Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/NxNOOZ-ifM-YkqVLrUalmV6nyXw.roa
File: NxNOOZ-ifM-YkqVLrUalmV6nyXw.roa (raw, json)
Hash identifier: aSQorfBdPrJEaunOEHKVmtYc0PVlzN978vTtj7ScikU=
Subject key identifier: 37:13:4E:39:9F:A2:7C:CF:98:92:A5:4B:AD:46:A5:99:5E:A7:C9:7C
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 0189F0606EB508BE589A914C0A8203CEC243
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/NxNOOZ-ifM-YkqVLrUalmV6nyXw.roa
Signing time: Sun 13 Aug 2023 19:29:58 +0000
ROA not before: Sun 13 Aug 2023 19:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.104.12.0/23 maxlen: 24
85.208.44.0/23 maxlen: 24
85.208.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f0:60:6e:b5:08:be:58:9a:91:4c:0a:82:03:ce:c2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Aug 13 19:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37134e399fa27ccf9892a54bad46a5995ea7c97c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4d:7d:00:e5:d6:ed:8a:ee:f3:4f:1d:5e:7b:
55:2a:93:26:6f:b7:6b:ab:87:8e:a9:94:dc:3d:65:
65:d2:94:78:15:df:7f:2e:d0:98:cf:b2:fe:82:06:
f9:d7:c4:85:bc:a0:aa:a6:76:23:c0:ba:9b:b5:62:
78:2f:cd:a9:de:e1:fb:16:50:0a:99:60:4a:05:23:
94:d5:81:fb:32:e3:12:aa:55:ca:da:65:b9:2c:b5:
2b:30:c5:1f:28:c6:27:a0:51:f8:71:88:63:cd:ad:
25:2c:6f:f0:d6:bb:7d:15:50:d2:b2:bd:0c:7e:f9:
8e:72:98:e0:b1:d2:c6:21:c2:6c:ce:32:44:e4:72:
24:60:0c:a2:d4:d1:cf:3f:d1:6c:76:e9:1b:5a:c3:
26:e1:09:d1:3e:c5:0e:c4:80:d5:53:a7:d7:95:ec:
13:23:0b:5c:9b:bc:d1:7e:4e:dd:64:1b:9a:b5:44:
b4:04:6a:fa:e0:ae:c5:28:7a:78:3d:7f:63:d5:ee:
5e:ec:31:49:a9:5c:de:b8:56:47:e2:05:4b:41:02:
b1:a0:15:29:5f:b6:be:3e:2b:b2:dd:4b:aa:42:5e:
fb:70:9a:1f:57:ce:6a:a4:0e:f9:25:fd:90:d0:b9:
cc:ed:f6:92:e6:d1:a8:cd:df:13:00:e6:f6:5b:42:
48:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:13:4E:39:9F:A2:7C:CF:98:92:A5:4B:AD:46:A5:99:5E:A7:C9:7C
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/NxNOOZ-ifM-YkqVLrUalmV6nyXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.44.0-85.208.46.255
185.104.12.0/23
Signature Algorithm: sha256WithRSAEncryption
00:a6:90:fc:05:26:64:ab:2f:82:de:34:3b:97:59:c1:3f:b2:
2f:ec:70:3b:5e:43:69:20:57:4a:8a:16:3a:ed:5a:b7:59:54:
6d:c8:8d:f5:2a:59:60:2d:5e:e3:1d:f9:a6:28:30:0d:20:69:
94:6f:2f:27:82:a6:86:ec:0c:da:aa:ea:af:46:c0:3a:d0:d9:
3e:85:10:fb:92:13:3c:71:c0:33:c7:eb:c8:11:4c:a0:6c:12:
ee:22:88:1c:20:23:fb:23:c5:c5:74:d4:e9:07:c9:d5:64:17:
02:77:c3:56:db:9c:e0:64:81:16:2a:db:98:ce:39:88:9a:cb:
f9:07:bb:2d:df:8a:5e:cc:ab:fe:23:40:20:80:23:97:76:7f:
07:a6:1c:c4:8e:43:6a:72:2f:8a:0d:54:41:26:90:39:91:53:
10:4c:71:34:6b:6d:07:01:b7:43:47:72:33:a9:0d:e1:8d:1d:
ef:2c:a0:7f:e6:d0:6b:3e:08:ba:b7:50:72:6e:02:36:1b:83:
83:31:d5:a8:87:e1:c1:45:c6:dc:b2:86:8a:59:3f:0c:86:c7:
71:d7:2f:af:f9:8d:2b:4e:31:3d:93:82:21:81:bf:0f:e9:d4:
54:d6:1a:30:61:96:28:d0:a2:5c:52:ee:a4:4a:91:0b:5c:39:
e8:9e:67:47
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYnwYG61CL5YmpFMCoIDzsJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMwODEzMTkyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzEzNGUzOTlmYTI3Y2NmOTg5MmE1NGJhZDQ2YTU5OTVlYTdjOTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg019AOXW7Yru808dXntVKpMmb7dr
q4eOqZTcPWVl0pR4Fd9/LtCYz7L+ggb518SFvKCqpnYjwLqbtWJ4L82p3uH7FlAK
mWBKBSOU1YH7MuMSqlXK2mW5LLUrMMUfKMYnoFH4cYhjza0lLG/w1rt9FVDSsr0M
fvmOcpjgsdLGIcJszjJE5HIkYAyi1NHPP9FsdukbWsMm4QnRPsUOxIDVU6fXlewT
Iwtcm7zRfk7dZBuatUS0BGr64K7FKHp4PX9j1e5e7DFJqVzeuFZH4gVLQQKxoBUp
X7a+Piuy3UuqQl77cJofV85qpA75Jf2Q0LnM7faS5tGozd8TAOb2W0JI4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDcTTjmfonzPmJKlS61GpZlep8l8MB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvTnhOT09aLWlmTS1Za3FWTHJVYWxtVjZueVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJV0CwD
BABV0C4DBAG5aAwwDQYJKoZIhvcNAQELBQADggEBAACmkPwFJmSrL4LeNDuXWcE/
si/scDteQ2kgV0qKFjrtWrdZVG3IjfUqWWAtXuMd+aYoMA0gaZRvLyeCpobsDNqq
6q9GwDrQ2T6FEPuSEzxxwDPH68gRTKBsEu4iiBwgI/sjxcV01OkHydVkFwJ3w1bb
nOBkgRYq25jOOYiay/kHuy3fil7Mq/4jQCCAI5d2fwemHMSOQ2pyL4oNVEEmkDmR
UxBMcTRrbQcBt0NHcjOpDeGNHe8soH/m0Gs+CLq3UHJuAjYbg4Mx1aiH4cFFxtyy
hopZPwyGx3HXL6/5jStOMT2TgiGBvw/p1FTWGjBhlijQolxS7qRKkQtcOeieZ0c=
-----END CERTIFICATE-----
Generated at Fri May 2 23:22:51 2025 by rpki-client