Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/df2777-77a1-4b84-921f-a88270f5d1a9/1/Nkc_oaTv2fJTUj3D-gyU_3QQOIU.roa
File: Nkc_oaTv2fJTUj3D-gyU_3QQOIU.roa (raw, json)
Hash identifier: AI8uMf3fM1nz/HgePhDMluOjO+o6SzsDC87b0wuqv/Q=
Subject key identifier: 36:47:3F:A1:A4:EF:D9:F2:53:52:3D:C3:FA:0C:94:FF:74:10:38:85
Certificate issuer: /CN=5f16b294b1a647bf6d67683b51614497e751f21f
Certificate serial: 01856C0A5ED314EB5BA0555B5A92584C4086
Authority key identifier: 5F:16:B2:94:B1:A6:47:BF:6D:67:68:3B:51:61:44:97:E7:51:F2:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxaylLGmR79tZ2g7UWFEl-dR8h8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/df2777-77a1-4b84-921f-a88270f5d1a9/1/Nkc_oaTv2fJTUj3D-gyU_3QQOIU.roa
Signing time: Sun 01 Jan 2023 06:34:56 +0000
ROA not before: Sun 01 Jan 2023 06:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34182
IP address blocks: 193.28.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:5e:d3:14:eb:5b:a0:55:5b:5a:92:58:4c:40:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f16b294b1a647bf6d67683b51614497e751f21f
Validity
Not Before: Jan 1 06:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36473fa1a4efd9f253523dc3fa0c94ff74103885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:93:4d:96:18:65:81:77:57:dd:24:f5:bc:d7:
83:a2:67:8a:1f:ba:82:64:b5:31:f4:be:f7:c2:8d:
0f:a6:59:0c:a0:1f:2d:69:02:15:94:86:7c:61:01:
8e:a3:6c:38:fe:68:02:8b:d1:ca:16:b6:1c:44:89:
41:ce:fc:37:5e:ee:26:88:c7:9f:4e:ce:68:a7:70:
4e:48:3c:96:ca:41:9a:9d:c9:ab:1c:80:99:b0:bd:
b2:4d:4b:37:85:ee:96:c7:1b:5b:e8:73:3c:6f:65:
49:77:f9:fb:09:60:8f:4e:d9:a8:16:9e:1b:98:41:
fb:16:f0:e4:15:c3:9c:9e:0e:58:a4:0a:e8:4d:77:
ef:03:e6:c0:f0:5d:bf:f6:ef:72:26:dd:04:a0:bb:
33:32:23:11:83:61:ef:b9:2f:07:44:01:aa:ce:2c:
2d:75:1f:fe:f5:51:cc:bb:72:4b:00:f0:d6:6a:9d:
a0:39:ef:59:b2:43:cb:73:93:e8:be:45:fb:22:3d:
98:6e:d4:2a:07:55:64:4f:bf:b4:07:64:df:8e:2b:
48:c1:b7:ed:58:9e:40:a7:75:ed:23:5e:54:b7:e4:
7c:7e:86:8f:4c:ae:89:f4:1c:dd:76:8d:f0:96:a9:
37:c9:6a:8b:03:d2:58:f3:24:14:c2:b4:9c:2c:8f:
57:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:47:3F:A1:A4:EF:D9:F2:53:52:3D:C3:FA:0C:94:FF:74:10:38:85
X509v3 Authority Key Identifier:
keyid:5F:16:B2:94:B1:A6:47:BF:6D:67:68:3B:51:61:44:97:E7:51:F2:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxaylLGmR79tZ2g7UWFEl-dR8h8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/df2777-77a1-4b84-921f-a88270f5d1a9/1/Nkc_oaTv2fJTUj3D-gyU_3QQOIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/df2777-77a1-4b84-921f-a88270f5d1a9/1/XxaylLGmR79tZ2g7UWFEl-dR8h8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.185.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a6:4c:e9:2c:76:08:83:83:0a:66:4b:db:6c:f7:0d:6a:2f:
