Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/nHqgBnSWYjjviBQfjkhTYqkfEDs.roa
File: nHqgBnSWYjjviBQfjkhTYqkfEDs.roa (raw, json)
Hash identifier: xYBYU2Wk8Ze5/T7MEZ2tMK4GmUmV7JSDxEidjFVQU7k=
Subject key identifier: 9C:7A:A0:06:74:96:62:38:EF:88:14:1F:8E:48:53:62:A9:1F:10:3B
Certificate issuer: /CN=0bb1d0f2c3d21e54c4d18127604435a90f24db51
Certificate serial: 0187BDDDC8DAD6F369E155FB3A666A3CB2E3
Authority key identifier: 0B:B1:D0:F2:C3:D2:1E:54:C4:D1:81:27:60:44:35:A9:0F:24:DB:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7HQ8sPSHlTE0YEnYEQ1qQ8k21E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/nHqgBnSWYjjviBQfjkhTYqkfEDs.roa
Signing time: Wed 26 Apr 2023 14:00:41 +0000
ROA not before: Wed 26 Apr 2023 14:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49868
IP address blocks: 193.201.124.0/24 maxlen: 24
193.201.124.0/23 maxlen: 23
193.201.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bd:dd:c8:da:d6:f3:69:e1:55:fb:3a:66:6a:3c:b2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb1d0f2c3d21e54c4d18127604435a90f24db51
Validity
Not Before: Apr 26 14:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c7aa00674966238ef88141f8e485362a91f103b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6e:1b:42:0c:23:6c:e3:66:72:26:22:38:ea:
6f:14:c9:01:ff:cc:57:a4:e2:c8:58:a2:1c:04:fc:
4b:cf:8e:ae:50:5d:8a:2d:a9:d7:0a:43:bc:03:d5:
cf:e2:fc:82:6f:cd:d4:ab:b7:4c:9d:a8:6b:31:bf:
3e:f9:ff:49:81:73:bc:b1:9b:81:63:27:7b:0b:92:
e0:03:cd:07:1f:11:89:8b:58:0a:0a:cc:cb:08:16:
f9:5f:ac:7b:ed:f1:f5:4a:e6:e9:28:61:40:45:e6:
68:c9:9b:ba:49:5f:70:49:cf:f1:ee:74:81:53:f1:
2a:3f:4f:06:9f:b2:d5:21:b7:77:63:e5:a3:94:4e:
14:76:95:de:77:0a:4b:f7:18:37:81:95:9b:45:4c:
d9:99:fc:44:20:ea:3c:c0:ca:3f:74:df:00:c1:7e:
20:fe:c5:01:a0:59:c6:de:e5:86:3b:aa:4f:e9:30:
0d:ab:df:a5:25:90:5f:6d:d8:5c:97:d5:6e:50:3a:
df:fe:c6:b2:75:4e:ec:31:bc:67:8c:41:49:9e:cf:
0b:5b:19:73:3a:96:09:15:5e:f0:1f:6a:a0:e6:38:
86:dc:85:55:19:99:79:92:da:08:3a:4f:03:22:4a:
66:1b:fa:ac:7e:d1:5a:92:01:ce:14:b9:e3:0e:43:
66:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:7A:A0:06:74:96:62:38:EF:88:14:1F:8E:48:53:62:A9:1F:10:3B
X509v3 Authority Key Identifier:
keyid:0B:B1:D0:F2:C3:D2:1E:54:C4:D1:81:27:60:44:35:A9:0F:24:DB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7HQ8sPSHlTE0YEnYEQ1qQ8k21E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/nHqgBnSWYjjviBQfjkhTYqkfEDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/e8b95d-c4f9-462e-8274-799f7f456160/1/C7HQ8sPSHlTE0YEnYEQ1qQ8k21E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.124.0/23
