Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/nvxisOyrxRdKdXPxfnfHT3Y-Y2g.roa
File: nvxisOyrxRdKdXPxfnfHT3Y-Y2g.roa (raw, json)
Hash identifier: cjIw0O4VgRcHtSjRUM7OqBYHaJ7DNYdOPTpCqnJRxI4=
Subject key identifier: 9E:FC:62:B0:EC:AB:C5:17:4A:75:73:F1:7E:77:C7:4F:76:3E:63:68
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 0186996FCD2F4326956F39667ABADDDC3419
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/nvxisOyrxRdKdXPxfnfHT3Y-Y2g.roa
Signing time: Tue 28 Feb 2023 19:11:26 +0000
ROA not before: Tue 28 Feb 2023 19:11:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205729
IP address blocks: 149.62.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:6f:cd:2f:43:26:95:6f:39:66:7a:ba:dd:dc:34:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Feb 28 19:11:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9efc62b0ecabc5174a7573f17e77c74f763e6368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:d6:d9:e7:85:7d:2a:bc:45:39:41:13:12:
60:38:c9:8c:50:8d:24:3f:21:75:27:2f:37:cc:ae:
da:c7:e1:04:2f:71:91:a2:dd:56:c1:d0:f2:e6:c3:
a2:9f:61:f1:43:e1:85:4e:59:ad:99:56:4b:ed:74:
5b:66:46:44:dc:d3:64:0b:bb:d6:ea:26:18:2a:26:
c7:90:fd:3b:26:b7:07:fc:92:d3:27:c7:6e:74:6f:
f2:2a:15:36:ae:bc:af:b1:02:a7:e1:b2:b2:99:33:
4d:94:12:ed:31:14:9d:ba:4c:f2:11:8c:11:22:7b:
23:08:19:d1:e9:f5:7b:af:c7:9a:a6:87:dd:a6:2f:
b9:c5:38:d9:e1:a0:a0:4e:96:65:42:2d:c7:10:5d:
da:1f:93:55:8c:2d:10:29:64:cf:79:78:dd:97:78:
39:fd:fb:6d:ba:07:02:df:1c:a6:8f:05:f4:42:e2:
35:7d:26:11:36:d4:9a:0a:63:aa:df:5e:62:87:80:
dc:03:cf:ec:7f:d5:47:cc:ed:46:a5:50:12:62:53:
2a:9c:89:74:46:a6:54:fa:73:82:a7:87:1a:51:b2:
bc:de:db:2d:75:6a:35:ed:c6:ae:8b:6d:37:bd:83:
a2:22:fd:d0:49:1c:a5:d5:a5:d5:d9:76:95:e7:33:
d8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FC:62:B0:EC:AB:C5:17:4A:75:73:F1:7E:77:C7:4F:76:3E:63:68
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/nvxisOyrxRdKdXPxfnfHT3Y-Y2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.32.0/24
Signature Algorithm: sha256WithRSAEncryption
84:7a:a8:40:c4:ec:0a:f3:8d:b6:a1:98:7d:5e:12:22:fa:e1:
ec:56:1f:6f:ca:15:48:1a:91:b5:6f:0f:17:26:dd:da:98:0d:
51:48:0a:4c:0b:1c:31:9b:a5:d2:d4:b5:ab:27:0c:ec:94:72:
bf:f9:16:6a:87:6d:78:f5:18:12:b9:54:e8:2d:a0:03:e7:3a:
17:65:55:9b:aa:d6:e3:4c:80:5c:37:82:18:b4:5e:1c:d8:53:
17:d9:7c:4e:90:3d:d8:da:1e:18:5e:31:71:fa:89:fb:0a:db:
2f:ac:b4:2f:42:72:d7:55:6e:a2:b0:96:4a:24:1f:31:ce:69:
d5:53:4e:ac:ad:21:1c:0c:f1:db:89:d1:b8:2d:48:4d:dd:93:
cb:b5:da:4d:bb:f2:c3:26:bd:ab:be:5f:e4:27:6a:98:9c:7a:
2a:22:11:4d:c5:d5:e3:d6:fe:f8:d4:f7:44:6a:38:75:cb:0a:
0c:d9:1a:a2:25:4b:57:af:33:b9:14:fe:25:f2:1b:5b:56:9a:
b8:30:52:7c:30:d0:71:01:b8:d0:b1:71:ee:41:76:18:bf:fa:
0c:b3:32:81:54:3f:87:4a:11:81:59:4c:24:97:04:1c:1a:14:
f2:05:ac:07:da:8f:a3:c6:ab:59:e4:95:50:09:f8:1a:a8:60:
dc:e5:67:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaZb80vQyaVbzlmerrd3DQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjMwMjI4MTkxMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZjNjJiMGVjYWJjNTE3NGE3NTczZjE3ZTc3Yzc0Zjc2M2U2MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0XW2eeFfSq8RTlBExJgOMmMUI0k
PyF1Jy83zK7ax+EEL3GRot1WwdDy5sOin2HxQ+GFTlmtmVZL7XRbZkZE3NNkC7vW
6iYYKibHkP07JrcH/JLTJ8dudG/yKhU2rryvsQKn4bKymTNNlBLtMRSdukzyEYwR
InsjCBnR6fV7r8eapofdpi+5xTjZ4aCgTpZlQi3HEF3aH5NVjC0QKWTPeXjdl3g5
/fttugcC3xymjwX0QuI1fSYRNtSaCmOq315ih4DcA8/sf9VHzO1GpVASYlMqnIl0
RqZU+nOCp4caUbK83tstdWo17caui203vYOiIv3QSRyl1aXV2XaV5zPYOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ78YrDsq8UXSnVz8X53x092PmNoMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvbnZ4aXNPeXJ4UmRLZFhQeGZuZkhUM1ktWTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlT4gMA0G
CSqGSIb3DQEBCwUAA4IBAQCEeqhAxOwK8422oZh9XhIi+uHsVh9vyhVIGpG1bw8X
Jt3amA1RSApMCxwxm6XS1LWrJwzslHK/+RZqh2149RgSuVToLaAD5zoXZVWbqtbj
TIBcN4IYtF4c2FMX2XxOkD3Y2h4YXjFx+on7CtsvrLQvQnLXVW6isJZKJB8xzmnV
U06srSEcDPHbidG4LUhN3ZPLtdpNu/LDJr2rvl/kJ2qYnHoqIhFNxdXj1v741PdE
ajh1ywoM2RqiJUtXrzO5FP4l8htbVpq4MFJ8MNBxAbjQsXHuQXYYv/oMszKBVD+H
ShGBWUwklwQcGhTyBawH2o+jxqtZ5JVQCfgaqGDc5WeB
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:31 2025 by rpki-client