Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/NwJXj48f3jKASwSQ999H1bhwMi0.roa
File: NwJXj48f3jKASwSQ999H1bhwMi0.roa (raw, json)
Hash identifier: jmXOFOpgOCRrrRTsE9XCC8uVeLFExCKmtbCLmBmBni0=
Subject key identifier: 37:02:57:8F:8F:1F:DE:32:80:4B:04:90:F7:DF:47:D5:B8:70:32:2D
Certificate issuer: /CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Certificate serial: 0184F40812421C1CA9E8646B9A7461FCA84F
Authority key identifier: 16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/NwJXj48f3jKASwSQ999H1bhwMi0.roa
Signing time: Thu 08 Dec 2022 23:18:00 +0000
ROA not before: Thu 08 Dec 2022 23:18:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209193
IP address blocks: 93.191.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f4:08:12:42:1c:1c:a9:e8:64:6b:9a:74:61:fc:a8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Validity
Not Before: Dec 8 23:18:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3702578f8f1fde32804b0490f7df47d5b870322d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b3:84:2e:ae:34:78:ac:b8:ab:04:ba:a0:76:
b8:be:03:92:dd:42:6f:1f:53:37:1e:53:a9:0b:08:
03:09:3c:6a:a6:e6:83:32:3e:98:03:90:c7:7e:d7:
ae:be:a7:62:b5:33:fb:d6:50:2b:e5:77:87:02:32:
6a:ba:5d:eb:43:20:3b:5e:12:b7:75:45:27:e9:49:
61:8e:80:49:13:84:69:58:7e:f1:6d:71:ca:af:89:
63:4f:d4:f6:f6:65:1f:31:32:3a:0a:f2:86:00:db:
21:c2:69:f7:57:ee:ef:61:94:70:2b:68:98:6b:09:
c5:c3:31:68:56:83:49:a3:0f:4a:6b:9d:25:6f:3e:
e2:62:e3:b1:84:a1:3c:8c:db:54:54:fc:b2:7a:43:
64:08:02:74:38:47:f2:51:26:42:ad:50:15:73:c8:
f9:6e:41:9c:81:e0:52:d7:8a:dc:2e:50:f9:1d:b4:
42:ab:49:b5:42:16:9c:82:20:27:59:5c:3b:35:9b:
96:64:64:e8:5d:ef:04:8a:74:e5:f1:6a:e6:a9:33:
84:2a:cf:35:1e:ef:9d:7f:0c:9e:17:5a:b5:5c:d5:
bd:e3:d4:8e:55:39:71:34:6f:7e:a6:d8:93:e5:6c:
55:ee:61:58:d1:d2:fd:f2:0c:87:7e:32:fa:ae:d2:
23:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:02:57:8F:8F:1F:DE:32:80:4B:04:90:F7:DF:47:D5:B8:70:32:2D
X509v3 Authority Key Identifier:
keyid:16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/NwJXj48f3jKASwSQ999H1bhwMi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.114.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f8:bf:5d:25:b5:16:c8:66:cd:7f:61:9e:e2:7f:35:b3:4d:
b1:9a:97:c5:4c:ee:5f:0e:a9:35:a0:c0:ac:12:43:3a:d4:87:
ac:6a:6e:ec:dd:17:4b:2b:3a:0a:54:59:71:19:9b:b6:e5:32:
5c:d6:e9:42:1e:31:44:6c:9b:de:92:11:3d:4f:9e:19:9b:32:
84:8e:1b:27:ac:7b:32:b1:7b:03:37:0c:bf:d5:8c:83:02:53:
5c:40:98:21:ee:a8:a7:85:42:82:54:2a:4d:f4:84:a1:2d:48:
61:e9:cc:7c:cb:5a:ef:80:36:80:35:18:fe:6e:65:b9:8c:28:
ee:d0:87:3e:63:a7:74:f5:3b:46:e8:04:b9:4b:eb:8e:eb:e8:
b0:26:cb:f3:17:28:bf:25:e4:0e:3b:c3:15:8a:24:db:1b:bb:
f5:c3:93:8d:46:a2:42:b8:d6:44:1b:59:1b:aa:e8:6b:b6:a4:
95:c9:ef:f2:d4:44:56:44:cc:a2:a9:c9:61:0e:48:8d:b9:1e:
22:f6:92:90:8c:ba:2b:16:3d:18:2a:5b:60:13:d8:f1:a9:1d:
20:65:8f:46:79:95:27:73:82:13:70:4f:f7:3a:e0:2d:3e:d1:
fc:a0:e3:87:39:49:b4:72:b9:53:6e:42:cf:5f:51:58:68:e5:
45:47:19:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT0CBJCHByp6GRrmnRh/KhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTdjNDZlYWZhMTBlYzVkOTA3YmIwNWUzNzEyM2I2OTJh
YjQ5NGMwHhcNMjIxMjA4MjMxODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzAyNTc4ZjhmMWZkZTMyODA0YjA0OTBmN2RmNDdkNWI4NzAzMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLOELq40eKy4qwS6oHa4vgOS3UJv
H1M3HlOpCwgDCTxqpuaDMj6YA5DHfteuvqditTP71lAr5XeHAjJqul3rQyA7XhK3
dUUn6UlhjoBJE4RpWH7xbXHKr4ljT9T29mUfMTI6CvKGANshwmn3V+7vYZRwK2iY
awnFwzFoVoNJow9Ka50lbz7iYuOxhKE8jNtUVPyyekNkCAJ0OEfyUSZCrVAVc8j5
bkGcgeBS14rcLlD5HbRCq0m1QhacgiAnWVw7NZuWZGToXe8EinTl8WrmqTOEKs81
Hu+dfwyeF1q1XNW949SOVTlxNG9+ptiT5WxV7mFY0dL98gyHfjL6rtIjXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcCV4+PH94ygEsEkPffR9W4cDItMB8GA1UdIwQY
MBaAFBaXxG6voQ7F2Qe7BeNxI7aSq0lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUt
NzY1MjJjMjA3YzU1LzEvTndKWGo0OGYzaktBU3dTUTk5OUgxYmh3TWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUtNzY1MjJjMjA3YzU1
LzEvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXb9yMA0G
CSqGSIb3DQEBCwUAA4IBAQCS+L9dJbUWyGbNf2Ge4n81s02xmpfFTO5fDqk1oMCs
EkM61Iesam7s3RdLKzoKVFlxGZu25TJc1ulCHjFEbJvekhE9T54ZmzKEjhsnrHsy
sXsDNwy/1YyDAlNcQJgh7qinhUKCVCpN9IShLUhh6cx8y1rvgDaANRj+bmW5jCju
0Ic+Y6d09TtG6AS5S+uO6+iwJsvzFyi/JeQOO8MViiTbG7v1w5ONRqJCuNZEG1kb
quhrtqSVye/y1ERWRMyiqclhDkiNuR4i9pKQjLorFj0YKltgE9jxqR0gZY9GeZUn
c4ITcE/3OuAtPtH8oOOHOUm0crlTbkLPX1FYaOVFRxkk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:17 2025 by rpki-client