Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/npuLTgoJ6b3bZM-wEGhGzzLWYK8.roa
File: npuLTgoJ6b3bZM-wEGhGzzLWYK8.roa (raw, json)
Hash identifier: xodX5FGRlujjkT4LTuGDyOmk3iwclZjzJ5YMPWgDows=
Subject key identifier: 9E:9B:8B:4E:0A:09:E9:BD:DB:64:CF:B0:10:68:46:CF:32:D6:60:AF
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018ACC5D19FD7DF4E4021FB68A06DFBC7592
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/npuLTgoJ6b3bZM-wEGhGzzLWYK8.roa
Signing time: Mon 25 Sep 2023 12:42:48 +0000
ROA not before: Mon 25 Sep 2023 12:42:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 89.249.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:5d:19:fd:7d:f4:e4:02:1f:b6:8a:06:df:bc:75:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 25 12:42:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e9b8b4e0a09e9bddb64cfb0106846cf32d660af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bc:13:4c:8e:f7:dc:9e:fa:54:52:15:ee:8f:
dd:68:02:3d:f2:49:d7:6c:c9:33:3b:a0:ca:01:38:
89:ec:f1:d6:6d:57:db:cd:0f:e5:01:b5:3c:f3:9c:
d3:d2:a9:b5:16:5f:4f:fe:93:14:a9:58:05:ae:5b:
57:53:ee:73:ab:b5:5c:68:73:04:ce:da:22:9b:b9:
a3:73:83:f4:22:95:56:f2:0a:f6:6a:4a:17:93:d9:
98:b7:ca:2e:6c:82:da:8b:60:c2:4e:8b:b4:97:51:
50:5c:7e:4b:b9:b3:b9:c2:19:52:2c:7e:26:5e:f2:
81:7a:00:43:2a:29:2d:14:b9:39:4b:73:08:16:cb:
52:bc:ec:73:0e:f6:82:a6:0b:92:2d:ba:06:ae:7d:
a3:30:d1:df:f0:0f:df:01:18:d7:55:37:b9:5a:eb:
c0:ff:eb:5d:fd:74:b2:f8:c0:1b:3d:39:fc:1f:97:
e4:6a:c1:d4:1c:bf:81:e6:cf:23:e5:09:12:41:e2:
a5:3b:72:df:29:d8:a9:27:be:63:3d:e1:53:f7:6f:
54:b2:da:90:cb:c1:cf:97:cd:bf:50:8f:91:bc:84:
f5:b0:93:4c:9c:06:0c:a8:4a:74:c5:82:2b:49:5e:
b4:a3:fb:15:41:19:dd:70:14:ee:67:cf:ac:ce:9b:
7a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9B:8B:4E:0A:09:E9:BD:DB:64:CF:B0:10:68:46:CF:32:D6:60:AF
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/npuLTgoJ6b3bZM-wEGhGzzLWYK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:3f:09:16:69:a4:db:37:df:86:d8:1f:9e:d5:4c:d7:41:e4:
62:65:33:bb:e8:84:9e:d1:6c:18:8d:f1:aa:d6:dd:4f:f4:6e:
a6:83:39:39:59:70:1d:0c:2e:eb:50:74:29:41:aa:d0:bf:07:
e5:3e:be:ae:9b:5d:07:1a:07:19:d2:ac:e9:aa:dd:09:d7:ea:
f5:b6:50:a6:f1:ae:4a:ee:26:70:93:9c:97:24:ad:54:4c:8c:
d3:ec:c3:ae:a5:b4:a7:34:0c:46:29:ad:83:31:23:d0:07:44:
c4:b0:3b:e6:67:a9:0b:84:82:2d:d0:40:68:4b:d0:f3:56:5e:
27:2e:c6:14:1a:e3:31:e9:66:53:a9:6d:48:89:12:99:66:21:
10:92:78:a9:66:b9:8b:34:4a:aa:9f:6f:74:1b:54:6c:4d:c4:
6e:64:60:ef:a1:0a:a2:da:1d:9a:5c:3b:91:1c:23:bf:97:93:
f4:8a:10:1a:65:74:ef:71:a1:89:43:f5:6f:cc:c7:59:5f:a8:
c8:29:1b:18:bc:78:9d:dc:cd:f4:ee:12:34:0f:f1:44:7c:f2:
f6:fb:dd:02:e3:46:b5:24:0f:45:b3:0d:30:c5:bf:c1:02:3b:
a2:58:cf:5b:19:bf:3e:b3:6d:6b:7a:fe:5b:08:e8:ee:58:9f:
9a:b2:6b:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrMXRn9ffTkAh+2igbfvHWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTI1MTI0MjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTliOGI0ZTBhMDllOWJkZGI2NGNmYjAxMDY4NDZjZjMyZDY2MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbwTTI733J76VFIV7o/daAI98knX
bMkzO6DKATiJ7PHWbVfbzQ/lAbU885zT0qm1Fl9P/pMUqVgFrltXU+5zq7VcaHME
ztoim7mjc4P0IpVW8gr2akoXk9mYt8oubILai2DCTou0l1FQXH5LubO5whlSLH4m
XvKBegBDKiktFLk5S3MIFstSvOxzDvaCpguSLboGrn2jMNHf8A/fARjXVTe5WuvA
/+td/XSy+MAbPTn8H5fkasHUHL+B5s8j5QkSQeKlO3LfKdipJ75jPeFT929UstqQ
y8HPl82/UI+RvIT1sJNMnAYMqEp0xYIrSV60o/sVQRndcBTuZ8+szpt6zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6bi04KCem922TPsBBoRs8y1mCvMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvbnB1TFRnb0o2YjNiWk0td0VHaEd6ekxXWUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnIMA0G
CSqGSIb3DQEBCwUAA4IBAQBOPwkWaaTbN9+G2B+e1UzXQeRiZTO76ISe0WwYjfGq
1t1P9G6mgzk5WXAdDC7rUHQpQarQvwflPr6um10HGgcZ0qzpqt0J1+r1tlCm8a5K
7iZwk5yXJK1UTIzT7MOupbSnNAxGKa2DMSPQB0TEsDvmZ6kLhIIt0EBoS9DzVl4n
LsYUGuMx6WZTqW1IiRKZZiEQknipZrmLNEqqn290G1RsTcRuZGDvoQqi2h2aXDuR
HCO/l5P0ihAaZXTvcaGJQ/VvzMdZX6jIKRsYvHid3M307hI0D/FEfPL2+90C40a1
JA9Fsw0wxb/BAjuiWM9bGb8+s21rev5bCOjuWJ+asms+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:16 2025 by rpki-client