Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/nik4-cv_Q-J8rTLpSWr5BO-AHuw.roa
File: nik4-cv_Q-J8rTLpSWr5BO-AHuw.roa (raw, json)
Hash identifier: cF1xtV8DVuLkeuFEmj/pGTfERcMKkf0by/9gPuHva9c=
Subject key identifier: 9E:29:38:F9:CB:FF:43:E2:7C:AD:32:E9:49:6A:F9:04:EF:80:1E:EC
Certificate issuer: /CN=68b7f817ab5141b5e138280cdf6190166bb9cb87
Certificate serial: 155EB309
Authority key identifier: 68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/nik4-cv_Q-J8rTLpSWr5BO-AHuw.roa
Signing time: Sat 01 Jan 2022 01:59:38 +0000
ROA not before: Sat 01 Jan 2022 01:59:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8643
IP address blocks: 87.239.232.0/21 maxlen: 21
195.134.64.0/18 maxlen: 18
88.197.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358527753 (0x155eb309)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b7f817ab5141b5e138280cdf6190166bb9cb87
Validity
Not Before: Jan 1 01:59:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e2938f9cbff43e27cad32e9496af904ef801eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:ea:f7:89:d3:c6:86:29:15:67:e8:04:a1:
20:ab:d7:0e:ba:2e:03:24:57:c2:f5:57:2c:db:ba:
27:8e:3e:93:eb:b4:97:68:e7:fc:f3:c0:15:86:d8:
15:4f:49:d3:1e:b7:1e:85:e4:53:99:79:e8:9d:33:
e1:f5:99:79:e9:82:0a:98:e8:11:1a:0a:ab:36:e0:
64:4b:46:c7:64:d7:7a:af:e6:33:0a:e4:df:44:6a:
2e:45:50:2e:8c:a5:02:b4:20:85:17:ff:7d:94:3a:
73:38:29:d9:40:1e:74:91:0f:0c:7a:f0:2c:4e:31:
d4:f3:56:f9:04:ee:1d:e0:ba:af:ac:38:ba:d8:a4:
76:27:14:64:22:e7:5b:da:f5:57:3a:36:49:7b:20:
bb:f2:24:0e:6c:1f:67:27:5b:ce:0b:91:8a:01:74:
93:42:6a:5a:ed:b0:69:3a:71:35:30:9e:dd:52:7e:
cf:47:1c:40:33:fa:c7:5c:ba:d5:a8:d3:bb:8a:8c:
e5:cf:c6:29:3f:89:33:61:6e:d0:ee:e9:06:87:9a:
90:5c:68:a0:1f:64:72:fc:ae:da:e8:2f:41:5b:b9:
09:58:4e:73:ec:b2:f0:9d:a1:fa:0c:7d:6f:c3:8b:
2c:ce:30:bc:ac:e3:77:b2:e9:8f:2e:c3:ca:ec:d3:
64:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:29:38:F9:CB:FF:43:E2:7C:AD:32:E9:49:6A:F9:04:EF:80:1E:EC
X509v3 Authority Key Identifier:
keyid:68:B7:F8:17:AB:51:41:B5:E1:38:28:0C:DF:61:90:16:6B:B9:CB:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLf4F6tRQbXhOCgM32GQFmu5y4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/nik4-cv_Q-J8rTLpSWr5BO-AHuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/742c14-7b4d-4279-b823-16517126c132/1/aLf4F6tRQbXhOCgM32GQFmu5y4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.232.0/21
88.197.0.0/17
195.134.64.0/18
Signature Algorithm: sha256WithRSAEncryption
