Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/ntSFOkTiMjhoXFRQ7DxMVG0nZYM.roa
File: ntSFOkTiMjhoXFRQ7DxMVG0nZYM.roa (raw, json)
Hash identifier: VvAT6JZZLJ6uRVMF5Iw65Lk7pM8kjNXB15VXrJPDrRA=
Subject key identifier: 9E:D4:85:3A:44:E2:32:38:68:5C:54:50:EC:3C:4C:54:6D:27:65:83
Certificate issuer: /CN=1d87f30274951cadfb5b737e1333c73d64b04256
Certificate serial: 053737B8
Authority key identifier: 1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/ntSFOkTiMjhoXFRQ7DxMVG0nZYM.roa
Signing time: Sat 01 Jan 2022 13:57:40 +0000
ROA not before: Sat 01 Jan 2022 13:57:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6696
IP address blocks: 91.220.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87504824 (0x53737b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d87f30274951cadfb5b737e1333c73d64b04256
Validity
Not Before: Jan 1 13:57:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ed4853a44e23238685c5450ec3c4c546d276583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:a9:ff:ad:c0:8f:a8:18:11:79:56:f4:5d:
b0:7e:78:72:37:08:47:10:77:98:98:63:8c:6c:1d:
ae:5c:89:0f:01:e4:9b:dd:48:5c:7d:a6:f0:f1:11:
5d:f9:d0:ff:8b:f4:d3:a2:51:cb:57:fe:ae:37:98:
8a:08:77:2b:58:fb:cf:3a:23:1f:8c:06:d9:be:3c:
ff:31:35:9d:3c:a6:10:5f:dd:c2:a2:45:84:e2:8f:
7b:4e:da:8a:d1:93:5a:7d:37:32:fd:75:27:3f:8c:
45:f5:b3:4a:7b:30:15:2f:9e:98:b4:e3:94:19:c4:
14:dd:1b:aa:17:2b:26:8e:ff:68:7a:a7:e9:f0:88:
c7:ea:62:43:c1:1f:72:32:e9:7a:0f:cc:f5:e5:44:
46:7f:a3:8b:17:ba:45:c4:c2:87:76:7e:96:09:00:
68:39:ca:e4:61:f6:fa:06:2d:85:14:90:92:c7:4e:
24:70:21:b1:ee:ec:4c:5e:11:f7:59:99:f0:42:0c:
c7:dc:36:3e:ca:ad:65:21:52:97:32:41:7c:96:1b:
ae:53:55:65:d3:a4:6e:dd:c6:52:22:1b:77:31:23:
d0:d1:a0:62:d1:7a:77:d2:23:42:d4:31:c2:61:67:
81:04:37:47:86:2e:50:22:9e:07:5c:e0:45:d9:b3:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D4:85:3A:44:E2:32:38:68:5C:54:50:EC:3C:4C:54:6D:27:65:83
X509v3 Authority Key Identifier:
keyid:1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/ntSFOkTiMjhoXFRQ7DxMVG0nZYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:bb:c8:41:20:05:df:4e:46:e4:f9:ae:96:a4:69:21:80:b4:
d1:47:3e:54:9c:26:12:91:73:aa:e0:0f:4a:3d:3d:a8:0e:9a:
a3:d7:14:3e:8f:a6:b1:a6:37:1a:ed:97:8a:58:62:f9:49:db:
22:b8:5f:d2:c5:a1:3b:04:44:02:6d:78:69:9e:59:93:4e:ad:
b5:95:55:cb:87:61:e1:7c:75:60:c8:b1:c9:02:93:eb:d8:e2:
04:95:49:a4:e4:7b:42:c6:05:bb:9a:75:56:4b:e9:51:8d:fd:
6a:6d:11:4b:2c:df:13:bf:6e:8e:85:01:95:c9:04:9c:8c:6d:
b0:79:29:67:95:07:bd:43:9f:6a:9d:6a:68:d3:d2:99:8f:75:
e8:77:bf:dd:1d:56:15:5f:aa:a8:f4:78:53:77:e9:23:ad:d9:
ae:f5:83:91:8d:c7:19:8c:08:89:d1:cd:d1:2a:b0:32:be:3b:
19:f8:bd:c9:1d:57:52:75:9f:73:34:c5:6d:c2:29:2d:de:3e:
a4:bd:1f:20:08:27:5b:43:ff:36:06:ec:e9:46:4c:2c:51:c4:
66:64:b2:46:9c:80:97:32:f5:71:4e:24:c0:54:08:74:27:63:
bb:8a:2d:01:11:71:35:22:8a:25:4e:e1:c6:33:ad:e2:72:c3:
18:7d:36:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBTc3uDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDg3ZjMwMjc0OTUxY2FkZmI1YjczN2UxMzMzYzczZDY0YjA0MjU2MB4XDTIyMDEw
MTEzNTc0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWVkNDg1M2E0NGUy
MzIzODY4NWM1NDUwZWMzYzRjNTQ2ZDI3NjU4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKy9qf+twI+oGBF5VvRdsH54cjcIRxB3mJhjjGwdrlyJDwHk
m91IXH2m8PERXfnQ/4v006JRy1f+rjeYigh3K1j7zzojH4wG2b48/zE1nTymEF/d
wqJFhOKPe07aitGTWn03Mv11Jz+MRfWzSnswFS+emLTjlBnEFN0bqhcrJo7/aHqn
6fCIx+piQ8EfcjLpeg/M9eVERn+jixe6RcTCh3Z+lgkAaDnK5GH2+gYthRSQksdO
JHAhse7sTF4R91mZ8EIMx9w2PsqtZSFSlzJBfJYbrlNVZdOkbt3GUiIbdzEj0NGg
YtF6d9IjQtQxwmFngQQ3R4YuUCKeB1zgRdmzubMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSe1IU6ROIyOGhcVFDsPExUbSdlgzAfBgNVHSMEGDAWgBQdh/MCdJUcrftb
c34TM8c9ZLBCVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hZZnpBblNWSEszN1czTi1FelBIUFdTd1FsWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvMjQ4NWY1LWRmM2UtNGRiYS04MTBlLWZlNDQwMTExZDgwNy8x
L250U0ZPa1RpTWpob1hGUlE3RHhNVkcwblpZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
MjQ4NWY1LWRmM2UtNGRiYS04MTBlLWZlNDQwMTExZDgwNy8xL0hZZnpBblNWSEsz
N1czTi1FelBIUFdTd1FsWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvcbzANBgkqhkiG9w0BAQsFAAOC
AQEAnbvIQSAF305G5PmulqRpIYC00Uc+VJwmEpFzquAPSj09qA6ao9cUPo+msaY3
Gu2Xilhi+UnbIrhf0sWhOwREAm14aZ5Zk06ttZVVy4dh4Xx1YMixyQKT69jiBJVJ
pOR7QsYFu5p1VkvpUY39am0RSyzfE79ujoUBlckEnIxtsHkpZ5UHvUOfap1qaNPS
mY916He/3R1WFV+qqPR4U3fpI63ZrvWDkY3HGYwIidHN0SqwMr47Gfi9yR1XUnWf
czTFbcIpLd4+pL0fIAgnW0P/Ngbs6UZMLFHEZmSyRpyAlzL1cU4kwFQIdCdju4ot
ARFxNSKKJU7hxjOt4nLDGH02zQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:39:31 2025 by rpki-client