Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/NrmaMhU5F3cXzgCK61Y6VtYqlOg.roa
File: NrmaMhU5F3cXzgCK61Y6VtYqlOg.roa (raw, json)
Hash identifier: Ps1wS+1BRl2YKvuWS9mHTH4rYxCQ1vCxRcnnfg75a4w=
Subject key identifier: 36:B9:9A:32:15:39:17:77:17:CE:00:8A:EB:56:3A:56:D6:2A:94:E8
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 018572BA734D604C908C4D42F5B9E2A71F99
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/NrmaMhU5F3cXzgCK61Y6VtYqlOg.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204267
IP address blocks: 91.205.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:73:4d:60:4c:90:8c:4d:42:f5:b9:e2:a7:1f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36b99a321539177717ce008aeb563a56d62a94e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ce:9a:14:0a:b9:9b:b1:9a:38:ee:bb:ab:f0:
40:4b:18:d6:32:ea:8b:e4:a9:ac:1e:be:31:db:ed:
8c:ce:a3:b4:f7:78:b9:1f:29:15:f0:8c:7f:5e:1a:
3e:37:4d:b8:a7:a8:e1:36:72:79:f5:89:74:34:38:
b1:cb:6f:14:25:b5:ca:21:c8:3d:20:57:39:91:1b:
51:86:ce:71:eb:1d:07:c4:5d:4d:36:f5:45:69:3e:
ff:67:0b:51:90:4b:43:8c:f0:55:85:0d:23:55:61:
df:9b:67:e5:61:23:9b:56:89:ff:a5:ad:27:fa:da:
f0:04:e7:2e:60:d5:6c:d1:52:51:58:ca:78:56:2d:
a8:11:f9:62:1d:4f:d4:8d:4a:2e:d0:9f:9f:f0:49:
a1:83:f5:b9:05:21:0c:eb:63:c1:83:1e:b9:8b:f7:
0d:3f:bf:53:eb:7e:1c:d1:c2:f0:b5:25:6b:17:cc:
b3:d8:a8:cd:9f:b5:1f:7e:1d:c2:d9:a8:a8:9b:80:
27:5d:b5:a3:11:43:1e:b8:89:9b:1d:a5:e6:28:01:
f1:3c:40:39:43:9d:f7:95:50:43:b1:15:4f:65:bd:
e7:3f:72:91:9a:7d:60:1c:06:09:29:f1:c3:09:d7:
d7:77:9a:99:8f:bd:00:0a:12:20:8c:12:71:51:af:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B9:9A:32:15:39:17:77:17:CE:00:8A:EB:56:3A:56:D6:2A:94:E8
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/NrmaMhU5F3cXzgCK61Y6VtYqlOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:fe:a3:cb:94:c6:5c:fd:75:84:d7:7c:6d:54:2d:50:a0:46:
a5:b7:02:90:55:0a:0f:1b:1e:14:c1:e7:a9:a0:cb:14:ab:c9:
7d:4e:71:d4:53:48:5a:ea:cd:3d:db:a7:6f:95:f2:eb:f2:78:
ac:9a:91:ee:9f:90:1a:c6:9e:ae:bc:3a:f6:1c:a1:49:b0:e1:
9e:47:30:f3:68:c2:07:6a:d4:77:0b:84:a5:29:43:f4:7d:f3:
3c:d7:72:83:64:92:a9:ab:7a:a7:4b:6f:eb:35:0c:29:0d:65:
4e:1c:27:f9:ca:f2:fc:53:45:13:9a:a5:28:58:d6:f5:31:24:
74:aa:ff:6f:27:85:63:15:2f:92:46:fd:19:68:7d:ec:1a:49:
b5:a0:f3:1b:64:d2:16:4a:95:28:2e:8c:be:02:7f:68:b9:50:
df:e0:47:dd:d5:a3:85:64:c8:a8:01:f4:68:5b:6b:5a:47:c8:
74:a0:f9:13:e6:92:b8:1b:07:f7:3d:5a:f8:54:ba:e8:44:e8:
00:32:d2:64:63:70:14:db:08:20:b1:d0:75:9d:cc:8f:90:08:
58:0b:01:34:d7:6e:1d:9c:f3:9c:eb:c0:ce:c0:47:fc:2a:56:
b0:9d:f3:83:d1:7c:ce:d5:4c:49:19:28:f2:75:75:12:12:c6:
09:ad:dd:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyunNNYEyQjE1C9bnipx+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI5OWEzMjE1MzkxNzc3MTdjZTAwOGFlYjU2M2E1NmQ2MmE5NGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk86aFAq5m7GaOO67q/BASxjWMuqL
5KmsHr4x2+2MzqO093i5HykV8Ix/Xho+N024p6jhNnJ59Yl0NDixy28UJbXKIcg9
IFc5kRtRhs5x6x0HxF1NNvVFaT7/ZwtRkEtDjPBVhQ0jVWHfm2flYSObVon/pa0n
+trwBOcuYNVs0VJRWMp4Vi2oEfliHU/UjUou0J+f8Emhg/W5BSEM62PBgx65i/cN
P79T634c0cLwtSVrF8yz2KjNn7Uffh3C2aiom4AnXbWjEUMeuImbHaXmKAHxPEA5
Q533lVBDsRVPZb3nP3KRmn1gHAYJKfHDCdfXd5qZj70AChIgjBJxUa8V3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDa5mjIVORd3F84AiutWOlbWKpToMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvTnJtYU1oVTVGM2NYemdDSzYxWTZWdFlxbE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW83GMA0G
CSqGSIb3DQEBCwUAA4IBAQA7/qPLlMZc/XWE13xtVC1QoEaltwKQVQoPGx4Uweep
oMsUq8l9TnHUU0ha6s0926dvlfLr8nismpHun5Aaxp6uvDr2HKFJsOGeRzDzaMIH
atR3C4SlKUP0ffM813KDZJKpq3qnS2/rNQwpDWVOHCf5yvL8U0UTmqUoWNb1MSR0
qv9vJ4VjFS+SRv0ZaH3sGkm1oPMbZNIWSpUoLoy+An9ouVDf4Efd1aOFZMioAfRo
W2taR8h0oPkT5pK4Gwf3PVr4VLroROgAMtJkY3AU2wggsdB1ncyPkAhYCwE0124d
nPOc68DOwEf8KlawnfOD0XzO1UxJGSjydXUSEsYJrd1s
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:33:56 2025 by rpki-client