Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6f71f3-6399-4913-b98e-98e25e046908/1/NHFmwA-DKDNa_gxNrqlhSd7AMN4.roa
File: NHFmwA-DKDNa_gxNrqlhSd7AMN4.roa (raw, json)
Hash identifier: OIL5aRQwL74WzSHCxucebYXRoUvtyzb3UJAGQu6rAbw=
Subject key identifier: 34:71:66:C0:0F:83:28:33:5A:FE:0C:4D:AE:A9:61:49:DE:C0:30:DE
Certificate issuer: /CN=490db999ca4ce287c5c92ab167a500902259bb05
Certificate serial: 0185704BB2362713FB5EEA8950A7F74441FE
Authority key identifier: 49:0D:B9:99:CA:4C:E2:87:C5:C9:2A:B1:67:A5:00:90:22:59:BB:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQ25mcpM4ofFySqxZ6UAkCJZuwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6f71f3-6399-4913-b98e-98e25e046908/1/NHFmwA-DKDNa_gxNrqlhSd7AMN4.roa
Signing time: Mon 02 Jan 2023 02:24:47 +0000
ROA not before: Mon 02 Jan 2023 02:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34666
IP address blocks: 81.16.240.0/24 maxlen: 24
81.16.241.0/24 maxlen: 24
81.16.246.0/24 maxlen: 24
81.16.244.0/24 maxlen: 24
81.16.245.0/24 maxlen: 24
81.16.242.0/24 maxlen: 24
81.16.243.0/24 maxlen: 24
81.16.247.0/24 maxlen: 24
81.16.248.0/24 maxlen: 24
81.16.253.0/24 maxlen: 24
81.16.251.0/24 maxlen: 24
81.16.252.0/24 maxlen: 24
81.16.249.0/24 maxlen: 24
81.16.250.0/24 maxlen: 24
81.16.254.0/24 maxlen: 24
81.16.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:b2:36:27:13:fb:5e:ea:89:50:a7:f7:44:41:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=490db999ca4ce287c5c92ab167a500902259bb05
Validity
Not Before: Jan 2 02:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=347166c00f8328335afe0c4daea96149dec030de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9a:a3:5a:f4:1a:6a:e6:29:69:69:26:60:19:
77:38:c2:95:6d:d0:53:b9:17:9a:52:ba:25:f7:33:
c3:1d:21:cc:d7:5d:eb:bf:26:7c:b0:3e:6b:c1:eb:
30:96:74:88:33:39:a9:49:19:f7:37:72:7a:35:b1:
1e:10:31:04:d6:84:95:9e:94:c4:c4:bf:6e:46:21:
55:cf:44:11:82:f5:62:f7:4f:7c:36:94:d5:cb:ee:
ef:2c:70:1b:cd:f2:cf:6b:e0:51:d7:c3:1a:27:80:
8d:97:c4:0d:00:34:f7:80:ef:c7:56:57:55:de:95:
50:31:2e:06:91:cb:c8:8e:fd:92:cb:bb:09:7b:b7:
9a:42:ff:4b:c5:d3:f6:27:4c:03:ed:ee:48:66:cb:
e4:fc:f5:d1:15:6b:f2:e5:6e:fe:14:14:5e:da:70:
e2:38:57:31:51:2a:fe:02:75:3f:9a:7f:cb:ce:13:
be:71:9d:6e:89:82:cb:77:2a:e0:3a:90:14:b2:32:
df:21:17:7d:81:c0:8b:2c:1d:8f:37:a9:70:02:85:
14:df:df:d9:23:b2:d6:c2:16:60:6c:46:24:ce:22:
a5:80:a7:3e:e6:de:24:fe:23:29:32:2a:d5:3b:de:
25:55:33:bd:34:f0:2c:7f:20:b7:a9:9f:ac:51:70:
f0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:66:C0:0F:83:28:33:5A:FE:0C:4D:AE:A9:61:49:DE:C0:30:DE
X509v3 Authority Key Identifier:
