Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/NOhvmd9BoSljuEYJsDu5oHugebo.roa
File: NOhvmd9BoSljuEYJsDu5oHugebo.roa (raw, json)
Hash identifier: XGoom67JOIeZSEBuy4QQehYfE/4zhDZS+89d28QwGmQ=
Subject key identifier: 34:E8:6F:99:DF:41:A1:29:63:B8:46:09:B0:3B:B9:A0:7B:A0:79:BA
Certificate issuer: /CN=65cd7803f41fe499e800664e0aacadee19b66d9d
Certificate serial: 018570B09EFE64072426615A22D5C1E2780B
Authority key identifier: 65:CD:78:03:F4:1F:E4:99:E8:00:66:4E:0A:AC:AD:EE:19:B6:6D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/NOhvmd9BoSljuEYJsDu5oHugebo.roa
Signing time: Mon 02 Jan 2023 04:15:01 +0000
ROA not before: Mon 02 Jan 2023 04:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34622
IP address blocks: 85.197.128.0/18 maxlen: 18
2a05:e840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:9e:fe:64:07:24:26:61:5a:22:d5:c1:e2:78:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65cd7803f41fe499e800664e0aacadee19b66d9d
Validity
Not Before: Jan 2 04:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34e86f99df41a12963b84609b03bb9a07ba079ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:39:5d:b4:7f:76:fc:59:87:ca:17:d3:a0:6c:
21:0e:37:fb:8f:d6:d5:da:22:38:05:a6:f0:70:d4:
b3:d0:f1:69:25:55:ca:06:50:2c:34:32:a9:d8:e3:
60:a6:64:3d:1a:15:15:0e:77:24:81:2c:73:85:b8:
9a:96:e4:87:73:84:73:07:20:78:ef:ef:de:9b:68:
b3:a6:33:c1:d5:a3:94:fb:29:0a:66:5d:14:6b:45:
7f:0a:68:02:a5:71:91:33:11:57:28:9f:8e:f9:ea:
52:73:58:08:e3:86:62:7a:20:bc:1e:61:dc:18:7e:
f7:cc:da:3a:79:87:2d:6a:68:ae:d2:2e:e7:08:2f:
39:e7:03:1d:27:02:08:53:5c:53:4a:1e:3d:19:f9:
6a:74:ce:46:5f:e8:cb:07:e0:12:c7:f7:ab:ad:e9:
58:30:72:aa:41:21:7f:07:55:ff:75:c5:1c:eb:ed:
95:e1:1c:0b:96:5d:f3:66:55:04:fe:e4:b9:f5:7f:
f7:b7:d2:38:a9:45:44:af:5a:4f:51:4c:e6:86:e7:
04:2d:ed:3f:a2:ae:ca:9e:3e:b6:6a:47:a2:41:b2:
83:6b:68:35:a9:3b:df:04:75:a4:d6:12:23:ca:14:
77:5b:e6:a2:3e:e5:48:f9:fb:94:ef:92:d0:21:e4:
08:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E8:6F:99:DF:41:A1:29:63:B8:46:09:B0:3B:B9:A0:7B:A0:79:BA
X509v3 Authority Key Identifier:
keyid:65:CD:78:03:F4:1F:E4:99:E8:00:66:4E:0A:AC:AD:EE:19:B6:6D:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/NOhvmd9BoSljuEYJsDu5oHugebo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e66f01-1d9d-4513-956a-f96bfb04e645/1/Zc14A_Qf5JnoAGZOCqyt7hm2bZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.197.128.0/18
IPv6:
2a05:e840::/29
Signature Algorithm: sha256WithRSAEncryption
