo80IIMXdtY3nHoZoV70MB8GA1UdIwQY
MBaAFBvNnNMWA5nB48gM8HSGenKffdT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzgyYzB4WURtY0hqeUF6d2RJWjZjcDk5MVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80Mjc0NTYtNDk1Ny00ZDMzLTljNjQt
MTZmNDA1N2ZhYzI2LzEvY05NWS03Wm1qelFnZ3hkMjFqZWNlaG1oWHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80Mjc0NTYtNDk1Ny00ZDMzLTljNjQtMTZmNDA1N2ZhYzI2
LzEvRzgyYzB4WURtY0hqeUF6d2RJWjZjcDk5MVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjhYMA0G
CSqGSIb3DQEBCwUAA4IBAQBxql69vFMPGvnbxRHKv/RNTlMwe4M1iOGdgCblR6o1
aC0A8vhpFwmyu4RIWXnkANesWrLdlx8JY0K1B61Q23daVfmO8TZI/WkNk3fpb75Q
u8dnI4cwyrA70hp/jD6ITVfKyUgnekvF8JSlcxrQuXOEqj1ApUSSIp8K3G9HDmVa
oKc0XZhiLdpLsLdtE/VcwBmikJBQ/E7L1l8oRTWyF05bh5N4nRzAlRcRid3RZT6d
cLjqgdpHmIZpvLfl+Z9RZOiDW2yrX3wAqVsYUzm6hVc3gmj8pU2tXBH72jYjPWAC
3ZgSK2lvSpcu2MSt1UhUMT5yEjNZ2hHMayWbJAakj2Wa
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:24 2025 by rpki-client