keyid:49:0D:B9:99:CA:4C:E2:87:C5:C9:2A:B1:67:A5:00:90:22:59:BB:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQ25mcpM4ofFySqxZ6UAkCJZuwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6f71f3-6399-4913-b98e-98e25e046908/1/NHFmwA-DKDNa_gxNrqlhSd7AMN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6f71f3-6399-4913-b98e-98e25e046908/1/SQ25mcpM4ofFySqxZ6UAkCJZuwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.240.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:cc:f4:4c:1a:d1:90:ce:6d:35:84:68:5a:bf:80:5c:f7:e2:
9d:e0:94:97:7b:8d:b7:d8:d4:78:35:56:87:4b:20:ee:c2:21:
a9:b7:cd:52:1a:28:5e:3b:01:54:83:76:06:ab:c0:4c:ba:32:
c8:39:58:bc:a0:cc:3a:b9:88:a8:48:f3:f4:7f:97:3d:47:6e:
23:d3:03:fd:34:30:b1:62:26:3e:ab:88:a6:54:f7:65:e6:d1:
71:bd:20:89:6d:0f:9f:74:a2:69:2a:ae:81:f2:df:35:c7:1a:
b5:2f:79:fa:26:99:cc:e2:27:ce:0f:90:03:39:04:56:45:ec:
3e:a6:c7:24:4e:e8:36:71:e5:1c:ec:28:0f:54:5f:f1:64:a5:
61:88:d4:2a:77:28:bc:47:d4:1b:06:02:92:97:44:01:55:47:
d2:22:41:a6:1d:79:cd:d9:9b:23:6c:7f:95:4f:9b:c1:77:86:
2d:46:0a:7c:36:8d:89:e5:3b:d2:4f:78:98:ea:90:ff:f7:49:
9c:b3:d6:f8:ee:25:fa:ee:51:93:1b:8e:b0:b5:04:3c:9e:d7:
6f:21:2a:be:51:1a:e2:af:8d:02:16:dd:5e:53:bf:bf:5a:f1:
3f:7d:5a:86:ce:86:a3:bc:d7:ee:8d:76:37:7b:ab:0c:bd:51:
ce:58:0f:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS7I2JxP7XuqJUKf3REH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGRiOTk5Y2E0Y2UyODdjNWM5MmFiMTY3YTUwMDkwMjI1
OWJiMDUwHhcNMjMwMTAyMDIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDcxNjZjMDBmODMyODMzNWFmZTBjNGRhZWE5NjE0OWRlYzAzMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZqjWvQaauYpaWkmYBl3OMKVbdBT
uReaUrol9zPDHSHM113rvyZ8sD5rweswlnSIMzmpSRn3N3J6NbEeEDEE1oSVnpTE
xL9uRiFVz0QRgvVi9098NpTVy+7vLHAbzfLPa+BR18MaJ4CNl8QNADT3gO/HVldV
3pVQMS4GkcvIjv2Sy7sJe7eaQv9LxdP2J0wD7e5IZsvk/PXRFWvy5W7+FBRe2nDi
OFcxUSr+AnU/mn/LzhO+cZ1uiYLLdyrgOpAUsjLfIRd9gcCLLB2PN6lwAoUU39/Z
I7LWwhZgbEYkziKlgKc+5t4k/iMpMirVO94lVTO9NPAsfyC3qZ+sUXDw6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRxZsAPgygzWv4MTa6pYUnewDDeMB8GA1UdIwQY
MBaAFEkNuZnKTOKHxckqsWelAJAiWbsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1EyNW1jcE00b2ZGeVNxeFo2VUFrQ0padXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82ZjcxZjMtNjM5OS00OTEzLWI5OGUt
OThlMjVlMDQ2OTA4LzEvTkhGbXdBLURLRE5hX2d4TnJxbGhTZDdBTU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82ZjcxZjMtNjM5OS00OTEzLWI5OGUtOThlMjVlMDQ2OTA4
LzEvU1EyNW1jcE00b2ZGeVNxeFo2VUFrQ0padXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEURDwMA0G
CSqGSIb3DQEBCwUAA4IBAQCOzPRMGtGQzm01hGhav4Bc9+Kd4JSXe4232NR4NVaH
SyDuwiGpt81SGiheOwFUg3YGq8BMujLIOVi8oMw6uYioSPP0f5c9R24j0wP9NDCx
YiY+q4imVPdl5tFxvSCJbQ+fdKJpKq6B8t81xxq1L3n6JpnM4ifOD5ADOQRWRew+
psckTug2ceUc7CgPVF/xZKVhiNQqdyi8R9QbBgKSl0QBVUfSIkGmHXnN2ZsjbH+V
T5vBd4YtRgp8No2J5TvST3iY6pD/90mcs9b47iX67lGTG46wtQQ8ntdvISq+URri
r40CFt1eU7+/WvE/fVqGzoajvNfujXY3e6sMvVHOWA9+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:31 2025 by rpki-client