Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/NOKxt3aE20ocF28mkmBMYYTL5lg.roa
File: NOKxt3aE20ocF28mkmBMYYTL5lg.roa (raw, json)
Hash identifier: hIgB0y6zv+zSjjMZt075G0F64gcPfNBq0rk0XrSlzBo=
Subject key identifier: 34:E2:B1:B7:76:84:DB:4A:1C:17:6F:26:92:60:4C:61:84:CB:E6:58
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018BDCF082804C329B3C0BC8BAA5D395AFBB
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/NOKxt3aE20ocF28mkmBMYYTL5lg.roa
Signing time: Fri 17 Nov 2023 11:00:31 +0000
ROA not before: Fri 17 Nov 2023 11:00:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57665
IP address blocks: 185.226.44.0/22 maxlen: 22
185.241.104.0/22 maxlen: 22
31.222.16.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:f0:82:80:4c:32:9b:3c:0b:c8:ba:a5:d3:95:af:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Nov 17 11:00:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34e2b1b77684db4a1c176f2692604c6184cbe658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8b:49:bc:2e:30:43:09:0d:79:8a:3c:f0:3b:
26:97:1c:d3:ef:b7:ed:74:4e:7a:13:10:50:4f:ca:
3c:9a:fd:a0:7e:ef:9c:cb:85:a9:7a:4f:67:88:f9:
86:24:fc:9c:4f:b1:93:26:ae:23:f7:58:e9:71:ff:
7d:03:d8:62:73:aa:94:24:db:eb:4f:ad:07:b5:25:
3e:9e:82:85:62:54:e6:a8:f5:b8:d4:0c:66:ca:13:
cb:2c:43:30:14:be:c9:48:ec:e8:ac:6d:aa:97:eb:
68:d1:4b:f2:d0:09:08:02:41:45:fa:5f:95:8e:d9:
e4:61:97:96:e4:ce:6b:63:fa:9c:9a:84:ce:58:10:
32:bc:45:28:5a:c1:98:7d:e7:0f:13:d0:d5:c8:53:
65:01:c9:08:7d:06:f1:c4:7c:0d:73:b9:82:de:a2:
2b:98:8c:57:be:e0:95:f2:2b:15:54:59:33:14:46:
23:5f:d1:49:4d:d0:ea:d1:66:2d:98:dd:37:a3:e5:
5f:79:8c:8e:bf:ce:88:09:36:23:fd:f7:fc:da:e6:
c1:25:a7:0c:c1:06:c4:b2:2e:35:8a:e2:1c:3c:96:
a3:a5:f2:7a:3e:2f:d2:97:7e:fb:14:5d:d9:50:b8:
c9:7c:9a:62:3e:27:70:92:4b:4c:7f:b3:09:6a:48:
94:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E2:B1:B7:76:84:DB:4A:1C:17:6F:26:92:60:4C:61:84:CB:E6:58
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/NOKxt3aE20ocF28mkmBMYYTL5lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.16.0/21
185.226.44.0/22
185.241.104.0/22
Signature Algorithm: sha256WithRSAEncryption
06:16:1e:c5:c7:d4:b9:49:45:c7:f0:c2:e0:be:13:f4:b3:5b:
a1:ac:ef:0d:5e:cc:98:01:3b:10:62:f2:d8:44:a1:4b:31:1d:
df:fd:09:37:e9:56:8c:e5:91:a6:7c:9a:5c:85:a8:a5:c9:f9:
cc:6f:47:fa:50:c1:a5:ee:dc:68:be:a4:1f:a9:2c:61:cf:7b:
ca:6e:41:73:f8:1e:41:6c:c7:fa:0a:78:bd:77:e9:8f:3f:a2:
5a:39:58:9a:b5:74:8c:da:54:2b:24:25:bf:9c:01:dc:9e:3f:
f2:bf:cb:2b:03:f7:6c:25:be:95:bf:ca:bf:d6:09:37:87:39:
e0:7c:b1:13:68:32:43:50:96:58:54:ba:25:01:ed:67:7d:7a:
17:b8:e2:fa:c1:5f:05:9b:e8:a6:4a:a6:de:98:36:6a:40:26:
df:64:3f:27:d0:e2:52:a3:f4:6b:8a:aa:3e:81:eb:13:85:f5:
0e:76:63:5b:f7:31:84:89:b3:a7:1b:9b:4e:62:d9:7d:b4:4d:
13:aa:79:c3:37:f1:db:9a:95:4f:8c:7b:48:e1:74:20:ed:45:
1b:98:28:a0:ca:42:8b:7d:96:1c:86:60:de:b7:69:0e:d8:cb:
f7:2b:8f:ff:83:af:c6:0a:a7:8c:bf:cd:83:6d:b2:9a:2f:a2:
3d:05:a0:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvc8IKATDKbPAvIuqXTla+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjMxMTE3MTEwMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGUyYjFiNzc2ODRkYjRhMWMxNzZmMjY5MjYwNGM2MTg0Y2JlNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4tJvC4wQwkNeYo88DsmlxzT77ft
dE56ExBQT8o8mv2gfu+cy4Wpek9niPmGJPycT7GTJq4j91jpcf99A9hic6qUJNvr
T60HtSU+noKFYlTmqPW41AxmyhPLLEMwFL7JSOzorG2ql+to0Uvy0AkIAkFF+l+V
jtnkYZeW5M5rY/qcmoTOWBAyvEUoWsGYfecPE9DVyFNlAckIfQbxxHwNc7mC3qIr
mIxXvuCV8isVVFkzFEYjX9FJTdDq0WYtmN03o+VfeYyOv86ICTYj/ff82ubBJacM
wQbEsi41iuIcPJajpfJ6Pi/Sl377FF3ZULjJfJpiPidwkktMf7MJakiUZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDTisbd2hNtKHBdvJpJgTGGEy+ZYMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvTk9LeHQzYUUyMG9jRjI4bWttQk1ZWVRMNWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH94QAwQC
ueIsAwQCufFoMA0GCSqGSIb3DQEBCwUAA4IBAQAGFh7Fx9S5SUXH8MLgvhP0s1uh
rO8NXsyYATsQYvLYRKFLMR3f/Qk36VaM5ZGmfJpchailyfnMb0f6UMGl7txovqQf
qSxhz3vKbkFz+B5BbMf6Cni9d+mPP6JaOViatXSM2lQrJCW/nAHcnj/yv8srA/ds
Jb6Vv8q/1gk3hzngfLETaDJDUJZYVLolAe1nfXoXuOL6wV8Fm+imSqbemDZqQCbf
ZD8n0OJSo/Rriqo+gesThfUOdmNb9zGEibOnG5tOYtl9tE0TqnnDN/HbmpVPjHtI
4XQg7UUbmCigykKLfZYchmDet2kO2Mv3K4//g6/GCqeMv82DbbKaL6I9BaCT
-----END CERTIFICATE-----
Generated at Tue Jun 17 00:49:56 2025 by rpki-client