Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/aceb1d-28f6-41fa-acca-7fa5ebcf574e/1/NmJFAOmvFrdlexpCbdRSIQ26q8w.roa
File: NmJFAOmvFrdlexpCbdRSIQ26q8w.roa (raw, json)
Hash identifier: 3lASJmckxltyMCp40VSd1pjX31y05IJhpWkTiQpazr0=
Subject key identifier: 36:62:45:00:E9:AF:16:B7:65:7B:1A:42:6D:D4:52:21:0D:BA:AB:CC
Certificate issuer: /CN=20bd702dd7800b61c96c50f42a46b6949b228dbb
Certificate serial: 0183214EEC9DD34B275F0576FE36F993028E
Authority key identifier: 20:BD:70:2D:D7:80:0B:61:C9:6C:50:F4:2A:46:B6:94:9B:22:8D:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IL1wLdeAC2HJbFD0Kka2lJsijbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/aceb1d-28f6-41fa-acca-7fa5ebcf574e/1/NmJFAOmvFrdlexpCbdRSIQ26q8w.roa
Signing time: Fri 09 Sep 2022 08:12:43 +0000
ROA not before: Fri 09 Sep 2022 08:12:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43866
IP address blocks: 91.195.202.0/23 maxlen: 23
91.195.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:4e:ec:9d:d3:4b:27:5f:05:76:fe:36:f9:93:02:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20bd702dd7800b61c96c50f42a46b6949b228dbb
Validity
Not Before: Sep 9 08:12:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36624500e9af16b7657b1a426dd452210dbaabcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bc:d5:11:04:a4:5d:86:dd:09:06:9d:0a:3e:
50:8b:49:24:96:9b:3b:9a:84:4a:a8:d1:41:0a:0d:
21:0b:e9:ff:98:ea:cb:26:3d:59:03:19:46:26:f6:
b8:88:8a:89:6e:c7:7e:c3:f7:01:4b:ab:fc:46:c5:
2f:51:54:fa:71:dd:3a:a7:38:57:02:5a:ba:a7:7a:
e9:42:cf:95:7f:db:a9:c7:b6:f5:f1:e9:7e:11:75:
5a:b4:cd:d5:b0:7c:8c:8d:07:ef:d1:e6:75:75:19:
61:42:1b:d8:0d:2e:04:42:53:30:3d:2e:17:f5:0b:
a1:73:62:85:fb:c2:f5:c5:29:b2:bb:3c:2a:bf:f6:
ec:97:6a:32:15:c6:1d:89:0e:2b:25:90:30:2f:c0:
66:5d:ba:46:e4:48:df:9f:0b:9e:b7:e6:cb:f5:34:
b3:93:c1:85:96:d7:90:49:82:d0:7e:99:4e:f6:a2:
9c:22:eb:3e:8e:bd:b7:e3:65:ec:20:92:44:43:a3:
2d:b0:23:9b:0a:de:7c:e3:ea:51:70:a6:fb:b9:ce:
5b:07:d0:30:22:3b:b7:2f:c7:f1:09:f7:4a:6c:b1:
37:f0:47:ae:53:38:c6:f7:ee:d0:77:01:69:87:df:
4c:c4:d0:c1:ea:22:90:6e:ff:86:98:aa:3d:ae:c4:
13:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:62:45:00:E9:AF:16:B7:65:7B:1A:42:6D:D4:52:21:0D:BA:AB:CC
X509v3 Authority Key Identifier:
keyid:20:BD:70:2D:D7:80:0B:61:C9:6C:50:F4:2A:46:B6:94:9B:22:8D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IL1wLdeAC2HJbFD0Kka2lJsijbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/aceb1d-28f6-41fa-acca-7fa5ebcf574e/1/NmJFAOmvFrdlexpCbdRSIQ26q8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/aceb1d-28f6-41fa-acca-7fa5ebcf574e/1/IL1wLdeAC2HJbFD0Kka2lJsijbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.202.0/23
