Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9bcbaf-4993-4d08-b9a8-0355ef11589c/1/NbQy_rwJx-iXi63AALZwvkuit-g.roa
File: NbQy_rwJx-iXi63AALZwvkuit-g.roa (raw, json)
Hash identifier: mBIePg/1h81+tZ/LJw6GBV0grarfEP+JhjcVn74pzt0=
Subject key identifier: 35:B4:32:FE:BC:09:C7:E8:97:8B:AD:C0:00:B6:70:BE:4B:A2:B7:E8
Certificate issuer: /CN=48c39de25ffa7eaf02b2a6d8c2cf6e2ceb562bf3
Certificate serial: 01857321EDA35F0C629BB521B385BE9597E3
Authority key identifier: 48:C3:9D:E2:5F:FA:7E:AF:02:B2:A6:D8:C2:CF:6E:2C:EB:56:2B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SMOd4l_6fq8CsqbYws9uLOtWK_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9bcbaf-4993-4d08-b9a8-0355ef11589c/1/NbQy_rwJx-iXi63AALZwvkuit-g.roa
Signing time: Mon 02 Jan 2023 15:38:01 +0000
ROA not before: Mon 02 Jan 2023 15:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42867
IP address blocks: 194.143.140.0/24 maxlen: 24
194.143.140.0/23 maxlen: 23
194.143.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:ed:a3:5f:0c:62:9b:b5:21:b3:85:be:95:97:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48c39de25ffa7eaf02b2a6d8c2cf6e2ceb562bf3
Validity
Not Before: Jan 2 15:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35b432febc09c7e8978badc000b670be4ba2b7e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fb:d1:46:fd:dc:8e:a7:11:e2:90:b8:75:13:
09:77:fe:72:f5:7e:1f:23:6a:09:a2:73:9c:8b:45:
eb:92:39:55:03:54:e4:a5:23:b2:ed:62:88:58:77:
9b:d2:14:be:ad:fa:53:2a:1f:25:26:9a:19:39:f0:
3a:06:d1:5c:b6:cc:d1:40:5e:b3:94:60:ad:7e:ba:
25:18:b2:95:94:bc:6e:4b:22:ae:b4:f9:40:8c:99:
c1:9a:90:48:0f:12:d7:6f:5d:62:be:d0:ab:72:83:
0c:48:e2:7e:69:91:b3:ef:15:0b:9c:07:05:34:74:
ce:f4:d2:71:12:55:34:bb:f2:6c:03:4f:6d:92:6e:
21:dd:9e:e7:e0:cc:7f:f3:1d:99:5c:8f:0b:4b:41:
47:e4:0d:e8:33:79:a3:87:0c:1d:9b:7c:ca:fa:34:
ae:c1:02:71:32:77:7c:c7:57:15:a3:57:99:26:d0:
ff:3d:d2:40:a3:56:b9:f3:c6:85:ae:a9:f6:f7:e8:
a1:ec:8c:89:ef:f0:db:d0:0e:fd:06:bd:1e:99:ba:
c4:e2:cf:59:a5:92:f9:ed:a6:90:4c:97:99:a9:ee:
93:76:83:e5:88:9f:af:d8:8a:2e:51:d9:f0:c7:32:
ea:3d:fc:b2:23:70:72:3e:58:4d:ba:1c:c2:f8:b3:
09:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B4:32:FE:BC:09:C7:E8:97:8B:AD:C0:00:B6:70:BE:4B:A2:B7:E8
X509v3 Authority Key Identifier:
keyid:48:C3:9D:E2:5F:FA:7E:AF:02:B2:A6:D8:C2:CF:6E:2C:EB:56:2B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SMOd4l_6fq8CsqbYws9uLOtWK_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9bcbaf-4993-4d08-b9a8-0355ef11589c/1/NbQy_rwJx-iXi63AALZwvkuit-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9bcbaf-4993-4d08-b9a8-0355ef11589c/1/SMOd4l_6fq8CsqbYws9uLOtWK_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.140.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:c7:be:99:e8:84:cd:d4:d6:b4:e5:05:a8:9f:4e:74:38:0b:
bd:3b:03:a2:c6:2f:94:85:6e:9b:fc:31:2f:2e:13:69:88:93:
3b:3f:73:db:69:a3:14:fa:19:f5:26:bd:d4:5b:12:ae:26:b0:
90:b1:fd:10:32:91:f0:ed:d8:9e:61:5c:b9:ce:83:e6:d5:5e:
e3:e1:cc:f0:c0:c9:8c:64:27:2c:a6:ae:1f:2e:ec:48:30:09:
b2:61:cb:0f:f1:6b:99:09:cc:6a:79:38:b2:74:35:63:2e:36:
c7:8d:e5:fe:92:b1:da:d9:a3:c6:a1:ec:7a:2f:93:f5:51:a5:
c2:e5:29:e2:34:59:d8:8e:f6:7b:c3:48:61:b8:83:28:e6:32:
d6:ea:61:f6:f7:17:aa:1c:d6:35:c1:f3:0d:04:39:c2:b3:91:
18:1e:5d:0c:20:5b:43:16:f7:37:6b:fb:3b:21:af:a7:cd:b8:
56:cd:f8:fd:ee:c4:87:a0:79:15:e0:4f:c6:49:ee:ac:5c:ed:
52:dd:41:69:19:b5:f1:ef:cf:60:5e:d1:be:a1:fe:08:4c:0a:
54:bf:46:87:64:ab:eb:18:0f:a4:3a:78:10:90:30:69:f2:b2:
c0:03:32:47:8b:9f:67:ad:72:f2:ae:79:6a:ba:f9:61:c5:e5:
66:19:fb:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIe2jXwxim7Uhs4W+lZfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YzM5ZGUyNWZmYTdlYWYwMmIyYTZkOGMyY2Y2ZTJjZWI1
NjJiZjMwHhcNMjMwMTAyMTUzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI0MzJmZWJjMDljN2U4OTc4YmFkYzAwMGI2NzBiZTRiYTJiN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vvRRv3cjqcR4pC4dRMJd/5y9X4f
I2oJonOci0XrkjlVA1TkpSOy7WKIWHeb0hS+rfpTKh8lJpoZOfA6BtFctszRQF6z
lGCtfrolGLKVlLxuSyKutPlAjJnBmpBIDxLXb11ivtCrcoMMSOJ+aZGz7xULnAcF
NHTO9NJxElU0u/JsA09tkm4h3Z7n4Mx/8x2ZXI8LS0FH5A3oM3mjhwwdm3zK+jSu
wQJxMnd8x1cVo1eZJtD/PdJAo1a588aFrqn29+ih7IyJ7/Db0A79Br0embrE4s9Z
pZL57aaQTJeZqe6TdoPliJ+v2IouUdnwxzLqPfyyI3ByPlhNuhzC+LMJ3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDW0Mv68Ccfol4utwAC2cL5LorfoMB8GA1UdIwQY
MBaAFEjDneJf+n6vArKm2MLPbizrVivzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU01PZDRsXzZmcThDc3FiWXdzOXVMT3RXS19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YmNiYWYtNDk5My00ZDA4LWI5YTgt
MDM1NWVmMTE1ODljLzEvTmJReV9yd0p4LWlYaTYzQUFMWnd2a3VpdC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YmNiYWYtNDk5My00ZDA4LWI5YTgtMDM1NWVmMTE1ODlj
LzEvU01PZDRsXzZmcThDc3FiWXdzOXVMT3RXS19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwo+MMA0G
CSqGSIb3DQEBCwUAA4IBAQCyx76Z6ITN1Na05QWon050OAu9OwOixi+UhW6b/DEv
LhNpiJM7P3PbaaMU+hn1Jr3UWxKuJrCQsf0QMpHw7dieYVy5zoPm1V7j4czwwMmM
ZCcspq4fLuxIMAmyYcsP8WuZCcxqeTiydDVjLjbHjeX+krHa2aPGoex6L5P1UaXC
5SniNFnYjvZ7w0hhuIMo5jLW6mH29xeqHNY1wfMNBDnCs5EYHl0MIFtDFvc3a/s7
Ia+nzbhWzfj97sSHoHkV4E/GSe6sXO1S3UFpGbXx789gXtG+of4ITApUv0aHZKvr
GA+kOngQkDBp8rLAAzJHi59nrXLyrnlquvlhxeVmGftJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:08 2025 by rpki-client