Signature Algorithm: sha256WithRSAEncryption
28:cd:96:97:c1:3e:aa:fa:3f:11:8a:ac:c6:7a:33:35:9d:14:
b3:4d:14:0f:7d:75:ff:6a:4b:d0:0a:db:ab:ae:72:26:39:9a:
6c:e1:92:44:b0:ef:e9:41:0f:6f:3b:1a:f8:e0:e9:41:80:f5:
01:84:c0:56:e3:d8:cb:be:cb:3b:f1:2a:14:b9:49:e9:ec:2d:
9f:a3:3f:ca:26:f4:d7:51:71:e9:14:5b:50:36:7c:ec:b1:da:
d1:6d:47:1f:11:69:c3:d5:3e:75:15:7d:43:71:4d:ed:1a:19:
30:3f:4c:7a:1a:d7:83:10:a4:6d:15:6d:81:03:b1:2b:4a:ed:
0b:ce:12:7d:5c:33:8a:d6:ef:92:58:0e:3c:85:34:3f:da:dd:
8d:76:ff:25:f9:7b:2e:55:26:86:6c:ce:aa:7c:1f:0b:96:62:
cb:d7:ab:15:83:50:b4:d0:3e:09:17:2f:58:6b:c9:7f:13:c2:
a3:64:09:b5:b9:40:26:2b:ba:64:ac:de:88:b4:6b:80:94:b8:
3a:4a:cb:5f:1f:92:9f:81:c9:3b:ef:4d:0a:17:fe:56:aa:54:
db:69:65:91:3f:87:29:c3:bd:a7:16:76:a7:61:a8:84:68:7e:
a4:7e:d7:d4:2d:c4:0c:04:79:54:95:6d:50:f6:52:c9:59:48:
11:66:88:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe93cja1vNp4VX7OmZqPLLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjFkMGYyYzNkMjFlNTRjNGQxODEyNzYwNDQzNWE5MGYy
NGRiNTEwHhcNMjMwNDI2MTQwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzdhYTAwNjc0OTY2MjM4ZWY4ODE0MWY4ZTQ4NTM2MmE5MWYxMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG4bQgwjbONmciYiOOpvFMkB/8xX
pOLIWKIcBPxLz46uUF2KLanXCkO8A9XP4vyCb83Uq7dMnahrMb8++f9JgXO8sZuB
Yyd7C5LgA80HHxGJi1gKCszLCBb5X6x77fH1SubpKGFAReZoyZu6SV9wSc/x7nSB
U/EqP08Gn7LVIbd3Y+WjlE4UdpXedwpL9xg3gZWbRUzZmfxEIOo8wMo/dN8AwX4g
/sUBoFnG3uWGO6pP6TANq9+lJZBfbdhcl9VuUDrf/saydU7sMbxnjEFJns8LWxlz
OpYJFV7wH2qg5jiG3IVVGZl5ktoIOk8DIkpmG/qsftFakgHOFLnjDkNmNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJx6oAZ0lmI474gUH45IU2KpHxA7MB8GA1UdIwQY
MBaAFAux0PLD0h5UxNGBJ2BENakPJNtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdIUThzUFNIbFRFMFlFbllFUTFxUThrMjFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9lOGI5NWQtYzRmOS00NjJlLTgyNzQt
Nzk5ZjdmNDU2MTYwLzEvbkhxZ0JuU1dZamp2aUJRZmpraFRZcWtmRURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9lOGI5NWQtYzRmOS00NjJlLTgyNzQtNzk5ZjdmNDU2MTYw
LzEvQzdIUThzUFNIbFRFMFlFbllFUTFxUThrMjFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwcl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAozZaXwT6q+j8RiqzGejM1nRSzTRQPfXX/akvQCtur
rnImOZps4ZJEsO/pQQ9vOxr44OlBgPUBhMBW49jLvss78SoUuUnp7C2foz/KJvTX
UXHpFFtQNnzssdrRbUcfEWnD1T51FX1DcU3tGhkwP0x6GteDEKRtFW2BA7ErSu0L
zhJ9XDOK1u+SWA48hTQ/2t2Ndv8l+XsuVSaGbM6qfB8LlmLL16sVg1C00D4JFy9Y
a8l/E8KjZAm1uUAmK7pkrN6ItGuAlLg6SstfH5Kfgck7700KF/5WqlTbaWWRP4cp
w72nFnanYaiEaH6kftfULcQMBHlUlW1Q9lLJWUgRZoh1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:22 2025 by rpki-client