Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/npDIs9fH1OqzbmElfiOXBy91bmI.roa
File: npDIs9fH1OqzbmElfiOXBy91bmI.roa (raw, json)
Hash identifier: DYngVq+4/T4TpQbttMpAikcFWQTMFlCdmc5WLkfHd6c=
Subject key identifier: 9E:90:C8:B3:D7:C7:D4:EA:B3:6E:61:25:7E:23:97:07:2F:75:6E:62
Certificate issuer: /CN=77dda2ad098c6a7814fb258b469b0d84ce24c4a7
Certificate serial: 096A912A
Authority key identifier: 77:DD:A2:AD:09:8C:6A:78:14:FB:25:8B:46:9B:0D:84:CE:24:C4:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d92irQmMangU-yWLRpsNhM4kxKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/npDIs9fH1OqzbmElfiOXBy91bmI.roa
Signing time: Sat 01 Jan 2022 15:05:32 +0000
ROA not before: Sat 01 Jan 2022 15:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197648
IP address blocks: 185.205.184.0/24 maxlen: 24
185.205.184.0/22 maxlen: 22
185.205.186.0/24 maxlen: 24
185.205.185.0/24 maxlen: 24
185.205.187.0/24 maxlen: 24
185.106.103.0/24 maxlen: 24
185.106.102.0/24 maxlen: 24
185.106.101.0/24 maxlen: 24
185.106.100.0/24 maxlen: 24
185.106.100.0/22 maxlen: 22
91.217.246.0/24 maxlen: 24
2a0c:5cc0::/29 maxlen: 29
2a06:3c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157978922 (0x96a912a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77dda2ad098c6a7814fb258b469b0d84ce24c4a7
Validity
Not Before: Jan 1 15:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e90c8b3d7c7d4eab36e61257e2397072f756e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e4:f7:e4:0b:99:46:bf:2a:0f:61:49:53:40:
bd:ad:69:a3:bf:80:3a:bc:75:5a:05:2b:c4:8a:d6:
c4:ba:4f:46:49:3b:27:22:10:cb:ed:7b:14:76:ce:
07:9c:b5:11:0b:ce:b3:21:ab:19:19:9f:aa:3c:a8:
14:69:66:8a:37:2b:26:90:ab:90:fd:50:e8:b8:ba:
29:ca:c5:d9:53:c4:b7:02:1d:3d:39:f8:a6:a4:f6:
ba:67:d7:b8:30:93:96:41:49:22:bd:34:41:f8:c0:
96:52:0c:b1:21:72:e6:9b:5f:57:f8:85:2a:9f:e0:
5d:04:b2:14:f4:cd:ff:94:3c:4a:76:8a:55:fb:0f:
22:c0:97:27:75:16:3f:e0:1f:bf:ba:c3:b4:97:aa:
b9:d3:ac:4d:bf:e6:b1:d7:12:56:58:5f:b4:10:e2:
67:d3:f2:53:0c:88:3a:6e:79:0e:4d:aa:76:7e:1f:
16:46:f5:5e:ab:d0:67:aa:a0:cc:7c:4d:6f:aa:7a:
08:3b:9c:e6:82:b5:a6:1b:95:fd:1e:a3:62:19:dd:
98:83:4e:31:65:cb:94:ff:7e:41:9e:fa:1c:ea:90:
62:51:b8:97:8e:59:1c:04:f9:3a:2a:7e:1d:27:fc:
e2:34:b5:17:e8:2e:24:2e:fe:c5:ac:17:97:f2:75:
03:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:90:C8:B3:D7:C7:D4:EA:B3:6E:61:25:7E:23:97:07:2F:75:6E:62
X509v3 Authority Key Identifier:
keyid:77:DD:A2:AD:09:8C:6A:78:14:FB:25:8B:46:9B:0D:84:CE:24:C4:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d92irQmMangU-yWLRpsNhM4kxKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/npDIs9fH1OqzbmElfiOXBy91bmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/885457-70f2-4410-be7c-81476dbab144/1/d92irQmMangU-yWLRpsNhM4kxKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.246.0/24
