Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/NckSzwBhmPdzJPkEuWKVSw2g11A.roa
File: NckSzwBhmPdzJPkEuWKVSw2g11A.roa (raw, json)
Hash identifier: VU7qrb7LCFtNcm+UkNnpcn9mPtqmYZU6WZZHqTtbmds=
Subject key identifier: 35:C9:12:CF:00:61:98:F7:73:24:F9:04:B9:62:95:4B:0D:A0:D7:50
Certificate issuer: /CN=1404e18e8616705ec0f290e57ca829a82f5f96c2
Certificate serial: 018571D7B72F3E4F6270014ACF3080D1D0A6
Authority key identifier: 14:04:E1:8E:86:16:70:5E:C0:F2:90:E5:7C:A8:29:A8:2F:5F:96:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FAThjoYWcF7A8pDlfKgpqC9flsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/NckSzwBhmPdzJPkEuWKVSw2g11A.roa
Signing time: Mon 02 Jan 2023 09:37:20 +0000
ROA not before: Mon 02 Jan 2023 09:37:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50522
IP address blocks: 185.88.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b7:2f:3e:4f:62:70:01:4a:cf:30:80:d1:d0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1404e18e8616705ec0f290e57ca829a82f5f96c2
Validity
Not Before: Jan 2 09:37:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35c912cf006198f77324f904b962954b0da0d750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:25:d9:21:69:ad:1d:c8:0e:cd:f3:46:9a:05:
0f:29:e9:23:ea:fc:0f:e2:03:34:eb:fe:7a:f3:34:
d0:ff:c2:b9:04:d7:1f:99:f9:2f:8e:4a:ae:a1:fd:
1f:72:35:96:a2:eb:66:d5:3a:1e:f2:b1:e5:5c:dc:
bf:87:19:24:55:c3:0f:fc:16:39:c4:f8:6a:c9:53:
73:89:37:70:d8:d0:f7:13:42:36:fa:93:01:3e:f6:
59:98:78:0f:9d:a2:ed:7d:c4:f5:26:c8:ff:8a:44:
39:d2:6e:0e:cf:7e:60:15:9e:76:7f:63:9e:6b:07:
f7:af:af:d3:b6:2b:f2:b5:fe:35:16:47:44:5b:9e:
47:cc:64:24:fd:80:c5:3a:ad:bb:7c:cc:3c:dc:38:
92:78:14:7e:52:d9:28:00:a7:b3:d7:90:f5:38:9f:
40:96:f4:56:21:35:4b:7f:d7:14:c6:2a:e4:02:62:
e5:27:c1:c5:7f:08:17:91:82:27:fc:61:fe:b6:48:
1b:71:c8:f2:09:cc:07:bb:87:43:a6:e4:07:7a:01:
6f:5c:00:7b:4e:eb:1a:34:da:a1:b5:71:4d:04:1e:
a7:c1:f4:d6:e2:b6:47:9f:c6:93:83:68:11:61:97:
15:b7:e8:74:c9:83:f7:6c:0c:18:1d:6f:39:bc:e5:
21:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C9:12:CF:00:61:98:F7:73:24:F9:04:B9:62:95:4B:0D:A0:D7:50
X509v3 Authority Key Identifier:
keyid:14:04:E1:8E:86:16:70:5E:C0:F2:90:E5:7C:A8:29:A8:2F:5F:96:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAThjoYWcF7A8pDlfKgpqC9flsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/NckSzwBhmPdzJPkEuWKVSw2g11A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/FAThjoYWcF7A8pDlfKgpqC9flsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.188.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:73:02:57:77:c4:69:5e:f4:23:73:f7:41:9d:ff:dd:0e:d6:
12:e0:40:fd:c4:b9:e3:a4:03:84:04:5a:22:d2:e0:81:a4:31:
03:00:6f:ef:b8:88:08:4b:a7:f2:6a:52:6e:79:2b:2c:b7:a0:
7c:6a:ed:79:a9:8c:05:0c:84:44:a6:65:ca:0e:dd:2c:3a:df:
ec:79:72:60:2e:5c:a8:15:61:c5:7f:a4:4e:50:22:1e:29:04:
d6:fe:0c:d6:32:d7:56:e9:9c:e0:c7:ae:d7:19:be:9c:53:3f:
d5:c4:a8:ac:35:89:b5:04:e5:3a:9b:bb:78:56:cf:da:c0:cf:
54:c7:58:0f:b4:5c:e3:5d:86:cd:60:ca:17:77:15:4a:35:e3:
fa:13:e2:49:44:85:d7:33:d2:f2:e1:fd:c0:25:00:3d:21:d4:
bb:68:38:47:d4:71:d6:0f:3e:6f:79:14:fb:fd:f6:71:82:a2:
31:05:73:bd:67:ce:20:3b:c9:de:ec:0a:8c:9e:3f:ff:c1:cf:
7b:2d:8f:3e:6b:ad:20:44:5c:ac:15:1b:1a:7a:4d:66:66:68:
da:11:2c:fa:d1:8b:ee:f7:07:00:da:45:3a:36:e4:0b:a0:78:
05:15:0b:f1:7a:c8:bf:ce:cb:c2:cb:0e:d4:8c:7f:af:24:68:
cf:34:14:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx17cvPk9icAFKzzCA0dCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MDRlMThlODYxNjcwNWVjMGYyOTBlNTdjYTgyOWE4MmY1
Zjk2YzIwHhcNMjMwMTAyMDkzNzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWM5MTJjZjAwNjE5OGY3NzMyNGY5MDRiOTYyOTU0YjBkYTBkNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCXZIWmtHcgOzfNGmgUPKekj6vwP
4gM06/568zTQ/8K5BNcfmfkvjkquof0fcjWWoutm1Toe8rHlXNy/hxkkVcMP/BY5
xPhqyVNziTdw2ND3E0I2+pMBPvZZmHgPnaLtfcT1Jsj/ikQ50m4Oz35gFZ52f2Oe
awf3r6/Ttivytf41FkdEW55HzGQk/YDFOq27fMw83DiSeBR+UtkoAKez15D1OJ9A
lvRWITVLf9cUxirkAmLlJ8HFfwgXkYIn/GH+tkgbccjyCcwHu4dDpuQHegFvXAB7
TusaNNqhtXFNBB6nwfTW4rZHn8aTg2gRYZcVt+h0yYP3bAwYHW85vOUh0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXJEs8AYZj3cyT5BLlilUsNoNdQMB8GA1UdIwQY
MBaAFBQE4Y6GFnBewPKQ5XyoKagvX5bCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkFUaGpvWVdjRjdBOHBEbGZLZ3BxQzlmbHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jYmJlZGMtYjdiYy00MjU1LWJjNDEt
ZTM2ZThkMjkzYWUwLzEvTmNrU3p3QmhtUGR6SlBrRXVXS1ZTdzJnMTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jYmJlZGMtYjdiYy00MjU1LWJjNDEtZTM2ZThkMjkzYWUw
LzEvRkFUaGpvWVdjRjdBOHBEbGZLZ3BxQzlmbHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVi8MA0G
CSqGSIb3DQEBCwUAA4IBAQAfcwJXd8RpXvQjc/dBnf/dDtYS4ED9xLnjpAOEBFoi
0uCBpDEDAG/vuIgIS6fyalJueSsst6B8au15qYwFDIREpmXKDt0sOt/seXJgLlyo
FWHFf6ROUCIeKQTW/gzWMtdW6Zzgx67XGb6cUz/VxKisNYm1BOU6m7t4Vs/awM9U
x1gPtFzjXYbNYMoXdxVKNeP6E+JJRIXXM9Ly4f3AJQA9IdS7aDhH1HHWDz5veRT7
/fZxgqIxBXO9Z84gO8ne7AqMnj//wc97LY8+a60gRFysFRsaek1mZmjaESz60Yvu
9wcA2kU6NuQLoHgFFQvxesi/zsvCyw7UjH+vJGjPNBSH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:52 2025 by rpki-client