Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/NGxG2ZhQbNNszYqrobS_nK99uDA.roa
File: NGxG2ZhQbNNszYqrobS_nK99uDA.roa (raw, json)
Hash identifier: C/ZQC9vSpIIZ5k7XV9nb7AhBeTbYm2pIpPrFBGS2U8k=
Subject key identifier: 34:6C:46:D9:98:50:6C:D3:6C:CD:8A:AB:A1:B4:BF:9C:AF:7D:B8:30
Certificate issuer: /CN=543c54067385a765b1d5617c43331956fb208e89
Certificate serial: 0186FF3A76FBACB43913F0936BF322F783AD
Authority key identifier: 54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/NGxG2ZhQbNNszYqrobS_nK99uDA.roa
Signing time: Mon 20 Mar 2023 13:34:26 +0000
ROA not before: Mon 20 Mar 2023 13:34:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198595
IP address blocks: 185.202.124.0/24 maxlen: 24
185.202.125.0/24 maxlen: 24
185.202.126.0/24 maxlen: 24
185.202.127.0/24 maxlen: 24
2001:67c:104::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:3a:76:fb:ac:b4:39:13:f0:93:6b:f3:22:f7:83:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c54067385a765b1d5617c43331956fb208e89
Validity
Not Before: Mar 20 13:34:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=346c46d998506cd36ccd8aaba1b4bf9caf7db830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:48:26:be:ab:53:b0:40:c1:2c:e0:2b:ae:29:
b2:54:8c:1f:82:05:b1:f3:93:08:1b:c5:9d:34:38:
fe:f7:52:2a:95:43:b3:2a:fc:9e:12:e7:7b:9e:df:
3c:89:bf:45:f2:69:47:b5:7a:cb:c3:1a:ce:b9:6b:
09:21:e9:a8:76:06:7d:75:8a:3d:2b:f5:84:2b:0a:
c1:e5:2e:72:73:77:22:44:82:6e:25:35:ae:b6:01:
74:1b:db:09:da:47:a4:e7:d0:19:31:ad:81:04:22:
e1:de:41:71:23:19:53:ed:d6:cf:b6:1e:23:3a:10:
8c:6b:e1:f0:21:49:fb:9f:52:3a:03:eb:af:49:2b:
c0:fc:49:36:f5:22:1c:48:2e:17:fb:f9:51:2e:da:
7f:0b:a3:e3:91:90:ad:9a:1b:93:e5:b3:c9:7e:c2:
20:9e:52:c8:d9:e6:c8:f0:62:11:a1:67:2e:c4:0a:
32:53:af:42:45:40:e3:7c:f0:76:41:65:63:7e:49:
c1:a8:9f:86:d6:b5:de:8a:82:e2:47:c5:1a:b0:fc:
46:54:9a:d0:df:c3:0b:70:d1:23:17:a2:bd:09:17:
4e:56:70:35:4c:c9:22:61:c4:4e:2c:52:37:d2:79:
0d:41:e5:04:11:8d:89:33:0d:bd:e2:b9:f6:a1:7c:
0c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6C:46:D9:98:50:6C:D3:6C:CD:8A:AB:A1:B4:BF:9C:AF:7D:B8:30
X509v3 Authority Key Identifier:
keyid:54:3C:54:06:73:85:A7:65:B1:D5:61:7C:43:33:19:56:FB:20:8E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxUBnOFp2Wx1WF8QzMZVvsgjok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/NGxG2ZhQbNNszYqrobS_nK99uDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/63fbf8-5cff-4991-8f27-a41a4834ecaa/1/VDxUBnOFp2Wx1WF8QzMZVvsgjok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.124.0/22
