Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/NCAfFRUILJWR__9z1VBnu3xlpIg.roa
File: NCAfFRUILJWR__9z1VBnu3xlpIg.roa (raw, json)
Hash identifier: 4nsBECN92ZDoFpuSD6X/QAb1a8mQYPc5a3+zHJNcyPw=
Subject key identifier: 34:20:1F:15:15:08:2C:95:91:FF:FF:73:D5:50:67:BB:7C:65:A4:88
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0189C1442DBCD0117E3D4C9DD1A0506BA4D0
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/NCAfFRUILJWR__9z1VBnu3xlpIg.roa
Signing time: Fri 04 Aug 2023 15:56:58 +0000
ROA not before: Fri 04 Aug 2023 15:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.147.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:44:2d:bc:d0:11:7e:3d:4c:9d:d1:a0:50:6b:a4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 4 15:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34201f1515082c9591ffff73d55067bb7c65a488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a7:97:17:61:de:89:41:f9:df:42:73:cf:ae:
f1:3f:10:28:88:a6:55:86:b8:69:8f:2f:ce:4c:34:
1c:06:d9:ae:3a:36:9f:3d:f9:ba:80:50:64:2b:f0:
ee:dc:38:66:90:79:ad:71:a6:5f:eb:f7:c8:6c:6b:
94:e0:19:97:c5:c1:87:dc:40:b2:98:a9:eb:8f:eb:
0e:d2:d0:95:ce:86:53:69:03:6c:bc:40:55:44:9f:
02:e2:61:0c:f5:f1:dd:b5:22:3d:60:85:b5:bd:d9:
8a:a6:2d:06:61:06:6e:50:8e:33:1c:6e:58:89:d3:
ee:96:94:3b:69:69:15:cf:fa:f4:57:f7:b5:64:4d:
c8:52:a7:ee:80:8a:45:36:4b:54:7f:b2:d3:94:f2:
a6:36:4c:5c:fd:9e:2e:d2:98:01:16:ba:fa:e2:cc:
9e:96:7b:a7:95:2b:33:a1:4d:bd:e5:42:d0:20:a1:
85:79:5f:dd:25:a4:67:5a:cb:a7:0e:77:55:ec:bb:
13:79:3b:d3:77:5e:cc:d1:5f:d7:a3:5c:2f:2b:e9:
f2:37:71:ce:f5:43:9e:01:fd:7b:9f:52:37:d5:00:
de:26:0f:2c:2d:01:09:d8:30:71:5e:84:58:78:20:
0f:6e:cf:5c:81:b2:ab:d3:24:8a:70:fc:33:c3:d5:
51:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:20:1F:15:15:08:2C:95:91:FF:FF:73:D5:50:67:BB:7C:65:A4:88
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/NCAfFRUILJWR__9z1VBnu3xlpIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:46:a0:8a:db:a8:94:36:2d:19:9e:68:7f:3e:8f:8f:be:ea:
3e:9c:79:6e:6f:c6:84:e0:3a:0b:f6:0f:41:0d:24:ff:95:03:
0a:e2:b9:3d:fe:ed:ce:32:19:c2:c7:d9:33:f3:7d:17:d7:46:
9c:6c:9d:9c:e3:79:23:dd:c7:36:28:ae:f5:2b:af:f9:5a:bd:
5e:ed:ed:8c:25:cb:bf:8e:92:bb:1e:40:21:fe:4c:c5:ab:ce:
8f:5a:00:e3:c5:db:0e:56:1a:25:95:63:70:8d:35:79:d9:d4:
36:48:c4:fe:17:ce:d4:36:da:99:1c:16:fb:26:2c:3b:67:4d:
7c:01:40:9f:24:03:00:32:a9:5a:75:0a:a8:ce:3d:f2:2d:53:
1e:22:4a:33:35:72:e3:5c:ac:9a:ce:d3:a6:33:09:a6:e8:2b:
99:28:1f:20:e1:23:1a:38:b2:f2:f0:1e:02:09:76:77:c7:a9:
3d:c7:5e:eb:a8:47:5b:18:12:ae:6b:50:15:f0:2f:4c:f9:fc:
67:33:13:94:29:98:87:cf:bc:c3:c6:2f:c3:dd:8e:95:ee:fd:
f0:92:f3:1e:bc:4b:28:3e:d4:89:27:70:3a:9e:66:2c:6d:71:
15:93:96:f6:8a:69:cc:d7:3f:05:1b:d8:54:c5:ba:a6:1c:4a:
db:f9:2e:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnBRC280BF+PUyd0aBQa6TQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwODA0MTU1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDIwMWYxNTE1MDgyYzk1OTFmZmZmNzNkNTUwNjdiYjdjNjVhNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqeXF2HeiUH530Jzz67xPxAoiKZV
hrhpjy/OTDQcBtmuOjafPfm6gFBkK/Du3DhmkHmtcaZf6/fIbGuU4BmXxcGH3ECy
mKnrj+sO0tCVzoZTaQNsvEBVRJ8C4mEM9fHdtSI9YIW1vdmKpi0GYQZuUI4zHG5Y
idPulpQ7aWkVz/r0V/e1ZE3IUqfugIpFNktUf7LTlPKmNkxc/Z4u0pgBFrr64sye
lnunlSszoU295ULQIKGFeV/dJaRnWsunDndV7LsTeTvTd17M0V/Xo1wvK+nyN3HO
9UOeAf17n1I31QDeJg8sLQEJ2DBxXoRYeCAPbs9cgbKr0ySKcPwzw9VR9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQgHxUVCCyVkf//c9VQZ7t8ZaSIMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvTkNBZkZSVUlMSldSX185ejFWQm51M3hscElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5N0MA0G
CSqGSIb3DQEBCwUAA4IBAQAcRqCK26iUNi0Znmh/Po+Pvuo+nHlub8aE4DoL9g9B
DST/lQMK4rk9/u3OMhnCx9kz830X10acbJ2c43kj3cc2KK71K6/5Wr1e7e2MJcu/
jpK7HkAh/kzFq86PWgDjxdsOVhollWNwjTV52dQ2SMT+F87UNtqZHBb7Jiw7Z018
AUCfJAMAMqladQqozj3yLVMeIkozNXLjXKyaztOmMwmm6CuZKB8g4SMaOLLy8B4C
CXZ3x6k9x17rqEdbGBKua1AV8C9M+fxnMxOUKZiHz7zDxi/D3Y6V7v3wkvMevEso
PtSJJ3A6nmYsbXEVk5b2imnM1z8FG9hUxbqmHErb+S4g
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:14 2025 by rpki-client