Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/96eb70-0d04-476f-825e-556cc2e071dc/1/NDPvnKCY1wiol2mNcotiSthi0kw.roa
File: NDPvnKCY1wiol2mNcotiSthi0kw.roa (raw, json)
Hash identifier: /GT/Ag5wUbuZQBdJEeXuhLVcjDZ98gQHswLLJ3QZo8E=
Subject key identifier: 34:33:EF:9C:A0:98:D7:08:A8:97:69:8D:72:8B:62:4A:D8:62:D2:4C
Certificate issuer: /CN=1490fc17382dd6066a38e423badb2d8a18d1c045
Certificate serial: 04070EB7
Authority key identifier: 14:90:FC:17:38:2D:D6:06:6A:38:E4:23:BA:DB:2D:8A:18:D1:C0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJD8Fzgt1gZqOOQjutstihjRwEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/96eb70-0d04-476f-825e-556cc2e071dc/1/NDPvnKCY1wiol2mNcotiSthi0kw.roa
Signing time: Sat 01 Jan 2022 03:52:07 +0000
ROA not before: Sat 01 Jan 2022 03:52:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212100
IP address blocks: 185.1.59.0/24 maxlen: 24
2001:7f8:cc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67571383 (0x4070eb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1490fc17382dd6066a38e423badb2d8a18d1c045
Validity
Not Before: Jan 1 03:52:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3433ef9ca098d708a897698d728b624ad862d24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dc:94:b1:20:dc:ac:3b:e0:94:fc:38:02:a7:
1a:68:d3:06:c9:e3:e9:0f:0a:97:8a:df:27:0b:db:
e0:d4:1e:83:d4:bd:7c:00:c7:74:4e:21:4d:d5:1a:
d4:ac:8a:96:f0:13:dc:81:6d:8e:ec:fe:da:b3:7d:
8a:2b:db:ef:81:dd:c7:88:8a:8c:eb:a1:7c:ec:88:
45:b6:48:2a:ac:99:99:ad:e1:9b:18:61:82:16:26:
58:fd:77:42:87:50:41:6a:50:5a:87:30:a1:00:77:
5c:ed:8e:d6:b7:c0:e8:3e:91:3c:e0:f7:c4:85:bc:
f8:bf:05:ef:b5:76:9b:aa:5a:d7:2b:04:2d:a2:ef:
d0:1d:b7:cd:61:0f:f2:19:b6:99:d5:e8:c2:86:ba:
f8:72:f4:65:0e:13:84:49:99:1c:de:ac:65:a7:4f:
a4:f4:a5:9f:2a:c6:bb:82:55:1b:1c:e2:8b:f2:32:
10:6c:12:45:e5:a0:a4:1e:d5:09:47:c3:b3:5e:3d:
9e:67:14:84:32:d0:00:52:e4:eb:56:da:c6:29:fe:
4a:22:22:e4:7d:64:d6:ed:d2:34:c2:f1:03:4c:a7:
74:50:17:49:31:5d:7f:f0:57:2e:cb:b2:98:fc:5a:
bb:cc:55:ea:4a:a8:87:c6:90:5d:3b:f1:66:a5:e7:
17:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:33:EF:9C:A0:98:D7:08:A8:97:69:8D:72:8B:62:4A:D8:62:D2:4C
X509v3 Authority Key Identifier:
keyid:14:90:FC:17:38:2D:D6:06:6A:38:E4:23:BA:DB:2D:8A:18:D1:C0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJD8Fzgt1gZqOOQjutstihjRwEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/96eb70-0d04-476f-825e-556cc2e071dc/1/NDPvnKCY1wiol2mNcotiSthi0kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/96eb70-0d04-476f-825e-556cc2e071dc/1/FJD8Fzgt1gZqOOQjutstihjRwEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.59.0/24
