Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/1NG0UG4CA5m8KB9pWsWkfMfuvdU.roa
File: 1NG0UG4CA5m8KB9pWsWkfMfuvdU.roa (raw, json)
Hash identifier: Ht5ywoOCmFcq1K87UPuGTJyUjCk11ph7NwHFkbogWjk=
Subject key identifier: D4:D1:B4:50:6E:02:03:99:BC:28:1F:69:5A:C5:A4:7C:C7:EE:BD:D5
Certificate issuer: /CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Certificate serial: 018BA60DAF54565EA82EF7207A2DAFCBD1E5
Authority key identifier: 09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/1NG0UG4CA5m8KB9pWsWkfMfuvdU.roa
Signing time: Mon 06 Nov 2023 19:13:16 +0000
ROA not before: Mon 06 Nov 2023 19:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 91.238.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:0d:af:54:56:5e:a8:2e:f7:20:7a:2d:af:cb:d1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0957b23c83795bc35c30bc1365a30fdf3375ac89
Validity
Not Before: Nov 6 19:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4d1b4506e020399bc281f695ac5a47cc7eebdd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:db:ee:d5:76:8a:f3:73:b1:a4:13:4c:8e:b2:
34:53:3f:b6:55:6b:ef:6e:16:71:5d:66:c2:e9:36:
17:7c:ac:ed:a6:c0:64:3e:aa:49:eb:de:f0:82:88:
72:21:3b:dc:ab:d2:0b:25:d1:6e:65:cf:26:22:c2:
d8:92:e5:9a:7a:24:a5:c1:2a:88:cb:5a:eb:b0:c4:
0e:48:bf:3a:fe:45:0b:2a:dd:95:de:fe:8c:98:9f:
27:2d:fc:fc:45:aa:73:92:51:16:0e:d3:c7:4a:4b:
ca:d5:bd:21:aa:97:d3:69:2a:83:e0:0c:2f:d9:da:
1f:a5:93:0b:4e:67:20:04:cb:fc:8f:32:db:a6:3d:
83:02:e9:b7:86:96:73:68:f3:5b:c9:08:7b:49:53:
d6:25:7d:b6:f6:88:a1:07:df:92:b3:9b:9c:da:97:
83:f6:c5:3f:cf:ee:8c:b0:5d:fc:12:9d:47:fc:ff:
2d:d0:73:c5:f8:9c:07:44:9e:77:81:44:05:25:6a:
31:36:c0:fb:10:38:0d:a0:dc:6a:56:2f:33:e3:e0:
e9:e9:8c:3c:b9:0b:02:15:ce:d4:3c:34:08:44:e6:
50:d3:25:ae:2d:5b:13:22:19:41:56:f0:ae:39:50:
ec:55:4c:6c:f1:82:34:8d:ac:9c:56:5b:90:80:37:
42:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D1:B4:50:6E:02:03:99:BC:28:1F:69:5A:C5:A4:7C:C7:EE:BD:D5
X509v3 Authority Key Identifier:
keyid:09:57:B2:3C:83:79:5B:C3:5C:30:BC:13:65:A3:0F:DF:33:75:AC:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVeyPIN5W8NcMLwTZaMP3zN1rIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/1NG0UG4CA5m8KB9pWsWkfMfuvdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/64984d-ae8f-4cf9-a3c3-1e92c7bdc582/1/CVeyPIN5W8NcMLwTZaMP3zN1rIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.209.0/24
Signature Algorithm: sha256WithRSAEncryption
38:99:17:ee:9b:50:5c:b8:a3:4d:48:30:5a:e7:a4:c4:49:c1:
