Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/NeLxmsGu1eDcKU1NRWh2bCE7yLg.roa
File: NeLxmsGu1eDcKU1NRWh2bCE7yLg.roa (raw, json)
Hash identifier: qpJr6ePdJ+mJwsbWr4ga0BC/BVbrZRzPQBIqiTRATV4=
Subject key identifier: 35:E2:F1:9A:C1:AE:D5:E0:DC:29:4D:4D:45:68:76:6C:21:3B:C8:B8
Certificate issuer: /CN=be8b15c237f34c5c5c5344b4079ebb3a589d0148
Certificate serial: 018248BB2F9B54C51E801ABB17801E1C2759
Authority key identifier: BE:8B:15:C2:37:F3:4C:5C:5C:53:44:B4:07:9E:BB:3A:58:9D:01:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vosVwjfzTFxcU0S0B567OlidAUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/NeLxmsGu1eDcKU1NRWh2bCE7yLg.roa
Signing time: Fri 29 Jul 2022 06:53:23 +0000
ROA not before: Fri 29 Jul 2022 06:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34259
IP address blocks: 193.0.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:48:bb:2f:9b:54:c5:1e:80:1a:bb:17:80:1e:1c:27:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8b15c237f34c5c5c5344b4079ebb3a589d0148
Validity
Not Before: Jul 29 06:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35e2f19ac1aed5e0dc294d4d4568766c213bc8b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9b:e6:2b:41:88:a1:4d:af:93:d1:8a:43:cc:
08:b7:56:39:a5:d7:ed:4d:6b:d0:74:0e:2b:88:e6:
d2:de:f0:7a:be:e8:47:f6:1e:01:98:e1:eb:8b:6a:
17:42:24:c5:5c:a3:0f:f6:ec:cc:16:ca:31:df:24:
8b:b5:a7:5d:3e:15:b6:50:88:0a:56:6b:d8:4a:bf:
c3:64:f0:d9:1e:9f:1b:f9:00:eb:1b:75:26:a5:55:
30:bf:4d:90:98:23:4b:c8:7e:52:79:3a:3d:e1:03:
3a:a5:aa:cb:7a:43:86:57:7a:5b:ad:b6:82:cb:7a:
5e:25:20:d3:46:d8:00:bc:c4:d0:b3:95:1a:db:36:
ae:ae:1e:2a:d1:b1:95:fb:99:62:ca:7d:21:8b:73:
88:e5:93:a0:e6:61:ce:61:ad:07:1f:ca:9e:0e:a2:
5f:7c:10:c3:67:0a:14:44:28:10:35:ee:33:18:f3:
11:05:62:aa:b9:05:f7:53:7d:48:6e:37:8c:df:73:
09:a5:99:6f:3f:f7:bd:5a:d3:37:42:8e:c7:fc:db:
36:62:23:6e:47:85:62:ab:05:5a:ca:ba:45:ba:66:
13:08:97:3f:c1:50:19:ec:14:b1:75:4b:92:af:bc:
22:73:34:71:37:8e:31:79:87:40:b7:73:22:ed:e6:
15:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E2:F1:9A:C1:AE:D5:E0:DC:29:4D:4D:45:68:76:6C:21:3B:C8:B8
X509v3 Authority Key Identifier:
keyid:BE:8B:15:C2:37:F3:4C:5C:5C:53:44:B4:07:9E:BB:3A:58:9D:01:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vosVwjfzTFxcU0S0B567OlidAUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/NeLxmsGu1eDcKU1NRWh2bCE7yLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/vosVwjfzTFxcU0S0B567OlidAUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.223.0/24