185.106.100.0/22
185.205.184.0/22
IPv6:
2a06:3c80::/29
2a0c:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
24:94:8a:4b:bc:15:ae:5f:01:50:ab:d1:9a:96:b6:20:7e:94:
71:17:48:04:55:75:89:b4:e4:3d:fe:08:60:62:ff:dd:a6:97:
d1:5d:b6:42:1b:11:10:8d:97:45:00:a4:b5:34:ab:b8:d2:d5:
ad:d3:66:3d:2b:c0:7f:f6:3c:92:d3:b0:1a:07:13:d6:3e:66:
17:1f:64:05:2f:a9:b2:73:1e:48:14:fc:2d:2c:29:6f:a0:65:
bc:9b:ae:b7:4d:d8:b5:15:86:49:8b:4c:ff:02:d5:5c:2f:13:
f0:a8:44:88:1b:19:bf:1b:c4:a2:bb:14:29:79:03:7b:53:80:
93:35:d7:4e:36:b6:7d:af:22:48:04:20:a7:ba:ae:42:f0:9f:
bb:63:36:26:f3:95:7f:2c:b1:1c:12:0a:23:b1:ad:b6:af:41:
ad:b9:03:0b:c9:30:60:79:18:10:b1:4a:ba:bc:f8:59:97:28:
e4:1e:ef:42:c0:e9:31:b3:ca:8d:75:ba:af:6b:5c:8c:ed:a7:
3a:e3:65:37:1f:d5:7f:68:da:bf:8c:05:8a:f1:5f:a1:05:34:
2f:22:ba:fd:06:3a:41:36:db:e6:27:21:ad:06:a2:21:ed:96:
e2:33:25:cc:cc:71:ad:b0:00:dc:67:62:f1:cc:ee:f4:f1:cc:
54:01:af:34
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECWqRKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2RkYTJhZDA5OGM2YTc4MTRmYjI1OGI0NjliMGQ4NGNlMjRjNGE3MB4XDTIyMDEw
MTE1MDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWU5MGM4YjNkN2M3
ZDRlYWIzNmU2MTI1N2UyMzk3MDcyZjc1NmU2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvk9+QLmUa/Kg9hSVNAva1po7+AOrx1WgUrxIrWxLpPRkk7
JyIQy+17FHbOB5y1EQvOsyGrGRmfqjyoFGlmijcrJpCrkP1Q6Li6KcrF2VPEtwId
PTn4pqT2umfXuDCTlkFJIr00QfjAllIMsSFy5ptfV/iFKp/gXQSyFPTN/5Q8SnaK
VfsPIsCXJ3UWP+Afv7rDtJequdOsTb/msdcSVlhftBDiZ9PyUwyIOm55Dk2qdn4f
Fkb1XqvQZ6qgzHxNb6p6CDuc5oK1phuV/R6jYhndmINOMWXLlP9+QZ76HOqQYlG4
l45ZHAT5Oip+HSf84jS1F+guJC7+xawXl/J1AzcCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSekMiz18fU6rNuYSV+I5cHL3VuYjAfBgNVHSMEGDAWgBR33aKtCYxqeBT7
JYtGmw2EziTEpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q5MmlyUW1NYW5nVS15V0xScHNOaE00a3hLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvODg1NDU3LTcwZjItNDQxMC1iZTdjLTgxNDc2ZGJhYjE0NC8x
L25wRElzOWZIMU9xemJtRWxmaU9YQnk5MWJtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ODg1NDU3LTcwZjItNDQxMC1iZTdjLTgxNDc2ZGJhYjE0NC8xL2Q5MmlyUW1NYW5n
VS15V0xScHNOaE00a3hLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAFvZ9gMEArlqZAMEArnNuDAUBAIA
AjAOAwUDKgY8gAMFAyoMXMAwDQYJKoZIhvcNAQELBQADggEBACSUiku8Fa5fAVCr
0ZqWtiB+lHEXSARVdYm05D3+CGBi/92ml9FdtkIbERCNl0UApLU0q7jS1a3TZj0r
wH/2PJLTsBoHE9Y+ZhcfZAUvqbJzHkgU/C0sKW+gZbybrrdN2LUVhkmLTP8C1Vwv
E/CoRIgbGb8bxKK7FCl5A3tTgJM11042tn2vIkgEIKe6rkLwn7tjNibzlX8ssRwS
CiOxrbavQa25AwvJMGB5GBCxSrq8+FmXKOQe70LA6TGzyo11uq9rXIztpzrjZTcf
1X9o2r+MBYrxX6EFNC8iuv0GOkE22+YnIa0GoiHtluIzJczMca2wANxnYvHM7vTx
zFQBrzQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:47 2025 by rpki-client