Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/n0NZqKwu5sfAVjEiBZibmXNhIuo.roa
File: n0NZqKwu5sfAVjEiBZibmXNhIuo.roa (raw, json)
Hash identifier: ZxCfmqIm0hCGksR/dwR6mPlC2vFS1Lpr6ZjsTSM5GFc=
Subject key identifier: 9F:43:59:A8:AC:2E:E6:C7:C0:56:31:22:05:98:9B:99:73:61:22:EA
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 0184525E6A253431CB171947BFB58A85161F
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/n0NZqKwu5sfAVjEiBZibmXNhIuo.roa
Signing time: Mon 07 Nov 2022 13:53:49 +0000
ROA not before: Mon 07 Nov 2022 13:53:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39622
IP address blocks: 193.168.140.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:5e:6a:25:34:31:cb:17:19:47:bf:b5:8a:85:16:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Nov 7 13:53:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f4359a8ac2ee6c7c056312205989b99736122ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:1f:71:06:2e:91:cb:41:bb:17:4c:0a:4b:
b8:82:a8:70:92:0c:7e:21:6a:a3:37:86:f5:46:6b:
09:14:3d:6a:00:27:df:aa:79:c4:c5:0e:d1:7b:c4:
e6:f8:da:a7:c2:2c:27:73:09:80:86:83:fb:67:e5:
8e:2c:c9:4d:fe:d8:24:aa:01:7e:26:d2:13:47:f6:
a0:df:d9:4f:48:98:b2:a4:e5:bd:b8:aa:81:33:69:
b9:6c:eb:88:00:74:da:c1:69:21:94:27:fc:91:ad:
02:ec:44:f7:2a:b2:f1:5e:97:c2:51:d2:db:d5:8a:
4d:4d:2a:bc:15:dd:c2:41:90:72:20:b2:95:21:5d:
f4:eb:7d:64:c5:36:e3:b2:16:27:c6:f7:15:01:5b:
25:ed:31:0c:2d:63:dd:de:10:b8:2c:b1:f7:74:38:
17:38:b2:42:c5:01:cf:3a:cf:06:36:86:9d:ba:3b:
6a:5b:ab:09:82:9d:64:21:69:ce:ed:fe:4f:1b:4d:
5e:2a:16:94:d5:5a:05:e7:8e:96:74:06:cb:1a:49:
36:56:57:0d:fa:23:c4:dd:b2:0b:7b:8e:de:de:42:
fb:b2:67:1b:4f:34:69:89:06:5a:22:52:f8:d4:b6:
1c:f9:eb:b9:d1:0e:0a:2e:91:9b:69:eb:69:38:8a:
a8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:43:59:A8:AC:2E:E6:C7:C0:56:31:22:05:98:9B:99:73:61:22:EA
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/n0NZqKwu5sfAVjEiBZibmXNhIuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
Signature Algorithm: sha256WithRSAEncryption
30:9d:1a:41:95:d3:0d:a5:f6:ad:e8:09:d9:e6:d7:b8:1e:28:
df:20:80:ae:a8:4d:e0:0c:c7:8a:f6:ab:67:49:70:37:a9:f0:
a3:07:b7:8d:60:9d:fe:1a:d7:a2:9f:78:62:4c:e0:13:78:2d:
fd:6a:1f:0e:97:7b:19:c7:ad:d2:2c:71:25:41:ad:e5:6b:46:
47:6e:6a:51:10:c1:98:b5:6e:2f:c0:55:3b:46:98:07:37:71:
dd:e2:1f:f5:b5:33:c3:31:8d:64:65:3f:a2:88:56:76:b5:7e:
68:52:97:1a:cb:ca:51:3d:b9:d0:37:98:e4:b0:21:2b:91:74:
91:c1:45:8e:00:0c:bb:97:b9:31:ac:b6:3c:ab:e5:a5:a2:e1:
b9:cc:e0:19:0b:dc:b1:08:76:e2:bd:e2:58:8b:1f:68:c5:92:
f8:87:cf:c0:5f:32:d3:eb:8b:68:33:b3:ac:a6:ff:c6:a0:ef:
ef:62:97:a4:35:a9:22:37:fa:02:fd:c9:1c:aa:39:e2:96:43:
98:94:fa:9f:b2:74:2b:a1:e1:26:ae:c8:48:99:cd:0b:3e:fe:
c4:77:0a:60:d2:57:01:00:8e:26:7e:b1:bf:b3:12:a5:f6:ec:
76:0e:03:39:82:7f:ad:1b:99:97:fc:94:1e:ce:d8:b3:41:c8:
ef:12:2f:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRSXmolNDHLFxlHv7WKhRYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjIxMTA3MTM1MzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQzNTlhOGFjMmVlNmM3YzA1NjMxMjIwNTk4OWI5OTczNjEyMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnssfcQYukctBuxdMCku4gqhwkgx+
IWqjN4b1RmsJFD1qACffqnnExQ7Re8Tm+NqnwiwncwmAhoP7Z+WOLMlN/tgkqgF+
JtITR/ag39lPSJiypOW9uKqBM2m5bOuIAHTawWkhlCf8ka0C7ET3KrLxXpfCUdLb
1YpNTSq8Fd3CQZByILKVIV30631kxTbjshYnxvcVAVsl7TEMLWPd3hC4LLH3dDgX
OLJCxQHPOs8GNoadujtqW6sJgp1kIWnO7f5PG01eKhaU1VoF546WdAbLGkk2VlcN
+iPE3bILe47e3kL7smcbTzRpiQZaIlL41LYc+eu50Q4KLpGbaetpOIqoJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ9DWaisLubHwFYxIgWYm5lzYSLqMB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvbjBOWnFLd3U1c2ZBVmpFaUJaaWJtWE5oSXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaiMMA0G
CSqGSIb3DQEBCwUAA4IBAQAwnRpBldMNpfat6AnZ5te4HijfIICuqE3gDMeK9qtn
SXA3qfCjB7eNYJ3+Gtein3hiTOATeC39ah8Ol3sZx63SLHElQa3la0ZHbmpREMGY
tW4vwFU7RpgHN3Hd4h/1tTPDMY1kZT+iiFZ2tX5oUpcay8pRPbnQN5jksCErkXSR
wUWOAAy7l7kxrLY8q+WlouG5zOAZC9yxCHbiveJYix9oxZL4h8/AXzLT64toM7Os
pv/GoO/vYpekNakiN/oC/ckcqjnilkOYlPqfsnQroeEmrshImc0LPv7Edwpg0lcB
AI4mfrG/sxKl9ux2DgM5gn+tG5mX/JQeztizQcjvEi8B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:37 2025 by rpki-client