Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/nSiqGvurh47Oh-UwJwKL_5lieZ4.roa
File: nSiqGvurh47Oh-UwJwKL_5lieZ4.roa (raw, json)
Hash identifier: wN7zBVS0CAZ8bwz4HxWTYAM22TBXrcknhAFu4AyfSWE=
Subject key identifier: 9D:28:AA:1A:FB:AB:87:8E:CE:87:E5:30:27:02:8B:FF:99:62:79:9E
Certificate issuer: /CN=f448ee63f19d0c1f22c6f61ce4a81eceabb8e790
Certificate serial: 0185727A28ACB9E0CDA6CE724B152EE69FC6
Authority key identifier: F4:48:EE:63:F1:9D:0C:1F:22:C6:F6:1C:E4:A8:1E:CE:AB:B8:E7:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EjuY_GdDB8ixvYc5Kgezqu455A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/nSiqGvurh47Oh-UwJwKL_5lieZ4.roa
Signing time: Mon 02 Jan 2023 12:34:46 +0000
ROA not before: Mon 02 Jan 2023 12:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29329
IP address blocks: 193.84.8.0/24 maxlen: 32
195.135.232.0/22 maxlen: 32
83.243.72.0/21 maxlen: 32
185.16.100.0/22 maxlen: 32
91.151.192.0/20 maxlen: 32
2a0f:6a40::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:28:ac:b9:e0:cd:a6:ce:72:4b:15:2e:e6:9f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f448ee63f19d0c1f22c6f61ce4a81eceabb8e790
Validity
Not Before: Jan 2 12:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d28aa1afbab878ece87e53027028bff9962799e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c7:82:dc:7d:5c:8f:eb:2b:5f:5a:84:bd:82:
e3:ec:60:48:5f:f6:30:c9:8b:50:40:4f:a6:27:46:
7e:b6:7f:e5:58:ad:25:e2:a7:cb:ae:16:f7:13:69:
a1:0e:90:7d:50:af:7e:2f:c1:bb:e8:50:cd:0b:9f:
56:39:ee:d5:45:c2:1d:85:bc:dd:d2:73:9d:a4:16:
e0:6f:8f:1a:dd:37:86:1f:92:9c:1a:e0:41:14:e5:
52:62:28:b9:9b:65:17:c5:3b:2d:12:76:11:c9:bc:
5b:d5:d5:6f:f7:0e:6c:26:fb:0f:8c:30:33:72:d3:
88:49:5b:1f:c1:6c:80:66:a2:d8:14:c2:cb:e5:f7:
c4:56:c9:1a:21:eb:9a:b5:d7:a4:3b:aa:14:c1:38:
e6:07:07:e8:9c:37:ea:6b:73:6a:b2:5d:aa:06:1b:
1f:cd:5c:34:00:31:5b:15:9d:f5:a7:90:d4:f7:86:
44:b5:c5:8f:fe:d9:7c:f5:3d:33:06:ca:71:56:b1:
bd:76:db:15:ed:24:d9:ce:9f:38:e8:38:db:25:05:
85:17:a9:c0:f9:28:0f:a1:2c:b9:7c:57:4d:ef:e7:
1c:f3:9a:28:9e:d0:55:23:86:65:43:d1:cd:ee:90:
ea:79:7e:24:66:66:54:b7:6d:93:28:4f:0d:22:ec:
e4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:28:AA:1A:FB:AB:87:8E:CE:87:E5:30:27:02:8B:FF:99:62:79:9E
X509v3 Authority Key Identifier:
keyid:F4:48:EE:63:F1:9D:0C:1F:22:C6:F6:1C:E4:A8:1E:CE:AB:B8:E7:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EjuY_GdDB8ixvYc5Kgezqu455A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/nSiqGvurh47Oh-UwJwKL_5lieZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/6401e8-82dd-4811-8011-719401bbca2e/1/9EjuY_GdDB8ixvYc5Kgezqu455A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.72.0/21