67:90:1a:00:85:86:34:6f:5f:e8:47:ac:f1:68:98:c1:af:3c:
a6:43:04:0a:40:69:ba:36:b0:3e:7c:96:b5:1a:06:7b:3c:b8:
85:d5:33:5d:5a:c7:f4:46:15:b1:e2:22:32:4e:51:b4:0a:92:
22:b6:bd:ce:02:ca:00:27:22:94:d0:d4:20:bf:2f:f1:72:22:
d4:75:8e:b0:a0:b2:2a:2c:52:6a:50:89:a4:80:5a:15:cd:71:
c0:a0:6f:ea:0b:62:ca:32:62:84:cf:4e:65:af:72:1b:38:fc:
5b:92:7b:39:f5:96:c9:6c:6d:91:04:cb:2e:fa:aa:6b:d2:19:
b2:8b:d6:b8:4a:2f:7b:ad:75:7c:3f:69:68:97:de:94:99:82:
9d:52:64:51:e3:7b:2d:33:d6:0d:ba:d3:78:66:58:ef:0a:76:
b3:63:39:a8:ac:d3:2c:de:72:32:c4:83:8b:27:d2:86:44:17:
53:27:ea:8c:7e:3a:9f:d0:ec:81:de:c9:56:48:e8:39:6b:9a:
5e:8f:0f:66:cf:9a:e1:5a:42:f3:c4:39:e3:e4:db:03:c1:eb:
ab:02:85:71:74:bc:08:cd:1a:59:95:0b:5b:74:24:97:4c:f0:
c3:24:cb:46:29:7e:2b:fc:76:c5:a8:f6:50:71:fe:bd:55:ba:
23:ba:97:6b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFV6zCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGI3ZjgxN2FiNTE0MWI1ZTEzODI4MGNkZjYxOTAxNjZiYjljYjg3MB4XDTIyMDEw
MTAxNTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWUyOTM4ZjljYmZm
NDNlMjdjYWQzMmU5NDk2YWY5MDRlZjgwMWVlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1s6veJ08aGKRVn6AShIKvXDrouAyRXwvVXLNu6J44+k+u0
l2jn/PPAFYbYFU9J0x63HoXkU5l56J0z4fWZeemCCpjoERoKqzbgZEtGx2TXeq/m
Mwrk30RqLkVQLoylArQghRf/fZQ6czgp2UAedJEPDHrwLE4x1PNW+QTuHeC6r6w4
utikdicUZCLnW9r1Vzo2SXsgu/IkDmwfZydbzguRigF0k0JqWu2waTpxNTCe3VJ+
z0ccQDP6x1y61ajTu4qM5c/GKT+JM2Fu0O7pBoeakFxooB9kcvyu2ugvQVu5CVhO
c+yy8J2h+gx9b8OLLM4wvKzjd7Lpjy7DyuzTZF8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSeKTj5y/9D4nytMulJavkE74Ae7DAfBgNVHSMEGDAWgBRot/gXq1FBteE4
KAzfYZAWa7nLhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMZjRGNnRSUWJYaE9DZ00zMkdRRm11NXk0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvNzQyYzE0LTdiNGQtNDI3OS1iODIzLTE2NTE3MTI2YzEzMi8x
L25pazQtY3ZfUS1KOHJUTHBTV3I1Qk8tQUh1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
NzQyYzE0LTdiNGQtNDI3OS1iODIzLTE2NTE3MTI2YzEzMi8xL2FMZjRGNnRSUWJY
aE9DZ00zMkdRRm11NXk0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1fv6AMEB1jFAAMEBsOGQDANBgkq
hkiG9w0BAQsFAAOCAQEAZ5AaAIWGNG9f6Ees8WiYwa88pkMECkBpujawPnyWtRoG
ezy4hdUzXVrH9EYVseIiMk5RtAqSIra9zgLKACcilNDUIL8v8XIi1HWOsKCyKixS
alCJpIBaFc1xwKBv6gtiyjJihM9OZa9yGzj8W5J7OfWWyWxtkQTLLvqqa9IZsovW
uEove611fD9paJfelJmCnVJkUeN7LTPWDbrTeGZY7wp2s2M5qKzTLN5yMsSDiyfS
hkQXUyfqjH46n9Dsgd7JVkjoOWuaXo8PZs+a4VpC88Q54+TbA8HrqwKFcXS8CM0a
WZULW3Qkl0zwwyTLRil+K/x2xaj2UHH+vVW6I7qXaw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:53 2025 by rpki-client