Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/niUNHz7hKsZg0jhCjv9QPDupbZ0.roa
File: niUNHz7hKsZg0jhCjv9QPDupbZ0.roa (raw, json)
Hash identifier: SbovYY2jpBDkBU5TvPBMvnM5PhxZ7mBQIWHXaIpqIeY=
Subject key identifier: 9E:25:0D:1F:3E:E1:2A:C6:60:D2:38:42:8E:FF:50:3C:3B:A9:6D:9D
Certificate issuer: /CN=6ceae7a0288960a75af8ce80e7888543c7f77cd7
Certificate serial: 018572311391A8CFDC3B4C4CEAC9D80F0799
Authority key identifier: 6C:EA:E7:A0:28:89:60:A7:5A:F8:CE:80:E7:88:85:43:C7:F7:7C:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOrnoCiJYKda-M6A54iFQ8f3fNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/niUNHz7hKsZg0jhCjv9QPDupbZ0.roa
Signing time: Mon 02 Jan 2023 11:14:56 +0000
ROA not before: Mon 02 Jan 2023 11:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31633
IP address blocks: 91.192.130.0/24 maxlen: 24
91.192.131.0/24 maxlen: 24
91.192.128.0/22 maxlen: 22
91.192.128.0/24 maxlen: 24
91.192.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:13:91:a8:cf:dc:3b:4c:4c:ea:c9:d8:0f:07:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ceae7a0288960a75af8ce80e7888543c7f77cd7
Validity
Not Before: Jan 2 11:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e250d1f3ee12ac660d238428eff503c3ba96d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:05:55:76:be:69:13:cc:77:83:c3:d7:79:12:
f7:be:d8:fb:52:d6:97:77:6a:f6:83:ca:ce:ac:63:
0d:f2:c9:8e:ba:03:73:dc:b5:f6:f8:bd:82:73:13:
8b:04:1e:ad:0d:cc:87:cf:8f:8a:71:90:e6:8e:c0:
9e:f3:cf:bb:67:ac:1b:cd:16:03:5b:bb:ff:f0:da:
c8:98:88:14:da:21:7b:93:97:09:4e:fb:bb:b9:e0:
d1:3a:47:70:52:0d:be:00:0e:5e:17:ad:78:1a:50:
10:d9:23:f6:0c:fe:29:82:6a:9d:22:e3:d3:ae:d4:
0a:e4:ed:b0:2f:37:6f:8c:c8:b1:0c:ce:a8:11:68:
e7:73:37:bf:b4:97:dc:89:83:79:12:68:7a:1a:88:
85:86:17:a0:33:c7:21:a5:8d:fc:42:b3:2e:f3:ce:
9c:00:62:ad:26:19:d8:b2:6a:f3:4a:9b:a2:6a:d0:
35:a7:f9:df:82:8c:7b:1e:8a:fc:2c:77:48:6f:6f:
da:18:03:0d:3c:78:5b:91:e5:da:6e:40:c6:92:f4:
1b:51:e7:c6:99:ab:dc:2e:cd:ee:ad:d8:0c:c7:d2:
52:5a:3a:8e:56:9a:f1:39:57:10:6f:a3:26:d3:37:
ef:7b:e4:3c:02:37:f4:70:63:40:2d:99:b4:05:a1:
75:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:25:0D:1F:3E:E1:2A:C6:60:D2:38:42:8E:FF:50:3C:3B:A9:6D:9D
X509v3 Authority Key Identifier:
keyid:6C:EA:E7:A0:28:89:60:A7:5A:F8:CE:80:E7:88:85:43:C7:F7:7C:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOrnoCiJYKda-M6A54iFQ8f3fNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/niUNHz7hKsZg0jhCjv9QPDupbZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/708f76-56ef-433f-9eac-4a4a3b0408a6/1/bOrnoCiJYKda-M6A54iFQ8f3fNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.128.0/22