5c:c4:65:4f:c4:a2:95:54:7e:d5:13:ca:23:1c:e3:04:a1:13:
fd:4a:62:c7:25:12:d6:10:c4:e9:55:d2:08:3e:a6:9c:70:eb:
de:70:06:7d:bb:fd:b2:d7:34:c5:2d:8b:a9:57:55:d7:bb:d3:
62:ce:2a:b8:70:3d:1d:8e:60:55:c4:f9:b0:e8:3c:68:18:fc:
53:13:c0:af:34:bd:ff:bc:1e:23:b6:a0:df:ed:5d:64:54:02:
a5:a4:1c:a6:a5:de:eb:2c:48:59:99:42:f8:3d:71:a6:af:4a:
66:8b:04:3b:2c:72:37:9c:ed:90:46:bb:2b:26:98:e4:e9:78:
54:e0:f4:87:59:8c:b5:0e:30:b9:85:92:d4:99:e9:d0:62:e7:
f7:50:cd:99:6f:c3:3d:b6:73:fc:a0:37:19:b5:8b:ee:ff:4a:
ca:d0:3d:6e:51:aa:c4:be:3e:ec:fd:1e:0f:63:30:12:54:bb:
99:1e:7d:5c:75:80:45:55:41:f1:e9:89:30:05:5f:e3:56:d5:
62:f7:1b:85:62:bf:6b:6a:8c:14:85:d5:0b:da:7a:20:73:8a:
33:1b:82:c8:b5:13:c5:f8:33:9a:31:3c:26:52:f6:70:8c:76:
1d:d0:af:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCl7TFOtboFVbWpJYTECGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMTZiMjk0YjFhNjQ3YmY2ZDY3NjgzYjUxNjE0NDk3ZTc1
MWYyMWYwHhcNMjMwMTAxMDYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ3M2ZhMWE0ZWZkOWYyNTM1MjNkYzNmYTBjOTRmZjc0MTAzODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZNNlhhlgXdX3ST1vNeDomeKH7qC
ZLUx9L73wo0PplkMoB8taQIVlIZ8YQGOo2w4/mgCi9HKFrYcRIlBzvw3Xu4miMef
Ts5op3BOSDyWykGancmrHICZsL2yTUs3he6Wxxtb6HM8b2VJd/n7CWCPTtmoFp4b
mEH7FvDkFcOcng5YpAroTXfvA+bA8F2/9u9yJt0EoLszMiMRg2HvuS8HRAGqziwt
dR/+9VHMu3JLAPDWap2gOe9ZskPLc5PovkX7Ij2YbtQqB1VkT7+0B2TfjitIwbft
WJ5Ap3XtI15Ut+R8foaPTK6J9Bzddo3wlqk3yWqLA9JY8yQUwrScLI9XAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZHP6Gk79nyU1I9w/oMlP90EDiFMB8GA1UdIwQY
MBaAFF8WspSxpke/bWdoO1FhRJfnUfIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhheWxMR21SNzl0WjJnN1VXRkVsLWRSOGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9kZjI3NzctNzdhMS00Yjg0LTkyMWYt
YTg4MjcwZjVkMWE5LzEvTmtjX29hVHYyZkpUVWozRC1neVVfM1FRT0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9kZjI3NzctNzdhMS00Yjg0LTkyMWYtYTg4MjcwZjVkMWE5
LzEvWHhheWxMR21SNzl0WjJnN1VXRkVsLWRSOGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRy5MA0G
CSqGSIb3DQEBCwUAA4IBAQBXpkzpLHYIg4MKZkvbbPcNai9cxGVPxKKVVH7VE8oj
HOMEoRP9SmLHJRLWEMTpVdIIPqaccOvecAZ9u/2y1zTFLYupV1XXu9Niziq4cD0d
jmBVxPmw6DxoGPxTE8CvNL3/vB4jtqDf7V1kVAKlpBympd7rLEhZmUL4PXGmr0pm
iwQ7LHI3nO2QRrsrJpjk6XhU4PSHWYy1DjC5hZLUmenQYuf3UM2Zb8M9tnP8oDcZ
tYvu/0rK0D1uUarEvj7s/R4PYzASVLuZHn1cdYBFVUHx6YkwBV/jVtVi9xuFYr9r
aowUhdUL2nogc4ozG4LItRPF+DOaMTwmUvZwjHYd0K8c
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:31:56 2025 by rpki-client