7e:50:85:5a:d3:85:db:57:fd:23:e2:dd:d2:73:00:8f:fd:79:
ea:de:c6:69:7d:ec:83:a1:1a:86:ec:4c:da:54:c6:f3:fc:5e:
88:0c:ac:c6:a2:fd:e6:58:35:8a:2a:11:2f:52:52:5c:68:cf:
84:80:e0:71:f9:ae:d6:5d:ef:41:22:38:d6:73:23:1d:f0:bd:
83:cc:a5:98:da:ef:51:84:59:26:ea:07:7c:a1:f9:3f:27:01:
05:4e:a5:73:5d:eb:46:64:7e:61:a6:c2:3e:33:cc:a8:29:fe:
e0:f7:21:31:c6:08:4f:8e:e0:19:fe:80:59:18:7e:44:76:bb:
3b:57:d7:13:af:ba:5f:d4:60:dd:23:bd:3a:55:b9:14:ab:09:
bb:6e:24:78:83:51:93:2a:a2:fc:ab:a3:a9:48:80:02:f4:93:
61:c3:f0:25:02:8f:fe:11:b2:3b:7b:88:b2:ee:52:5e:aa:75:
cb:9d:58:aa:bf:61:20:62:bf:c2:e9:04:7b:03:09:67:9e:9f:
e5:41:b8:7a:2f:ee:de:06:2b:3f:e7:42:da:f1:91:c1:78:11:
dd:9d:08:29:1c:1f:b9:62:7d:8e:de:e6:69:e2:ef:8a:ed:7f:
c4:af:06:4d:b2:d5:53:db:fd:32:35:9c:25:0e:4b:52:91:2d:
37:12:ab:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsJ7+ZAckJmFaItXB4ngLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Y2Q3ODAzZjQxZmU0OTllODAwNjY0ZTBhYWNhZGVlMTli
NjZkOWQwHhcNMjMwMTAyMDQxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGU4NmY5OWRmNDFhMTI5NjNiODQ2MDliMDNiYjlhMDdiYTA3OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DldtH92/FmHyhfToGwhDjf7j9bV
2iI4BabwcNSz0PFpJVXKBlAsNDKp2ONgpmQ9GhUVDnckgSxzhbialuSHc4RzByB4
7+/em2izpjPB1aOU+ykKZl0Ua0V/CmgCpXGRMxFXKJ+O+epSc1gI44ZieiC8HmHc
GH73zNo6eYctamiu0i7nCC855wMdJwIIU1xTSh49GflqdM5GX+jLB+ASx/errelY
MHKqQSF/B1X/dcUc6+2V4RwLll3zZlUE/uS59X/3t9I4qUVEr1pPUUzmhucELe0/
oq7Knj62akeiQbKDa2g1qTvfBHWk1hIjyhR3W+aiPuVI+fuU75LQIeQIaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDTob5nfQaEpY7hGCbA7uaB7oHm6MB8GA1UdIwQY
MBaAFGXNeAP0H+SZ6ABmTgqsre4Ztm2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmMxNEFfUWY1Sm5vQUdaT0NxeXQ3aG0yYlowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lNjZmMDEtMWQ5ZC00NTEzLTk1NmEt
Zjk2YmZiMDRlNjQ1LzEvTk9odm1kOUJvU2xqdUVZSnNEdTVvSHVnZWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lNjZmMDEtMWQ5ZC00NTEzLTk1NmEtZjk2YmZiMDRlNjQ1
LzEvWmMxNEFfUWY1Sm5vQUdaT0NxeXQ3aG0yYlowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGVcWAMA0E
AgACMAcDBQMqBehAMA0GCSqGSIb3DQEBCwUAA4IBAQB+UIVa04XbV/0j4t3ScwCP
/Xnq3sZpfeyDoRqG7EzaVMbz/F6IDKzGov3mWDWKKhEvUlJcaM+EgOBx+a7WXe9B
IjjWcyMd8L2DzKWY2u9RhFkm6gd8ofk/JwEFTqVzXetGZH5hpsI+M8yoKf7g9yEx
xghPjuAZ/oBZGH5Edrs7V9cTr7pf1GDdI706VbkUqwm7biR4g1GTKqL8q6OpSIAC
9JNhw/AlAo/+EbI7e4iy7lJeqnXLnViqv2EgYr/C6QR7Awlnnp/lQbh6L+7eBis/
50La8ZHBeBHdnQgpHB+5Yn2O3uZp4u+K7X/ErwZNstVT2/0yNZwlDktSkS03Eqv9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:14 2025 by rpki-client