Signature Algorithm: sha256WithRSAEncryption
72:76:d4:c3:0b:8f:18:57:c1:a6:f1:2d:f7:f1:dd:a2:fc:32:
34:df:1b:41:28:83:7b:77:c3:57:35:47:fe:72:bf:b8:1a:59:
59:db:ca:70:fc:5d:9e:ec:af:e6:e2:81:83:76:29:21:39:5c:
cf:54:08:b0:12:b1:ff:98:96:a2:3c:7e:39:40:2f:c3:6d:a1:
d2:32:4d:9b:f9:c9:4c:28:d2:26:ae:59:5c:a9:b4:dd:3f:a7:
48:4c:82:3a:55:9d:f5:04:83:3d:d3:d2:f7:a3:2f:b8:b1:28:
20:0c:60:fd:81:76:57:df:b1:25:4d:b7:d1:2f:87:c5:d3:1e:
f1:fc:84:47:21:0e:a1:08:fc:67:7e:3b:17:87:bf:9c:24:bc:
3b:ad:2d:26:12:55:55:ca:ec:90:3e:92:86:df:2d:e5:f1:8f:
da:3e:3b:d1:48:cb:51:be:08:7b:a2:26:41:de:d2:67:5f:1e:
55:08:bb:1f:4d:73:07:31:8b:ba:cd:23:bd:f4:c7:3c:5d:99:
4e:dd:86:17:9a:c0:e6:4c:d2:46:0c:fe:e5:1d:41:97:b6:2d:
67:0a:9a:7c:82:d3:41:01:45:67:ca:d7:f4:d4:8b:ed:89:a3:
86:b5:2e:bb:9f:12:95:55:a5:44:21:b1:f2:04:14:82:4a:aa:
4d:07:07:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMRORqM/cO0xM6snYDweZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZWFlN2EwMjg4OTYwYTc1YWY4Y2U4MGU3ODg4NTQzYzdm
NzdjZDcwHhcNMjMwMTAyMTExNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI1MGQxZjNlZTEyYWM2NjBkMjM4NDI4ZWZmNTAzYzNiYTk2ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAVVdr5pE8x3g8PXeRL3vtj7UtaX
d2r2g8rOrGMN8smOugNz3LX2+L2CcxOLBB6tDcyHz4+KcZDmjsCe88+7Z6wbzRYD
W7v/8NrImIgU2iF7k5cJTvu7ueDROkdwUg2+AA5eF614GlAQ2SP2DP4pgmqdIuPT
rtQK5O2wLzdvjMixDM6oEWjncze/tJfciYN5Emh6GoiFhhegM8chpY38QrMu886c
AGKtJhnYsmrzSpuiatA1p/nfgox7Hor8LHdIb2/aGAMNPHhbkeXabkDGkvQbUefG
mavcLs3urdgMx9JSWjqOVprxOVcQb6Mm0zfve+Q8Ajf0cGNALZm0BaF1IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4lDR8+4SrGYNI4Qo7/UDw7qW2dMB8GA1UdIwQY
MBaAFGzq56AoiWCnWvjOgOeIhUPH93zXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9ybm9DaUpZS2RhLU02QTU0aUZROGYzZk5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83MDhmNzYtNTZlZi00MzNmLTllYWMt
NGE0YTNiMDQwOGE2LzEvbmlVTkh6N2hLc1pnMGpoQ2p2OVFQRHVwYlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83MDhmNzYtNTZlZi00MzNmLTllYWMtNGE0YTNiMDQwOGE2
LzEvYk9ybm9DaUpZS2RhLU02QTU0aUZROGYzZk5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8CAMA0G
CSqGSIb3DQEBCwUAA4IBAQBydtTDC48YV8Gm8S338d2i/DI03xtBKIN7d8NXNUf+
cr+4GllZ28pw/F2e7K/m4oGDdikhOVzPVAiwErH/mJaiPH45QC/DbaHSMk2b+clM
KNImrllcqbTdP6dITII6VZ31BIM909L3oy+4sSggDGD9gXZX37ElTbfRL4fF0x7x
/IRHIQ6hCPxnfjsXh7+cJLw7rS0mElVVyuyQPpKG3y3l8Y/aPjvRSMtRvgh7oiZB
3tJnXx5VCLsfTXMHMYu6zSO99Mc8XZlO3YYXmsDmTNJGDP7lHUGXti1nCpp8gtNB
AUVnytf01IvtiaOGtS67nxKVVaVEIbHyBBSCSqpNBwcK
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:51 2025 by rpki-client