IPv6:
2001:7f8:cc::/48
Signature Algorithm: sha256WithRSAEncryption
30:98:e1:c5:19:3c:d5:6d:b3:c4:43:d7:c6:27:f7:38:6e:57:
04:b8:a3:fb:43:d5:f0:4b:3b:7d:c9:11:82:5d:25:cc:22:84:
de:21:49:2c:0d:b3:0f:52:5e:2c:58:e0:d9:e6:38:44:dd:38:
fa:d2:51:59:c9:22:86:86:2a:b0:c6:0f:70:61:c3:87:2a:a6:
c9:7f:b6:5c:28:0c:86:53:b8:c7:08:0d:1f:70:d5:f5:15:81:
06:14:36:3e:7e:da:af:e1:ee:3a:85:12:bd:43:e2:98:36:02:
86:d1:52:2e:ec:6c:d4:72:d6:02:5f:3d:17:45:63:9e:af:93:
bc:bc:a5:7b:c2:15:63:35:a3:2b:4b:9b:e1:c5:44:88:b1:f0:
61:e6:46:2e:61:4b:26:f7:29:84:93:ae:73:95:46:6c:bd:cc:
90:38:4e:9e:62:37:5d:98:a6:03:0c:cf:e5:fd:f9:37:8a:a1:
91:9e:3d:79:81:a5:c9:d5:eb:aa:00:30:a5:f1:4f:bb:96:d9:
ce:c3:e0:75:57:11:04:5b:4e:73:b3:08:82:6f:25:38:bc:3b:
21:d2:92:ef:f6:13:a0:02:c8:0e:16:4b:d7:8a:53:3d:36:3b:
2b:0b:38:b9:33:da:fa:41:bf:36:52:fb:8f:b8:cb:29:fc:e3:
6e:af:dd:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBAcOtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NDkwZmMxNzM4MmRkNjA2NmEzOGU0MjNiYWRiMmQ4YTE4ZDFjMDQ1MB4XDTIyMDEw
MTAzNTIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzQzM2VmOWNhMDk4
ZDcwOGE4OTc2OThkNzI4YjYyNGFkODYyZDI0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvclLEg3Kw74JT8OAKnGmjTBsnj6Q8Kl4rfJwvb4NQeg9S9
fADHdE4hTdUa1KyKlvAT3IFtjuz+2rN9iivb74Hdx4iKjOuhfOyIRbZIKqyZma3h
mxhhghYmWP13QodQQWpQWocwoQB3XO2O1rfA6D6RPOD3xIW8+L8F77V2m6pa1ysE
LaLv0B23zWEP8hm2mdXowoa6+HL0ZQ4ThEmZHN6sZadPpPSlnyrGu4JVGxzii/Iy
EGwSReWgpB7VCUfDs149nmcUhDLQAFLk61baxin+SiIi5H1k1u3SNMLxA0yndFAX
STFdf/BXLsuymPxau8xV6kqoh8aQXTvxZqXnF8kCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ0M++coJjXCKiXaY1yi2JK2GLSTDAfBgNVHSMEGDAWgBQUkPwXOC3WBmo4
5CO62y2KGNHARTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZKRDhGemd0MWdacU9PUWp1dHN0aWhqUndFVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvOTZlYjcwLTBkMDQtNDc2Zi04MjVlLTU1NmNjMmUwNzFkYy8x
L05EUHZuS0NZMXdpb2wybU5jb3RpU3RoaTBrdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
OTZlYjcwLTBkMDQtNDc2Zi04MjVlLTU1NmNjMmUwNzFkYy8xL0ZKRDhGemd0MWda
cU9PUWp1dHN0aWhqUndFVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkBOzAPBAIAAjAJAwcAIAEH+ADM
MA0GCSqGSIb3DQEBCwUAA4IBAQAwmOHFGTzVbbPEQ9fGJ/c4blcEuKP7Q9XwSzt9
yRGCXSXMIoTeIUksDbMPUl4sWODZ5jhE3Tj60lFZySKGhiqwxg9wYcOHKqbJf7Zc
KAyGU7jHCA0fcNX1FYEGFDY+ftqv4e46hRK9Q+KYNgKG0VIu7GzUctYCXz0XRWOe
r5O8vKV7whVjNaMrS5vhxUSIsfBh5kYuYUsm9ymEk65zlUZsvcyQOE6eYjddmKYD
DM/l/fk3iqGRnj15gaXJ1euqADCl8U+7ltnOw+B1VxEEW05zswiCbyU4vDsh0pLv
9hOgAsgOFkvXilM9NjsrCzi5M9r6Qb82UvuPuMsp/ONur91P
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:18 2025 by rpki-client