Signature Algorithm: sha256WithRSAEncryption
44:81:7b:40:b8:2b:65:a8:6b:2a:20:29:f0:b8:98:f0:4e:5c:
f9:83:ae:1d:6a:90:43:ff:e4:75:00:dd:b3:59:0f:10:7e:f8:
be:0b:8e:c9:bf:de:6a:ed:35:d8:79:07:71:8a:92:12:da:44:
13:b8:05:97:35:3c:8e:c9:6d:9d:5b:24:83:c1:92:23:80:5a:
00:06:ed:6b:ab:68:1c:06:84:1c:64:12:03:3a:af:2a:76:77:
62:73:4c:d6:06:c2:db:f8:7c:48:5f:21:13:32:fa:f3:d9:df:
64:b2:65:e9:29:32:a1:79:11:c6:eb:31:b1:6a:2e:21:20:33:
ef:74:5c:37:23:77:6c:42:cd:78:7c:01:0c:aa:76:dd:71:bf:
e0:22:12:d5:9c:db:ca:90:3e:82:e0:4a:f6:03:f0:0b:28:9b:
2d:4b:ef:b1:b0:90:a6:89:55:a7:72:f4:2e:e5:1a:18:ba:08:
fc:66:05:65:ad:d3:d5:04:74:7d:3c:13:74:5a:b5:b0:d6:3c:
6a:5b:10:b7:b5:d7:1e:83:73:f3:22:ae:03:56:9c:6b:61:6b:
c9:72:14:7d:7d:9d:42:d1:6e:e7:59:2c:93:bc:1c:7a:f6:8c:
53:d8:92:2a:66:ff:7e:f9:7e:96:8c:43:f1:aa:ac:cc:c9:43:
c2:f7:3b:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJIuy+bVMUegBq7F4AeHCdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGIxNWMyMzdmMzRjNWM1YzUzNDRiNDA3OWViYjNhNTg5
ZDAxNDgwHhcNMjIwNzI5MDY1MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWUyZjE5YWMxYWVkNWUwZGMyOTRkNGQ0NTY4NzY2YzIxM2JjOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipvmK0GIoU2vk9GKQ8wIt1Y5pdft
TWvQdA4riObS3vB6vuhH9h4BmOHri2oXQiTFXKMP9uzMFsox3ySLtaddPhW2UIgK
VmvYSr/DZPDZHp8b+QDrG3UmpVUwv02QmCNLyH5SeTo94QM6parLekOGV3pbrbaC
y3peJSDTRtgAvMTQs5Ua2zaurh4q0bGV+5liyn0hi3OI5ZOg5mHOYa0HH8qeDqJf
fBDDZwoURCgQNe4zGPMRBWKquQX3U31IbjeM33MJpZlvP/e9WtM3Qo7H/Ns2YiNu
R4ViqwVayrpFumYTCJc/wVAZ7BSxdUuSr7wiczRxN44xeYdAt3Mi7eYVdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXi8ZrBrtXg3ClNTUVodmwhO8i4MB8GA1UdIwQY
MBaAFL6LFcI380xcXFNEtAeeuzpYnQFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm9zVndqZnpURnhjVTBTMEI1NjdPbGlkQVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hYTU5NzItMzUzOC00MzYxLWExMzQt
MzFkZTE3NjlmZDhhLzEvTmVMeG1zR3UxZURjS1UxTlJXaDJiQ0U3eUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hYTU5NzItMzUzOC00MzYxLWExMzQtMzFkZTE3NjlmZDhh
LzEvdm9zVndqZnpURnhjVTBTMEI1NjdPbGlkQVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQDfMA0G
CSqGSIb3DQEBCwUAA4IBAQBEgXtAuCtlqGsqICnwuJjwTlz5g64dapBD/+R1AN2z
WQ8Qfvi+C47Jv95q7TXYeQdxipIS2kQTuAWXNTyOyW2dWySDwZIjgFoABu1rq2gc
BoQcZBIDOq8qdndic0zWBsLb+HxIXyETMvrz2d9ksmXpKTKheRHG6zGxai4hIDPv
dFw3I3dsQs14fAEMqnbdcb/gIhLVnNvKkD6C4Er2A/ALKJstS++xsJCmiVWncvQu
5RoYugj8ZgVlrdPVBHR9PBN0WrWw1jxqWxC3tdceg3PzIq4DVpxrYWvJchR9fZ1C
0W7nWSyTvBx69oxT2JIqZv9++X6WjEPxqqzMyUPC9zup
-----END CERTIFICATE-----
Generated at Fri May 9 08:42:44 2025 by rpki-client