Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/NsO2VYzTd1hkzTjBR-TfX7_XqZ4.roa
File: NsO2VYzTd1hkzTjBR-TfX7_XqZ4.roa (raw, json)
Hash identifier: F1+0N3Kfku00v7pM7m53G6z5C27HHgG0RtZEzSpERJE=
Subject key identifier: 36:C3:B6:55:8C:D3:77:58:64:CD:38:C1:47:E4:DF:5F:BF:D7:A9:9E
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0189F88CDE43A51ADE8BC3E49A001954C07F
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/NsO2VYzTd1hkzTjBR-TfX7_XqZ4.roa
Signing time: Tue 15 Aug 2023 09:35:28 +0000
ROA not before: Tue 15 Aug 2023 09:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49422
IP address blocks: 192.49.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:8c:de:43:a5:1a:de:8b:c3:e4:9a:00:19:54:c0:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Aug 15 09:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36c3b6558cd3775864cd38c147e4df5fbfd7a99e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f5:1a:d2:65:00:a0:c6:33:29:7f:43:b2:30:
a0:fc:73:03:6c:14:06:1c:fd:33:47:8e:96:88:7f:
e8:1e:99:04:4e:ac:1c:40:d0:ff:0a:88:85:e0:81:
25:12:64:9e:92:fe:5b:d0:f7:5f:01:0a:2c:08:d2:
22:80:03:c3:6d:82:85:62:87:a5:2e:ab:f8:fb:d8:
71:5d:ae:1d:21:fc:a8:d5:44:d7:71:34:16:f0:fb:
b3:f4:7a:0c:bf:97:3a:90:f2:69:94:85:a5:d0:be:
72:07:58:a3:ac:c2:85:79:f9:b2:c0:a3:ab:34:ba:
a6:94:34:03:e6:3f:78:c8:9c:2e:44:33:8d:91:74:
40:71:6a:62:f4:31:06:a7:f5:94:ad:3a:51:c4:cb:
41:6f:02:2e:e5:66:cc:a1:54:4d:69:e8:a4:4b:0d:
9c:5d:c5:6a:98:de:80:b6:99:6c:36:06:6e:a1:83:
e8:f2:22:ff:e4:70:75:4c:86:da:0b:c1:fd:60:66:
0e:fc:58:8c:74:df:b9:3e:16:ee:28:e4:26:2d:24:
6e:d7:36:45:a3:dc:6c:52:bc:af:df:72:e1:ce:d2:
b9:05:ae:c6:7e:56:9d:39:39:a5:31:8f:db:18:6c:
24:35:ee:8b:74:e3:ee:dc:f3:1f:49:42:9a:53:f7:
2e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:C3:B6:55:8C:D3:77:58:64:CD:38:C1:47:E4:DF:5F:BF:D7:A9:9E
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/NsO2VYzTd1hkzTjBR-TfX7_XqZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.49.90.0/24
Signature Algorithm: sha256WithRSAEncryption
88:60:94:bc:2f:68:f8:f0:27:c7:2c:47:cd:51:b1:6e:26:d9:
a8:2d:da:7b:61:e0:d0:ba:14:da:bb:02:b6:40:6b:d1:94:90:
06:09:dc:bb:a2:89:c2:e7:8b:cd:17:e8:df:1d:7a:97:41:8a:
98:5b:1f:98:a5:48:da:74:48:06:dc:7f:37:e6:95:6b:0b:60:
15:43:c0:22:a0:0f:4f:8c:34:85:df:17:29:84:c6:dd:1b:24:
1c:40:ef:a9:ab:8a:88:f3:f8:0d:67:32:e2:f3:f8:4f:30:f9:
fa:12:05:71:d7:28:d3:02:29:06:67:f9:52:b8:e2:7a:af:ce:
80:cc:c6:c8:4f:91:16:67:41:7b:e9:4e:3e:ff:1d:71:18:83:
ba:a4:0b:5e:c3:33:6a:f5:2b:7e:2f:c6:91:0c:2c:42:96:6a:
c3:f5:e3:a5:c4:6e:52:7d:a9:af:a9:47:61:d1:a9:2c:97:32:
8d:08:fc:c2:f0:c0:e5:4b:ca:34:10:19:cc:a8:4a:96:07:66:
92:ef:da:9f:a9:27:92:51:66:12:83:ab:76:86:46:b6:b7:04:
59:c2:60:82:c3:36:d2:8d:b8:e7:af:ac:6b:81:b4:a1:1d:27:
8f:78:3a:8a:51:ad:b4:b3:fc:d4:5b:9a:e1:23:0b:aa:62:6b:
a8:0f:d9:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn4jN5DpRrei8PkmgAZVMB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjMwODE1MDkzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmMzYjY1NThjZDM3NzU4NjRjZDM4YzE0N2U0ZGY1ZmJmZDdhOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fUa0mUAoMYzKX9DsjCg/HMDbBQG
HP0zR46WiH/oHpkETqwcQND/CoiF4IElEmSekv5b0PdfAQosCNIigAPDbYKFYoel
Lqv4+9hxXa4dIfyo1UTXcTQW8Puz9HoMv5c6kPJplIWl0L5yB1ijrMKFefmywKOr
NLqmlDQD5j94yJwuRDONkXRAcWpi9DEGp/WUrTpRxMtBbwIu5WbMoVRNaeikSw2c
XcVqmN6AtplsNgZuoYPo8iL/5HB1TIbaC8H9YGYO/FiMdN+5PhbuKOQmLSRu1zZF
o9xsUryv33LhztK5Ba7GfladOTmlMY/bGGwkNe6LdOPu3PMfSUKaU/cuiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbDtlWM03dYZM04wUfk31+/16meMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvTnNPMlZZelRkMWhrelRqQlItVGZYN19YcVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwDFaMA0G
CSqGSIb3DQEBCwUAA4IBAQCIYJS8L2j48CfHLEfNUbFuJtmoLdp7YeDQuhTauwK2
QGvRlJAGCdy7oonC54vNF+jfHXqXQYqYWx+YpUjadEgG3H835pVrC2AVQ8AioA9P
jDSF3xcphMbdGyQcQO+pq4qI8/gNZzLi8/hPMPn6EgVx1yjTAikGZ/lSuOJ6r86A
zMbIT5EWZ0F76U4+/x1xGIO6pAtewzNq9St+L8aRDCxClmrD9eOlxG5SfamvqUdh
0akslzKNCPzC8MDlS8o0EBnMqEqWB2aS79qfqSeSUWYSg6t2hka2twRZwmCCwzbS
jbjnr6xrgbShHSePeDqKUa20s/zUW5rhIwuqYmuoD9n+
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:03:57 2025 by rpki-client