62:4d:34:6f:4e:d8:28:45:a2:b3:3c:f7:75:13:b5:6a:56:07:
83:c5:16:92:a0:57:23:d4:a7:23:6e:00:a8:bd:1b:4f:88:9b:
79:28:71:58:fe:4c:48:79:0f:6f:6e:d0:8c:c2:b9:68:67:1c:
06:6e:d8:ad:5e:62:fd:98:49:f8:f0:5b:0a:70:84:66:a9:94:
f2:35:e9:72:89:5c:03:4a:4c:88:d4:e4:55:6a:79:6d:af:9f:
ee:aa:8d:ee:39:a0:f6:61:25:63:3c:70:05:94:dc:3d:4e:17:
c7:d1:b8:f5:bf:c7:e8:ee:47:12:c8:db:1c:00:31:13:4f:b1:
a6:1f:fe:c0:28:95:bd:48:09:1b:f6:42:c4:4a:87:1c:f0:0d:
50:ae:fb:1b:e9:fe:bc:43:8b:5b:30:a8:64:08:7d:01:8b:df:
04:64:c5:e8:b6:6e:40:58:1a:d3:50:62:ef:86:72:6f:03:aa:
69:c1:18:22:23:8b:87:54:3a:bd:12:a1:e3:f3:90:c0:6a:ec:
7c:bd:fc:f2:3e:ac:68:64:ea:b9:a8:5b:b2:9e:ed:56:ba:cd:
09:3e:39:56:e4:89:52:d7:1c:af:a2:ae:c0:05:ed:df:b3:7f:
73:ff:f5:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYumDa9UVl6oLvcgei2vy9HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTdiMjNjODM3OTViYzM1YzMwYmMxMzY1YTMwZmRmMzM3
NWFjODkwHhcNMjMxMTA2MTkxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQxYjQ1MDZlMDIwMzk5YmMyODFmNjk1YWM1YTQ3Y2M3ZWViZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNvu1XaK83OxpBNMjrI0Uz+2VWvv
bhZxXWbC6TYXfKztpsBkPqpJ697wgohyITvcq9ILJdFuZc8mIsLYkuWaeiSlwSqI
y1rrsMQOSL86/kULKt2V3v6MmJ8nLfz8RapzklEWDtPHSkvK1b0hqpfTaSqD4Awv
2dofpZMLTmcgBMv8jzLbpj2DAum3hpZzaPNbyQh7SVPWJX229oihB9+Ss5uc2peD
9sU/z+6MsF38Ep1H/P8t0HPF+JwHRJ53gUQFJWoxNsD7EDgNoNxqVi8z4+Dp6Yw8
uQsCFc7UPDQIROZQ0yWuLVsTIhlBVvCuOVDsVUxs8YI0jaycVluQgDdCSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTRtFBuAgOZvCgfaVrFpHzH7r3VMB8GA1UdIwQY
MBaAFAlXsjyDeVvDXDC8E2WjD98zdayJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZleVBJTjVXOE5jTUx3VFphTVAzek4xcklrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NDk4NGQtYWU4Zi00Y2Y5LWEzYzMt
MWU5MmM3YmRjNTgyLzEvMU5HMFVHNENBNW04S0I5cFdzV2tmTWZ1dmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NDk4NGQtYWU4Zi00Y2Y5LWEzYzMtMWU5MmM3YmRjNTgy
LzEvQ1ZleVBJTjVXOE5jTUx3VFphTVAzek4xcklrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7RMA0G
CSqGSIb3DQEBCwUAA4IBAQA4mRfum1BcuKNNSDBa56TEScFiTTRvTtgoRaKzPPd1
E7VqVgeDxRaSoFcj1KcjbgCovRtPiJt5KHFY/kxIeQ9vbtCMwrloZxwGbtitXmL9
mEn48FsKcIRmqZTyNelyiVwDSkyI1ORVanltr5/uqo3uOaD2YSVjPHAFlNw9ThfH
0bj1v8fo7kcSyNscADETT7GmH/7AKJW9SAkb9kLESocc8A1Qrvsb6f68Q4tbMKhk
CH0Bi98EZMXotm5AWBrTUGLvhnJvA6ppwRgiI4uHVDq9EqHj85DAaux8vfzyPqxo
ZOq5qFuynu1Wus0JPjlW5IlS1xyvoq7ABe3fs39z//VA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:00 2025 by rpki-client