Signature Algorithm: sha256WithRSAEncryption
18:bf:c1:ef:47:b5:08:a0:90:78:57:28:6d:b4:ab:f5:8d:c9:
fc:02:47:ca:2e:78:3b:32:73:6d:2f:8f:cd:98:48:be:92:8c:
42:03:38:77:49:0e:f0:b2:17:a8:d4:e2:2c:62:9a:3e:88:c4:
1f:22:97:fe:6e:23:05:73:c7:c9:00:f2:98:e1:df:b5:53:51:
77:ff:00:2c:c9:6c:d6:2d:9f:39:0e:cb:80:d4:3e:42:5e:21:
8c:ce:72:1a:e0:27:38:5e:17:af:71:9d:25:46:d7:67:64:55:
98:96:6e:0d:a9:f4:84:6a:16:f1:65:c0:de:a8:b2:5d:b2:1d:
88:25:21:ef:ce:4a:c3:14:28:95:07:76:48:c3:18:c8:39:f0:
0e:a5:d0:d6:5f:2f:65:b3:58:ca:aa:f4:08:1a:d2:16:d1:27:
2a:38:09:f0:e3:f0:6d:ba:d8:a3:f3:74:c5:86:7f:36:9d:a5:
0d:7e:13:a5:2a:bf:05:c9:1a:dd:20:d4:36:c4:17:a4:7e:4e:
8e:75:27:4f:1b:16:44:29:fd:01:fa:e6:56:8d:29:c5:1d:ba:
e7:4f:a9:d6:2a:18:08:45:dc:9f:e2:ea:df:d8:20:2c:56:59:
68:bf:d0:7b:08:47:07:1f:40:e3:1d:14:d1:be:4c:a4:83:f5:
47:3a:c7:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMhTuyd00snXwV2/jb5kwKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYmQ3MDJkZDc4MDBiNjFjOTZjNTBmNDJhNDZiNjk0OWIy
MjhkYmIwHhcNMjIwOTA5MDgxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjYyNDUwMGU5YWYxNmI3NjU3YjFhNDI2ZGQ0NTIyMTBkYmFhYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirzVEQSkXYbdCQadCj5Qi0kklps7
moRKqNFBCg0hC+n/mOrLJj1ZAxlGJva4iIqJbsd+w/cBS6v8RsUvUVT6cd06pzhX
Alq6p3rpQs+Vf9upx7b18el+EXVatM3VsHyMjQfv0eZ1dRlhQhvYDS4EQlMwPS4X
9Quhc2KF+8L1xSmyuzwqv/bsl2oyFcYdiQ4rJZAwL8BmXbpG5Ejfnwuet+bL9TSz
k8GFlteQSYLQfplO9qKcIus+jr2342XsIJJEQ6MtsCObCt584+pRcKb7uc5bB9Aw
Iju3L8fxCfdKbLE38EeuUzjG9+7QdwFph99MxNDB6iKQbv+GmKo9rsQTiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZiRQDprxa3ZXsaQm3UUiENuqvMMB8GA1UdIwQY
MBaAFCC9cC3XgAthyWxQ9CpGtpSbIo27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUwxd0xkZUFDMkhKYkZEMEtrYTJsSnNpamJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hY2ViMWQtMjhmNi00MWZhLWFjY2Et
N2ZhNWViY2Y1NzRlLzEvTm1KRkFPbXZGcmRsZXhwQ2JkUlNJUTI2cTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hY2ViMWQtMjhmNi00MWZhLWFjY2EtN2ZhNWViY2Y1NzRl
LzEvSUwxd0xkZUFDMkhKYkZEMEtrYTJsSnNpamJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8PKMA0G
CSqGSIb3DQEBCwUAA4IBAQAYv8HvR7UIoJB4VyhttKv1jcn8AkfKLng7MnNtL4/N
mEi+koxCAzh3SQ7wsheo1OIsYpo+iMQfIpf+biMFc8fJAPKY4d+1U1F3/wAsyWzW
LZ85DsuA1D5CXiGMznIa4Cc4XhevcZ0lRtdnZFWYlm4NqfSEahbxZcDeqLJdsh2I
JSHvzkrDFCiVB3ZIwxjIOfAOpdDWXy9ls1jKqvQIGtIW0ScqOAnw4/Btutij83TF
hn82naUNfhOlKr8FyRrdINQ2xBekfk6OdSdPGxZEKf0B+uZWjSnFHbrnT6nWKhgI
Rdyf4urf2CAsVllov9B7CEcHH0DjHRTRvkykg/VHOsef
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:46 2025 by rpki-client