91.151.192.0/20
185.16.100.0/22
193.84.8.0/24
195.135.232.0/22
IPv6:
2a0f:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
4c:f5:5a:95:ab:72:48:38:95:f6:ae:75:11:ef:4c:99:69:98:
f8:d5:d0:51:7e:e0:0e:97:6a:b6:84:a7:2f:96:23:27:1f:50:
94:bf:fb:79:98:85:91:b9:4c:10:b1:2d:c6:a9:ea:b9:f3:63:
09:b4:ab:9a:82:9a:91:fb:ac:43:63:56:3d:9e:98:01:19:63:
20:f8:51:b6:fc:26:45:03:0d:b1:95:ac:9a:8c:d0:9a:c5:26:
18:40:d3:10:55:6a:b3:db:51:c1:24:f8:39:5a:7a:e2:ca:34:
53:0e:c1:f3:cf:46:a6:33:65:b4:25:7f:3b:95:9a:97:bf:69:
93:dc:f1:74:55:7e:9d:65:e9:1a:40:81:67:da:ae:51:ea:27:
f0:ad:76:d7:ed:1d:4e:81:90:b3:72:19:54:2a:39:65:b4:a1:
b6:a5:b5:36:1d:d9:cb:35:3a:e7:59:93:85:08:c7:7b:ee:64:
77:fb:ea:a5:da:e1:84:6f:3b:b2:1d:41:49:73:9a:f9:17:d7:
e3:75:45:ec:e8:c1:f2:6b:6d:7d:52:e2:8f:3a:35:da:e0:31:
9e:af:07:fb:8a:a3:83:5d:62:92:76:c2:32:c1:d1:c4:80:98:
6b:e0:b5:64:c5:f6:c3:a7:7e:0e:82:03:1e:d3:89:5b:c8:06:
dd:25:7d:b5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVyeiisueDNps5ySxUu5p/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDhlZTYzZjE5ZDBjMWYyMmM2ZjYxY2U0YTgxZWNlYWJi
OGU3OTAwHhcNMjMwMTAyMTIzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI4YWExYWZiYWI4NzhlY2U4N2U1MzAyNzAyOGJmZjk5NjI3OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiseC3H1cj+srX1qEvYLj7GBIX/Yw
yYtQQE+mJ0Z+tn/lWK0l4qfLrhb3E2mhDpB9UK9+L8G76FDNC59WOe7VRcIdhbzd
0nOdpBbgb48a3TeGH5KcGuBBFOVSYii5m2UXxTstEnYRybxb1dVv9w5sJvsPjDAz
ctOISVsfwWyAZqLYFMLL5ffEVskaIeuatdekO6oUwTjmBwfonDfqa3Nqsl2qBhsf
zVw0ADFbFZ31p5DU94ZEtcWP/tl89T0zBspxVrG9dtsV7STZzp846DjbJQWFF6nA
+SgPoSy5fFdN7+cc85oontBVI4ZlQ9HN7pDqeX4kZmZUt22TKE8NIuzkrQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJ0oqhr7q4eOzoflMCcCi/+ZYnmeMB8GA1UdIwQY
MBaAFPRI7mPxnQwfIsb2HOSoHs6ruOeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVqdVlfR2REQjhpeHZZYzVLZ2V6cXU0NTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NDAxZTgtODJkZC00ODExLTgwMTEt
NzE5NDAxYmJjYTJlLzEvblNpcUd2dXJoNDdPaC1Vd0p3S0xfNWxpZVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NDAxZTgtODJkZC00ODExLTgwMTEtNzE5NDAxYmJjYTJl
LzEvOUVqdVlfR2REQjhpeHZZYzVLZ2V6cXU0NTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDU/NIAwQE
W5fAAwQCuRBkAwQAwVQIAwQCw4foMA0EAgACMAcDBQMqD2pAMA0GCSqGSIb3DQEB
CwUAA4IBAQBM9VqVq3JIOJX2rnUR70yZaZj41dBRfuAOl2q2hKcvliMnH1CUv/t5
mIWRuUwQsS3Gqeq582MJtKuagpqR+6xDY1Y9npgBGWMg+FG2/CZFAw2xlayajNCa
xSYYQNMQVWqz21HBJPg5WnriyjRTDsHzz0amM2W0JX87lZqXv2mT3PF0VX6dZeka
QIFn2q5R6ifwrXbX7R1OgZCzchlUKjlltKG2pbU2HdnLNTrnWZOFCMd77mR3++ql
2uGEbzuyHUFJc5r5F9fjdUXs6MHya219UuKPOjXa4DGerwf7iqODXWKSdsIywdHE
gJhr4LVkxfbDp34OggMe04lbyAbdJX21
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:16:29 2025 by rpki-client