Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/nwOlaSCFCRxBRVD5BDEYsEaS6nA.roa
File: nwOlaSCFCRxBRVD5BDEYsEaS6nA.roa (raw, json)
Hash identifier: YBil8w/2b1TnCiFxs5IR7w0YGIU/FkTW/okOwoLIAPA=
Subject key identifier: 9F:03:A5:69:20:85:09:1C:41:45:50:F9:04:31:18:B0:46:92:EA:70
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01866DF9437B6AF02080F7A4C01DE5D04BA9
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/nwOlaSCFCRxBRVD5BDEYsEaS6nA.roa
Signing time: Mon 20 Feb 2023 08:38:17 +0000
ROA not before: Mon 20 Feb 2023 08:38:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.103.0/24 maxlen: 24
164.215.102.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:f9:43:7b:6a:f0:20:80:f7:a4:c0:1d:e5:d0:4b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 20 08:38:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f03a5692085091c414550f9043118b04692ea70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:5e:41:b2:c7:3b:ac:c7:8d:4b:92:0d:eb:
70:f8:82:00:da:64:57:d9:a9:9e:40:6d:a0:3d:e1:
75:7b:84:ed:5d:ca:1c:3a:0e:7c:87:d3:a7:08:7b:
a5:56:af:95:fa:e5:38:7d:2e:77:3e:ee:a5:01:37:
a5:4c:af:9d:6a:4e:5e:b5:cf:b7:08:a0:56:d0:03:
ed:5a:4d:92:63:34:4d:6b:9f:ac:69:ea:77:13:44:
64:eb:b5:84:13:e2:44:e1:f7:71:ae:a4:76:9e:e4:
43:8c:b0:fd:13:fb:59:b0:35:31:b6:24:57:a8:20:
70:b4:7c:6e:a9:f7:b0:8e:bc:5d:70:16:2c:c9:ca:
99:4e:dd:83:f4:88:4c:cd:57:0c:39:f0:53:63:57:
75:08:71:3f:b2:e2:4f:02:10:66:e7:c5:30:f4:c0:
b6:87:87:f8:45:2b:56:b5:a0:c2:e6:41:2a:bc:be:
87:96:bd:0c:f9:16:a3:d8:43:fd:e1:d5:fb:8f:62:
52:41:4a:8b:7a:c7:e6:dd:ca:34:ce:5b:7c:69:5e:
86:9e:75:22:25:9d:3e:41:c1:a0:97:17:25:30:62:
33:9e:69:0f:4b:a2:45:19:e5:f5:dc:cb:92:9f:77:
91:aa:b6:92:ca:b9:c2:42:41:07:39:f5:bc:0b:53:
b4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:03:A5:69:20:85:09:1C:41:45:50:F9:04:31:18:B0:46:92:EA:70
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/nwOlaSCFCRxBRVD5BDEYsEaS6nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
164.215.102.0/23
Signature Algorithm: sha256WithRSAEncryption
de:75:22:c7:54:bd:b2:3c:d1:46:b7:39:8c:a4:bc:09:ac:96:
15:30:66:98:30:1a:73:24:7f:42:16:b6:69:51:dd:47:34:e1:
e3:ec:00:1b:11:39:99:bf:02:9e:08:41:80:69:18:d4:b0:24:
4c:48:df:ab:6b:6a:9b:7b:94:52:75:16:5d:bc:29:1d:a8:58:
43:80:e8:8a:6c:68:05:d2:21:8e:23:31:07:4a:88:3e:3a:b5:
19:ba:c2:3c:38:6a:77:05:76:75:2f:1b:78:8f:e6:d2:1b:c3:
b4:e3:a0:ab:d3:1c:fb:74:0c:06:20:34:8d:f9:1b:88:ab:1e:
81:9f:09:29:68:65:eb:11:ea:e4:c1:6d:d6:7b:ff:18:55:04:
49:c0:a4:97:69:67:10:02:2f:44:20:03:21:52:65:a9:32:8f:
9c:b7:e8:65:03:b5:02:6a:ae:fa:38:a3:f6:a6:66:43:c1:67:
74:de:dd:f0:71:98:b3:71:e9:2b:c9:c9:f8:36:f7:8c:91:3d:
b7:27:54:7d:4d:bd:a3:b8:7e:c5:c8:5e:bc:de:ca:98:e8:22:
b5:ce:c1:83:f4:be:b0:31:14:51:e2:75:b9:77:30:d4:c4:45:
2e:5c:57:0d:db:a5:a4:85:f6:d6:38:8a:20:90:c5:29:0e:7b:
a6:9e:3d:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZt+UN7avAggPekwB3l0EupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjIwMDgzODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAzYTU2OTIwODUwOTFjNDE0NTUwZjkwNDMxMThiMDQ2OTJlYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7deQbLHO6zHjUuSDetw+IIA2mRX
2ameQG2gPeF1e4TtXcocOg58h9OnCHulVq+V+uU4fS53Pu6lATelTK+dak5etc+3
CKBW0APtWk2SYzRNa5+saep3E0Rk67WEE+JE4fdxrqR2nuRDjLD9E/tZsDUxtiRX
qCBwtHxuqfewjrxdcBYsycqZTt2D9IhMzVcMOfBTY1d1CHE/suJPAhBm58Uw9MC2
h4f4RStWtaDC5kEqvL6Hlr0M+Raj2EP94dX7j2JSQUqLesfm3co0zlt8aV6GnnUi
JZ0+QcGglxclMGIznmkPS6JFGeX13MuSn3eRqraSyrnCQkEHOfW8C1O0BwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ8DpWkghQkcQUVQ+QQxGLBGkupwMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbndPbGFTQ0ZDUnhCUlZENUJERVlzRWFTNm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBQrwAwQC
BQr8AwQBpNdmMA0GCSqGSIb3DQEBCwUAA4IBAQDedSLHVL2yPNFGtzmMpLwJrJYV
MGaYMBpzJH9CFrZpUd1HNOHj7AAbETmZvwKeCEGAaRjUsCRMSN+ra2qbe5RSdRZd
vCkdqFhDgOiKbGgF0iGOIzEHSog+OrUZusI8OGp3BXZ1Lxt4j+bSG8O046Cr0xz7
dAwGIDSN+RuIqx6BnwkpaGXrEerkwW3We/8YVQRJwKSXaWcQAi9EIAMhUmWpMo+c
t+hlA7UCaq76OKP2pmZDwWd03t3wcZizcekrycn4NveMkT23J1R9Tb2juH7FyF68
3sqY6CK1zsGD9L6wMRRR4nW5dzDUxEUuXFcN26WkhfbWOIogkMUpDnumnj3Y
-----END CERTIFICATE-----
Generated at Tue May 13 05:56:00 2025 by rpki-client