Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/nLtaayKsXjjc9VTXbNFD20DWSww.roa
File: nLtaayKsXjjc9VTXbNFD20DWSww.roa (raw, json)
Hash identifier: 6vEJxAt6YLIowisU2YD7rho7bgtGl6gKFf31Ob7QzGo=
Subject key identifier: 9C:BB:5A:6B:22:AC:5E:38:DC:F5:54:D7:6C:D1:43:DB:40:D6:4B:0C
Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Certificate serial: 1A7CA5DF
Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/nLtaayKsXjjc9VTXbNFD20DWSww.roa
Signing time: Wed 27 Apr 2022 13:29:04 +0000
ROA not before: Wed 27 Apr 2022 13:29:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8339
IP address blocks: 202.170.80.0/21 maxlen: 24
185.100.96.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444376543 (0x1a7ca5df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Validity
Not Before: Apr 27 13:29:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9cbb5a6b22ac5e38dcf554d76cd143db40d64b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d8:f3:7f:b1:6d:e5:85:97:19:81:b1:7b:e3:
7f:f6:65:7f:77:f4:e4:66:bb:7c:96:88:f5:b0:14:
ec:b0:dd:87:01:77:17:4b:6b:d0:0d:21:1e:27:72:
51:e3:84:79:b6:c7:49:76:98:92:7f:51:f1:18:90:
8c:f8:26:66:fd:27:ed:f4:19:31:4c:75:28:6f:c3:
4f:eb:84:80:6b:a5:c5:1c:6d:88:b5:cf:b7:01:5b:
91:81:25:46:62:c8:b4:6a:5c:c2:97:d9:50:9d:ef:
4c:f3:a2:5a:ee:7e:af:a2:3d:ef:52:86:eb:a2:67:
10:b4:0a:c9:0a:d1:c7:fa:b8:3f:50:ae:7e:26:ec:
03:e7:4b:8d:5d:6b:2e:bd:d1:f2:aa:43:e6:ba:de:
4c:ae:33:2c:b1:d1:bd:9a:c5:2a:ab:95:f9:72:f7:
d6:0e:28:ad:99:61:23:19:f4:b0:86:94:5c:34:e6:
89:f9:f8:9e:3a:1a:c4:a4:c4:0c:d5:2f:86:04:a8:
fc:29:36:ec:09:df:95:8f:bf:67:68:df:0f:fa:77:
61:4b:28:aa:c5:6b:72:27:41:2a:21:5f:8f:52:ca:
61:f5:78:56:2c:a3:20:ce:4f:37:b3:d8:c2:de:29:
57:52:41:55:57:99:8a:c8:46:85:16:6d:f5:7e:41:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BB:5A:6B:22:AC:5E:38:DC:F5:54:D7:6C:D1:43:DB:40:D6:4B:0C
X509v3 Authority Key Identifier:
keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/nLtaayKsXjjc9VTXbNFD20DWSww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.96.0/22
202.170.80.0/21
Signature Algorithm: sha256WithRSAEncryption
05:45:f7:51:8e:ef:fd:f4:58:fd:50:05:85:af:8a:06:be:29:
c5:e7:82:41:fc:2c:a0:bd:86:11:08:cd:57:13:3d:13:6d:f2:
6b:c6:0e:9e:d0:1e:86:76:a5:b2:a6:5b:81:4f:56:90:58:9c:
6a:6e:71:af:5e:ff:09:9c:41:8d:df:9c:39:17:66:73:d6:fd:
b5:89:7f:b8:2a:e8:da:81:26:6e:6e:ef:1e:89:b4:da:ff:20:
3a:2d:6b:3a:ba:ad:45:e4:2d:6c:42:04:8a:81:a1:6a:67:50:
74:c6:1b:18:b1:ac:86:fb:e4:a1:55:76:56:5f:04:bd:f6:c1:
32:f3:0d:e9:38:9f:46:6e:88:da:e0:d0:a3:97:16:98:cf:db:
1c:43:0e:f0:c0:86:9d:02:a1:83:11:20:83:d5:a9:b8:9b:36:
f5:58:b8:16:fd:fa:0d:49:43:9f:b5:e7:a5:f2:2f:67:e1:cb:
84:67:92:9a:03:ba:9b:6b:b8:06:ea:69:85:cb:20:c5:54:5f:
a5:79:7b:9c:9e:d2:2d:e2:2c:8f:1b:79:06:d1:9c:d9:c8:2e:
6e:17:57:5f:88:6d:9d:c9:f5:92:46:52:d1:01:b2:46:80:e0:
43:7b:ba:39:b1:e8:90:74:d6:d4:fc:05:74:51:72:31:b6:64:
53:a4:47:ad
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGnyl3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmYxYzg4NDJlN2NmODkxYjIzNGQzYTFlMGUyZTBlZjczZTg0MmFhMB4XDTIyMDQy
NzEzMjkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWNiYjVhNmIyMmFj
NWUzOGRjZjU1NGQ3NmNkMTQzZGI0MGQ2NGIwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7Y83+xbeWFlxmBsXvjf/Zlf3f05Ga7fJaI9bAU7LDdhwF3
F0tr0A0hHidyUeOEebbHSXaYkn9R8RiQjPgmZv0n7fQZMUx1KG/DT+uEgGulxRxt
iLXPtwFbkYElRmLItGpcwpfZUJ3vTPOiWu5+r6I971KG66JnELQKyQrRx/q4P1Cu
fibsA+dLjV1rLr3R8qpD5rreTK4zLLHRvZrFKquV+XL31g4orZlhIxn0sIaUXDTm
ifn4njoaxKTEDNUvhgSo/Ck27AnflY+/Z2jfD/p3YUsoqsVrcidBKiFfj1LKYfV4
ViyjIM5PN7PYwt4pV1JBVVeZishGhRZt9X5BQsUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBScu1prIqxeONz1VNds0UPbQNZLDDAfBgNVHSMEGDAWgBTS8ciELnz4kbI0
06Hg4uDvc+hCqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2SEloQzU4LUpHeU5OT2g0T0xnNzNQb1Fxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvYzk5YWU3LWI2NzEtNDBiOS1iYjFlLWExOTQ0NGY3YTMzNy8x
L25MdGFheUtzWGpqYzlWVFhiTkZEMjBEV1N3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
Yzk5YWU3LWI2NzEtNDBiOS1iYjFlLWExOTQ0NGY3YTMzNy8xLzB2SEloQzU4LUpH
eU5OT2g0T0xnNzNQb1Fxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlkYAMEA8qqUDANBgkqhkiG9w0B
AQsFAAOCAQEABUX3UY7v/fRY/VAFha+KBr4pxeeCQfwsoL2GEQjNVxM9E23ya8YO
ntAehnalsqZbgU9WkFicam5xr17/CZxBjd+cORdmc9b9tYl/uCro2oEmbm7vHom0
2v8gOi1rOrqtReQtbEIEioGhamdQdMYbGLGshvvkoVV2Vl8EvfbBMvMN6TifRm6I
2uDQo5cWmM/bHEMO8MCGnQKhgxEgg9WpuJs29Vi4Fv36DUlDn7XnpfIvZ+HLhGeS
mgO6m2u4BupphcsgxVRfpXl7nJ7SLeIsjxt5BtGc2cgubhdXX4htncn1kkZS0QGy
RoDgQ3u6ObHokHTW1PwFdFFyMbZkU6RHrQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:54 2025 by rpki-client