Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/nmgEAo1C6RMNqxtWLEpXgXT6y8E.roa
File: nmgEAo1C6RMNqxtWLEpXgXT6y8E.roa (raw, json)
Hash identifier: vWz0g9xPHGB47x9uL/qlbbhVGdHmMlsG2XZoIdr6Sl4=
Subject key identifier: 9E:68:04:02:8D:42:E9:13:0D:AB:1B:56:2C:4A:57:81:74:FA:CB:C1
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 01856F8B93B1D0734933818CC3A330C061F4
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/nmgEAo1C6RMNqxtWLEpXgXT6y8E.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 194.99.47.0/24 maxlen: 24
31.210.23.0/24 maxlen: 24
194.59.216.0/22 maxlen: 24
162.12.204.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:93:b1:d0:73:49:33:81:8c:c3:a3:30:c0:61:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e6804028d42e9130dab1b562c4a578174facbc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4b:38:8f:9f:3a:44:f9:3c:88:15:8c:38:10:
05:a0:2d:44:29:36:7e:08:03:7a:72:9f:e3:e7:df:
fd:54:45:ac:25:9f:14:5f:d8:9e:e0:e5:59:ef:6d:
98:f7:11:67:21:f3:27:00:38:fb:1b:96:79:32:bb:
22:f6:c6:20:c3:01:3e:86:21:44:49:50:ff:61:dc:
e3:de:88:a4:db:be:5f:c2:5e:84:ec:de:dd:a6:c6:
be:f8:71:43:91:08:2c:34:47:bc:fe:7f:76:96:73:
c9:5f:65:e7:5d:01:a1:5b:0c:59:5f:ca:75:69:9d:
44:f1:71:2b:59:43:60:9b:b2:e8:b6:f2:53:dc:ab:
48:fa:84:f4:23:85:36:a1:3c:8b:bd:69:2d:ad:92:
f8:9c:81:30:88:50:94:fc:96:d4:18:46:ac:fd:c8:
d0:9f:0c:a9:30:32:32:d4:27:4b:57:76:5d:4a:20:
b5:4b:f6:c4:ea:a9:5a:d7:f1:f7:a4:8f:f3:8a:ca:
f1:fe:75:80:a3:af:91:ea:37:ea:cb:dd:4f:e7:19:
9c:67:0a:8c:c2:1c:39:b8:b3:b9:6d:51:42:cc:58:
3f:98:46:0d:c4:81:0a:f4:3a:1b:87:5d:8f:b7:f0:
e7:c4:4a:26:03:81:93:a1:29:38:54:7b:b7:5b:2e:
a8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:68:04:02:8D:42:E9:13:0D:AB:1B:56:2C:4A:57:81:74:FA:CB:C1
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/nmgEAo1C6RMNqxtWLEpXgXT6y8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.23.0/24
162.12.204.0/23
194.59.216.0/22
194.99.47.0/24
Signature Algorithm: sha256WithRSAEncryption
64:22:8a:c1:5b:cc:84:45:da:cc:ae:34:68:99:c0:7a:61:83:
a1:9d:1e:b8:6a:e7:3d:93:96:68:66:02:78:6c:cb:5e:1f:94:
25:87:bd:78:53:c9:de:5c:d1:74:7a:ae:0e:e2:cd:3f:07:d8:
12:04:61:bf:b3:12:a0:32:be:a8:57:5e:e0:c0:de:ab:3a:91:
79:31:d1:04:49:f4:18:7a:cb:55:fd:26:30:5f:97:65:ee:4a:
b6:82:49:3e:87:8b:9a:63:e1:99:86:40:8c:06:ee:af:41:73:
da:13:06:c3:3d:95:06:34:92:50:0c:26:5f:e5:a1:50:8b:a5:
08:34:b7:84:14:3e:3a:2b:fc:a3:42:2d:f4:7f:0a:45:5d:25:
96:07:71:0b:bb:b0:27:09:3f:27:37:fc:a8:72:27:56:d0:36:
b3:1b:88:4c:d7:32:67:2d:55:3d:ac:ec:7e:4d:54:47:d7:f7:
83:2b:75:67:6c:81:d9:28:1c:75:b3:72:17:43:8c:f9:07:64:
a8:0a:04:de:58:e9:b9:0a:46:73:7b:43:7c:d0:dc:cb:29:26:
1c:f8:ee:19:9e:a4:b8:69:dc:95:9f:32:2b:1b:77:f7:90:96:
d6:7d:1b:a3:29:3f:bd:2f:fe:e4:c5:26:93:90:9a:06:0b:0a:
5d:36:10:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvi5Ox0HNJM4GMw6MwwGH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY4MDQwMjhkNDJlOTEzMGRhYjFiNTYyYzRhNTc4MTc0ZmFjYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0s4j586RPk8iBWMOBAFoC1EKTZ+
CAN6cp/j59/9VEWsJZ8UX9ie4OVZ722Y9xFnIfMnADj7G5Z5Mrsi9sYgwwE+hiFE
SVD/Ydzj3oik275fwl6E7N7dpsa++HFDkQgsNEe8/n92lnPJX2XnXQGhWwxZX8p1
aZ1E8XErWUNgm7LotvJT3KtI+oT0I4U2oTyLvWktrZL4nIEwiFCU/JbUGEas/cjQ
nwypMDIy1CdLV3ZdSiC1S/bE6qla1/H3pI/zisrx/nWAo6+R6jfqy91P5xmcZwqM
whw5uLO5bVFCzFg/mEYNxIEK9Dobh12Pt/DnxEomA4GToSk4VHu3Wy6opwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ5oBAKNQukTDasbVixKV4F0+svBMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvbm1nRUFvMUM2Uk1OcXh0V0xFcFhnWFQ2eThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH9IXAwQB
ogzMAwQCwjvYAwQAwmMvMA0GCSqGSIb3DQEBCwUAA4IBAQBkIorBW8yERdrMrjRo
mcB6YYOhnR64auc9k5ZoZgJ4bMteH5Qlh714U8neXNF0eq4O4s0/B9gSBGG/sxKg
Mr6oV17gwN6rOpF5MdEESfQYestV/SYwX5dl7kq2gkk+h4uaY+GZhkCMBu6vQXPa
EwbDPZUGNJJQDCZf5aFQi6UINLeEFD46K/yjQi30fwpFXSWWB3ELu7AnCT8nN/yo
cidW0DazG4hM1zJnLVU9rOx+TVRH1/eDK3VnbIHZKBx1s3IXQ4z5B2SoCgTeWOm5
CkZze0N80NzLKSYc+O4ZnqS4adyVnzIrG3f3kJbWfRujKT+9L/7kxSaTkJoGCwpd
NhDr
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:14:43 2025 by rpki-client