Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/NogRhO9jeB0Bo8jSbxnPjWwwYUE.roa
File: NogRhO9jeB0Bo8jSbxnPjWwwYUE.roa (raw, json)
Hash identifier: 4CW2QJhbbzILIcST6eFvRwOy5LRGF+RjYbKl/9rv3gA=
Subject key identifier: 36:88:11:84:EF:63:78:1D:01:A3:C8:D2:6F:19:CF:8D:6C:30:61:41
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 05752971
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/NogRhO9jeB0Bo8jSbxnPjWwwYUE.roa
Signing time: Wed 09 Feb 2022 17:23:17 +0000
ROA not before: Wed 09 Feb 2022 17:23:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31216
IP address blocks: 89.30.68.0/22 maxlen: 24
89.30.0.0/17 maxlen: 24
83.243.16.0/21 maxlen: 24
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91564401 (0x5752971)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Feb 9 17:23:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36881184ef63781d01a3c8d26f19cf8d6c306141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:cf:35:4b:bf:57:81:38:0a:d8:e1:b7:e8:
9e:2d:ff:da:71:71:e6:2b:b7:96:21:39:75:a6:f8:
83:91:95:d8:6d:f1:5b:0a:b2:cf:bd:19:c9:4e:dd:
d3:ef:bc:26:10:95:8a:b9:49:d8:f5:01:93:f8:ae:
41:d8:10:9b:2a:a4:b9:a7:89:a1:55:5d:eb:2e:0c:
e0:1d:66:ad:03:cf:aa:bf:60:39:a2:8f:5e:d3:54:
57:41:76:47:53:25:3c:1f:30:18:fe:bd:93:4b:76:
40:76:27:2d:47:8d:4d:6b:c9:76:18:85:6c:30:ee:
8f:57:6d:f1:0f:aa:dc:64:78:6a:a6:db:4b:a2:13:
c8:4a:f6:f9:2a:11:c4:9b:91:8e:75:c6:0d:0d:57:
20:00:38:3d:a9:dc:a5:aa:f0:67:ff:87:32:54:aa:
41:ea:d7:49:b0:62:57:fb:cf:5c:eb:55:01:e3:cb:
0e:59:07:fd:73:ff:b9:9f:d8:e5:4f:9a:5d:ce:aa:
96:1e:54:e0:67:bb:2c:20:7d:bb:f1:8d:fe:7d:ad:
26:4d:56:2e:67:33:61:8f:ab:8e:f9:7c:29:e7:c8:
6f:77:01:88:c3:a3:68:b1:c2:bf:4f:e9:8e:ed:fc:
b9:66:51:11:67:16:04:0c:9b:36:1f:f5:dc:b3:2e:
d8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:88:11:84:EF:63:78:1D:01:A3:C8:D2:6F:19:CF:8D:6C:30:61:41
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/NogRhO9jeB0Bo8jSbxnPjWwwYUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.16.0/21
89.30.0.0/17
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
9a:2f:59:2a:d0:4b:b3:91:44:d3:12:f1:34:14:eb:af:84:91:
56:dc:5c:ea:f5:af:1e:a6:be:c4:b4:99:37:83:58:6b:06:ee:
9d:fb:c2:e1:f9:a9:c4:0c:fd:d9:71:f7:1d:8a:63:85:54:6b:
e9:c5:47:c4:f8:0f:cb:ea:54:6c:bc:53:2e:33:a1:4f:e8:1a:
01:f6:a5:e9:a8:b5:5f:78:70:76:73:9a:7c:e1:1c:11:56:9b:
98:0a:01:38:ed:3c:d4:fb:87:a9:fb:cd:0c:5b:2c:a9:a5:76:
37:5b:02:70:08:33:3b:97:7b:37:f3:2c:6a:cb:94:8f:2e:1c:
b2:4f:2c:de:2d:1b:64:27:a7:83:86:37:a1:dc:71:64:6d:60:
a3:89:9e:a2:ef:b5:31:60:a6:1a:e0:86:31:8e:37:ea:d4:70:
a1:44:38:4d:6e:3d:17:e1:00:92:72:5b:75:a5:26:51:25:58:
db:0a:e5:78:20:2d:d5:49:9f:29:16:f3:d2:d7:e4:75:de:6d:
3e:db:d0:06:21:e5:b1:98:24:3c:aa:8c:c2:0b:91:83:46:c3:
b6:06:96:86:c6:d9:79:22:bf:c1:ae:a6:26:98:0c:98:0e:b8:
be:6d:b8:17:f3:46:5a:b6:b0:f1:e5:b9:14:a0:2e:60:eb:17:
38:0e:02:39
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBXUpcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTQwMGFjMjM5NmFlMjI4ZDJiMmU1NmY0YjA2NzM5OTY5Mzc5ZTQ0MB4XDTIyMDIw
OTE3MjMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY4ODExODRlZjYz
NzgxZDAxYTNjOGQyNmYxOWNmOGQ2YzMwNjE0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM1dzzVLv1eBOArY4bfoni3/2nFx5iu3liE5dab4g5GV2G3x
Wwqyz70ZyU7d0++8JhCVirlJ2PUBk/iuQdgQmyqkuaeJoVVd6y4M4B1mrQPPqr9g
OaKPXtNUV0F2R1MlPB8wGP69k0t2QHYnLUeNTWvJdhiFbDDuj1dt8Q+q3GR4aqbb
S6ITyEr2+SoRxJuRjnXGDQ1XIAA4PancparwZ/+HMlSqQerXSbBiV/vPXOtVAePL
DlkH/XP/uZ/Y5U+aXc6qlh5U4Ge7LCB9u/GN/n2tJk1WLmczYY+rjvl8KefIb3cB
iMOjaLHCv0/pju38uWZREWcWBAybNh/13LMu2KECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQ2iBGE72N4HQGjyNJvGc+NbDBhQTAfBgNVHSMEGDAWgBReQArCOWriKNKy
5W9LBnOZaTeeRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hrQUt3amxxNGlqU3N1VnZTd1p6bVdrM25rUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8x
L05vZ1JoTzlqZUIwQm84alNieG5Qald3d1lVRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
ZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8xL1hrQUt3amxxNGlq
U3N1VnZTd1p6bVdrM25rUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1PzEAMEB1keAAMEAMJ+2TANBAIA
AjAHAwUAKgGCADANBgkqhkiG9w0BAQsFAAOCAQEAmi9ZKtBLs5FE0xLxNBTrr4SR
Vtxc6vWvHqa+xLSZN4NYawbunfvC4fmpxAz92XH3HYpjhVRr6cVHxPgPy+pUbLxT
LjOhT+gaAfal6ai1X3hwdnOafOEcEVabmAoBOO081PuHqfvNDFssqaV2N1sCcAgz
O5d7N/MsasuUjy4csk8s3i0bZCeng4Y3odxxZG1go4meou+1MWCmGuCGMY436tRw
oUQ4TW49F+EAknJbdaUmUSVY2wrleCAt1UmfKRbz0tfkdd5tPtvQBiHlsZgkPKqM
wguRg0bDtgaWhsbZeSK/wa6mJpgMmA64vm24F/NGWraw8eW5FKAuYOsXOA4COQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:10 2025 by rpki-client