Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/NxdRqYQE6NjxbvTfWMWRRrJIPM0.roa
File: NxdRqYQE6NjxbvTfWMWRRrJIPM0.roa (raw, json)
Hash identifier: VxHpT6jYo7L8uLo9vnhWk5Ye+fBpZ8RS9x/PvjbpfOM=
Subject key identifier: 37:17:51:A9:84:04:E8:D8:F1:6E:F4:DF:58:C5:91:46:B2:48:3C:CD
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 0185719574E8E82301274E5E82B79E5D5EBB
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/NxdRqYQE6NjxbvTfWMWRRrJIPM0.roa
Signing time: Mon 02 Jan 2023 08:24:58 +0000
ROA not before: Mon 02 Jan 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21100
IP address blocks: 93.88.75.0/24 maxlen: 24
185.162.8.0/24 maxlen: 24
31.210.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:74:e8:e8:23:01:27:4e:5e:82:b7:9e:5d:5e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Jan 2 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=371751a98404e8d8f16ef4df58c59146b2483ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:08:e7:52:f9:4d:95:65:50:79:e8:6b:75:
96:dc:a6:46:45:b1:a5:98:82:43:d7:a3:27:3e:a2:
df:4b:1d:fe:c5:07:cc:bd:47:cb:62:8c:78:28:bd:
ed:16:f2:21:43:0a:d5:07:8a:28:10:45:e3:b3:de:
f2:f9:19:94:10:d9:1d:54:ac:ea:e6:68:41:7c:80:
1a:5f:b6:3a:3b:27:24:37:fa:4a:93:c8:33:d1:64:
16:46:8a:2e:6a:60:d7:95:13:e1:ab:c9:f7:6a:38:
93:91:52:7e:41:e1:ec:8b:07:81:1e:ba:ea:59:b6:
a4:fa:65:4f:58:5c:d7:46:96:7d:1b:a0:f9:83:ec:
c3:63:f9:13:3b:65:dc:a6:53:7a:18:32:21:4d:98:
37:ad:e9:9b:57:14:a8:30:b4:4c:ff:16:4a:e5:1d:
a1:28:85:d9:f1:e1:cd:fb:1f:34:de:56:01:37:69:
f1:37:3d:c4:a5:e0:35:16:79:26:01:6e:fd:1b:dc:
6d:4d:f3:d4:2a:d7:68:34:48:eb:7b:c7:f3:1d:d1:
72:0f:50:9e:47:10:95:b4:d4:92:5c:40:36:4a:08:
f6:96:6d:e1:d0:74:75:93:1b:83:52:e7:f1:39:2c:
69:c7:7a:0b:be:60:72:0f:9b:02:cc:3c:1c:a7:03:
31:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:17:51:A9:84:04:E8:D8:F1:6E:F4:DF:58:C5:91:46:B2:48:3C:CD
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/NxdRqYQE6NjxbvTfWMWRRrJIPM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.172.0/24
93.88.75.0/24
185.162.8.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f2:a3:4b:3c:9e:db:23:1a:f5:f6:9f:1e:a3:92:bb:18:fa:
b1:04:99:7b:4f:f9:d6:e2:e7:fd:ec:3c:91:02:3e:e8:5b:a8:
c0:0c:f3:88:e5:47:a5:c4:27:db:10:32:c1:36:f6:d1:05:76:
38:75:76:f1:19:22:67:a2:73:60:21:9e:9b:7d:75:1e:cc:00:
f9:fa:85:5e:1d:d6:94:35:0d:9a:8b:a7:0d:bf:2a:8e:2a:52:
7d:c4:c4:40:76:f9:16:3e:b9:5e:bf:06:ca:5c:49:07:cb:87:
94:48:79:0a:b8:91:c0:20:55:53:30:a8:e0:dc:fc:51:87:0f:
51:15:ed:8c:86:f6:5a:01:2c:f9:8a:8e:18:07:ed:14:ea:c9:
d3:74:36:55:43:5c:ec:f2:9c:e1:28:89:90:de:f2:25:f6:4f:
07:82:39:68:96:32:db:45:87:a4:b3:73:6b:ac:ca:2d:88:2f:
24:c2:79:4f:33:8a:03:c5:2e:3f:a2:e1:9f:84:39:cc:30:89:
65:3d:83:1c:3c:47:29:e8:bc:4d:04:a0:82:d6:e9:69:61:da:
ff:85:be:19:68:68:a6:9f:fb:ad:18:33:5a:21:d8:95:f7:4a:
aa:72:0b:1e:e5:22:bc:39:88:e2:6b:82:09:ba:71:2b:83:c7:
ff:83:1f:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxlXTo6CMBJ05egreeXV67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjMwMTAyMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE3NTFhOTg0MDRlOGQ4ZjE2ZWY0ZGY1OGM1OTE0NmIyNDgzY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNwI51L5TZVlUHnoa3WW3KZGRbGl
mIJD16MnPqLfSx3+xQfMvUfLYox4KL3tFvIhQwrVB4ooEEXjs97y+RmUENkdVKzq
5mhBfIAaX7Y6OyckN/pKk8gz0WQWRoouamDXlRPhq8n3ajiTkVJ+QeHsiweBHrrq
Wbak+mVPWFzXRpZ9G6D5g+zDY/kTO2XcplN6GDIhTZg3rembVxSoMLRM/xZK5R2h
KIXZ8eHN+x803lYBN2nxNz3EpeA1FnkmAW79G9xtTfPUKtdoNEjre8fzHdFyD1Ce
RxCVtNSSXEA2Sgj2lm3h0HR1kxuDUufxOSxpx3oLvmByD5sCzDwcpwMxgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDcXUamEBOjY8W7031jFkUaySDzNMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvTnhkUnFZUUU2Tmp4YnZUZldNV1JSckpJUE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH9KsAwQA
XVhLAwQAuaIIMA0GCSqGSIb3DQEBCwUAA4IBAQBF8qNLPJ7bIxr19p8eo5K7GPqx
BJl7T/nW4uf97DyRAj7oW6jADPOI5UelxCfbEDLBNvbRBXY4dXbxGSJnonNgIZ6b
fXUezAD5+oVeHdaUNQ2ai6cNvyqOKlJ9xMRAdvkWPrlevwbKXEkHy4eUSHkKuJHA
IFVTMKjg3PxRhw9RFe2MhvZaASz5io4YB+0U6snTdDZVQ1zs8pzhKImQ3vIl9k8H
gjloljLbRYeks3NrrMotiC8kwnlPM4oDxS4/ouGfhDnMMIllPYMcPEcp6LxNBKCC
1ulpYdr/hb4ZaGimn/utGDNaIdiV90qqcgse5SK8OYjia4IJunErg8f/gx/f
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:35 2025 by rpki-client