Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/NOLj7XJaOcU-xzgj2S5u9r8WPAM.roa
File: NOLj7XJaOcU-xzgj2S5u9r8WPAM.roa (raw, json)
Hash identifier: 95STEGc3qu2p57tqrt55GK8JJsTvRgzmJiLzSAA7zUs=
Subject key identifier: 34:E2:E3:ED:72:5A:39:C5:3E:C7:38:23:D9:2E:6E:F6:BF:16:3C:03
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 018BB90CABD2D43F42A85BCA8697E66F107A
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/NOLj7XJaOcU-xzgj2S5u9r8WPAM.roa
Signing time: Fri 10 Nov 2023 11:44:57 +0000
ROA not before: Fri 10 Nov 2023 11:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201627
IP address blocks: 193.71.224.0/22 maxlen: 22
193.71.228.0/24 maxlen: 24
193.71.228.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:0c:ab:d2:d4:3f:42:a8:5b:ca:86:97:e6:6f:10:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Nov 10 11:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34e2e3ed725a39c53ec73823d92e6ef6bf163c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:58:ce:50:c9:de:17:ae:1e:77:1b:c5:74:
cb:31:fb:35:ba:14:36:d8:42:2d:c6:dc:af:65:94:
a9:ed:c0:b2:61:e0:bd:af:e7:0b:74:a4:f0:c8:97:
23:2c:cb:43:74:bc:e4:74:a4:cf:c6:41:7e:24:89:
95:ad:73:32:5c:ee:51:b7:95:1d:30:0f:a5:23:b4:
93:52:20:f9:2e:2a:e0:c6:ec:dc:23:29:34:f5:7c:
a1:ca:05:de:1b:9d:37:4a:34:4f:25:c6:82:17:24:
ae:0e:5a:ca:d7:30:6f:30:00:78:f0:ba:97:05:44:
32:02:d9:74:5a:ae:89:ac:cd:88:94:26:6e:24:cf:
a6:b4:22:2b:24:b0:5c:ca:e3:13:28:95:17:a2:df:
00:30:64:85:f5:9e:6f:e4:a3:16:8a:58:3d:3e:66:
73:b2:dd:fe:89:cc:bd:b5:e0:4b:6a:c1:0e:65:7c:
25:74:32:a5:39:4f:1b:af:e3:80:dc:33:83:81:e4:
56:ce:11:89:48:5a:0c:47:90:de:f3:be:f6:2e:9b:
da:49:9a:92:f5:5e:10:50:bf:27:5f:53:8f:ca:75:
32:c6:12:31:7c:8f:cd:fd:2d:d8:89:b7:a7:65:b3:
1c:69:62:99:48:ad:7f:00:2b:3f:9c:f5:66:43:d5:
92:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E2:E3:ED:72:5A:39:C5:3E:C7:38:23:D9:2E:6E:F6:BF:16:3C:03
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/NOLj7XJaOcU-xzgj2S5u9r8WPAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.71.224.0/21
Signature Algorithm: sha256WithRSAEncryption
50:06:a5:fc:8d:51:f5:fa:03:dc:8e:68:ef:f6:fa:d4:f4:69:
44:45:ac:9a:f2:a9:56:41:37:0e:21:47:0d:28:8d:a7:f4:9c:
60:be:4f:8d:53:9f:23:c8:6b:2c:d1:af:cd:6d:c6:fe:e4:5b:
88:d5:3d:5c:50:4b:5f:cf:cc:73:bb:c4:48:34:51:ef:6c:ab:
8f:c3:d9:34:cf:d4:1a:45:e5:85:bc:c8:9a:db:ae:70:40:a6:
ed:5b:d5:ff:07:d0:5d:e7:89:23:82:b4:aa:d2:e2:fb:df:55:
3d:7e:01:61:e9:64:07:f1:ce:d6:fb:b7:a9:b7:a5:50:e9:8e:
62:73:5e:f2:8a:0c:fd:a8:7d:28:65:7f:94:02:f2:48:bf:bd:
1d:27:01:f8:f7:ad:6c:b0:28:fc:59:60:10:12:cc:d2:4e:03:
0c:57:ef:2d:89:6a:f7:58:eb:b4:dd:13:cd:50:8e:3f:75:ad:
b8:d7:1d:b3:83:62:2d:54:0a:1a:84:f2:fe:76:a1:a7:ba:97:
18:9e:ef:d0:2f:a6:3e:65:cf:59:9a:4c:39:d4:cc:5b:27:36:
78:5d:07:cd:e1:8b:a7:ab:bd:8d:5d:50:8c:da:da:a0:79:13:
4c:91:13:ea:b6:df:0c:49:ef:3c:a8:60:2f:eb:70:51:e8:73:
06:a5:ba:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu5DKvS1D9CqFvKhpfmbxB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjMxMTEwMTE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGUyZTNlZDcyNWEzOWM1M2VjNzM4MjNkOTJlNmVmNmJmMTYzYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbRYzlDJ3heuHncbxXTLMfs1uhQ2
2EItxtyvZZSp7cCyYeC9r+cLdKTwyJcjLMtDdLzkdKTPxkF+JImVrXMyXO5Rt5Ud
MA+lI7STUiD5LirgxuzcIyk09XyhygXeG503SjRPJcaCFySuDlrK1zBvMAB48LqX
BUQyAtl0Wq6JrM2IlCZuJM+mtCIrJLBcyuMTKJUXot8AMGSF9Z5v5KMWilg9PmZz
st3+icy9teBLasEOZXwldDKlOU8br+OA3DODgeRWzhGJSFoMR5De8772LpvaSZqS
9V4QUL8nX1OPynUyxhIxfI/N/S3YibenZbMcaWKZSK1/ACs/nPVmQ9WShwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTi4+1yWjnFPsc4I9kubva/FjwDMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvTk9MajdYSmFPY1UteHpnajJTNXU5cjhXUEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwUfgMA0G
CSqGSIb3DQEBCwUAA4IBAQBQBqX8jVH1+gPcjmjv9vrU9GlERaya8qlWQTcOIUcN
KI2n9Jxgvk+NU58jyGss0a/Nbcb+5FuI1T1cUEtfz8xzu8RINFHvbKuPw9k0z9Qa
ReWFvMia265wQKbtW9X/B9Bd54kjgrSq0uL731U9fgFh6WQH8c7W+7ept6VQ6Y5i
c17yigz9qH0oZX+UAvJIv70dJwH4961ssCj8WWAQEszSTgMMV+8tiWr3WOu03RPN
UI4/da241x2zg2ItVAoahPL+dqGnupcYnu/QL6Y+Zc9Zmkw51MxbJzZ4XQfN4Yun
q72NXVCM2tqgeRNMkRPqtt8MSe88qGAv63BR6HMGpbrk
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:25 2025 by rpki-client