IPv6:
2001:67c:104::/48
Signature Algorithm: sha256WithRSAEncryption
1b:80:e0:5f:dd:71:13:ce:da:a6:b4:38:99:a5:3b:0a:61:5d:
f0:8d:3b:b5:6d:eb:c5:7b:be:c8:b9:22:3d:2e:8a:ff:15:56:
b9:58:7e:36:35:11:dd:af:7d:43:66:6d:77:bd:df:5f:e3:26:
f2:69:91:45:52:41:85:76:de:58:6e:93:44:34:73:df:92:f4:
bc:82:9e:fd:87:94:8f:58:89:71:9d:7a:bd:0d:3d:6d:39:a2:
75:dc:94:e3:71:db:a0:a3:eb:b3:7a:97:90:5d:b8:9d:e4:d2:
2f:12:ee:07:09:80:1a:b3:55:28:e4:be:a4:2d:66:32:5c:38:
83:48:16:65:31:e0:98:da:91:8e:4b:12:c6:7a:00:9f:60:cc:
31:6c:31:75:29:04:7b:f2:d4:2b:ac:76:9b:eb:48:43:bb:b7:
53:eb:b4:b0:28:89:cb:79:1b:94:95:ac:01:af:37:10:e8:f4:
e9:80:43:08:15:fa:34:93:a4:e2:0f:c5:44:4e:a4:3c:f6:1d:
12:62:01:b2:f9:1c:d1:cb:6d:86:17:74:67:4f:68:00:e8:dd:
c2:16:52:88:96:dd:3c:40:7e:fb:8b:4d:cf:e7:98:fe:cd:43:
a6:f8:b7:90:a9:37:f3:40:59:dc:3c:00:92:4b:4e:23:4a:41:
bc:70:e7:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb/Onb7rLQ5E/CTa/Mi94OtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1NDA2NzM4NWE3NjViMWQ1NjE3YzQzMzMxOTU2ZmIy
MDhlODkwHhcNMjMwMzIwMTMzNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDZjNDZkOTk4NTA2Y2QzNmNjZDhhYWJhMWI0YmY5Y2FmN2RiODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0gmvqtTsEDBLOArrimyVIwfggWx
85MIG8WdNDj+91IqlUOzKvyeEud7nt88ib9F8mlHtXrLwxrOuWsJIemodgZ9dYo9
K/WEKwrB5S5yc3ciRIJuJTWutgF0G9sJ2kek59AZMa2BBCLh3kFxIxlT7dbPth4j
OhCMa+HwIUn7n1I6A+uvSSvA/Ek29SIcSC4X+/lRLtp/C6PjkZCtmhuT5bPJfsIg
nlLI2ebI8GIRoWcuxAoyU69CRUDjfPB2QWVjfknBqJ+G1rXeioLiR8UasPxGVJrQ
38MLcNEjF6K9CRdOVnA1TMkiYcROLFI30nkNQeUEEY2JMw294rn2oXwMXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDRsRtmYUGzTbM2Kq6G0v5yvfbgwMB8GA1UdIwQY
MBaAFFQ8VAZzhadlsdVhfEMzGVb7II6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjct
YTQxYTQ4MzRlY2FhLzEvTkd4RzJaaFFiTk5zellxcm9iU19uSzk5dURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82M2ZiZjgtNWNmZi00OTkxLThmMjctYTQxYTQ4MzRlY2Fh
LzEvVkR4VUJuT0ZwMld4MVdGOFF6TVpWdnNnam9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCucp8MA8E
AgACMAkDBwAgAQZ8AQQwDQYJKoZIhvcNAQELBQADggEBABuA4F/dcRPO2qa0OJml
OwphXfCNO7Vt68V7vsi5Ij0uiv8VVrlYfjY1Ed2vfUNmbXe931/jJvJpkUVSQYV2
3lhuk0Q0c9+S9LyCnv2HlI9YiXGder0NPW05onXclONx26Cj67N6l5BduJ3k0i8S
7gcJgBqzVSjkvqQtZjJcOINIFmUx4JjakY5LEsZ6AJ9gzDFsMXUpBHvy1Cusdpvr
SEO7t1PrtLAoict5G5SVrAGvNxDo9OmAQwgV+jSTpOIPxUROpDz2HRJiAbL5HNHL
bYYXdGdPaADo3cIWUoiW3TxAfvuLTc/nmP7NQ6b4t5CpN/NAWdw8AJJLTiNKQbxw
518=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:06 2025 by rpki-client