Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NPS_yN3u4xy5wfnrDzu3AQGdD5M.roa
File: NPS_yN3u4xy5wfnrDzu3AQGdD5M.roa (raw, json)
Hash identifier: Xe6HToboUnSPpbGPBQ1zocqlTHcK4XrRRkNiU0QM77k=
Subject key identifier: 34:F4:BF:C8:DD:EE:E3:1C:B9:C1:F9:EB:0F:3B:B7:01:01:9D:0F:93
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570956E16F37B40C215527923970126AB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NPS_yN3u4xy5wfnrDzu3AQGdD5M.roa
Signing time: Mon 02 Jan 2023 03:45:19 +0000
ROA not before: Mon 02 Jan 2023 03:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60777
IP address blocks: 93.170.0.0/24 maxlen: 24
95.47.136.0/24 maxlen: 24
93.170.25.0/24 maxlen: 24
95.46.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:6e:16:f3:7b:40:c2:15:52:79:23:97:01:26:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34f4bfc8ddeee31cb9c1f9eb0f3bb701019d0f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:90:d9:28:47:82:dd:b0:fe:0d:90:c9:40:45:
d0:13:71:bf:82:5b:39:f0:4a:03:af:d2:cf:8d:c4:
24:f5:98:56:90:94:de:02:d0:3c:62:1d:7e:0e:fa:
00:27:a7:82:83:ea:9a:3d:2f:ce:0f:11:a7:2a:f1:
f2:c0:27:23:ef:7a:e0:d9:04:22:07:1b:a6:57:86:
ba:0c:4c:05:7a:4f:5e:48:3a:41:8b:27:9a:4c:5e:
13:bf:1a:1f:be:35:26:51:9a:ca:b0:ae:59:4a:de:
39:98:9f:b5:11:f4:5c:37:2a:0d:ea:78:3b:a7:d7:
dc:ef:ac:c3:ab:a3:7a:42:22:4a:10:49:c0:02:9e:
2a:28:5e:1f:69:1d:d1:d7:96:9c:9e:ba:48:aa:d2:
35:51:d6:97:c1:05:a2:92:88:0e:96:e1:73:e9:76:
00:75:58:99:ac:fd:a9:fa:76:05:4b:9a:49:ac:5f:
df:be:cd:ec:f8:b2:94:64:13:26:26:c6:af:23:cd:
d6:1f:da:8f:72:cb:fa:ad:fa:28:f5:ce:3a:81:3c:
f1:29:e6:9b:2e:ed:51:6d:76:97:c6:f3:a5:6a:21:
02:80:6c:61:3a:12:b2:83:ed:1e:ea:f3:61:24:9a:
d8:47:34:0a:d6:82:bb:e3:37:a3:ab:6a:c2:3f:a6:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F4:BF:C8:DD:EE:E3:1C:B9:C1:F9:EB:0F:3B:B7:01:01:9D:0F:93
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/NPS_yN3u4xy5wfnrDzu3AQGdD5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.0.0/24
93.170.25.0/24
95.46.108.0/24
95.47.136.0/24
Signature Algorithm: sha256WithRSAEncryption
27:59:82:26:f0:06:c7:2a:de:91:48:b4:f6:c8:c3:6a:0c:83:
42:75:06:6e:58:d2:b3:20:e2:91:03:de:76:b2:a4:23:3e:c5:
17:90:27:73:34:79:c8:36:3d:04:75:0c:43:89:b2:bc:69:37:
f1:e1:18:a6:54:40:31:d4:4d:9b:14:d3:28:44:ab:56:fb:44:
e8:cf:32:b1:cd:86:a9:dc:69:51:76:ad:02:fe:03:6e:5b:df:
e1:86:65:19:d2:c9:88:bd:c4:23:a6:2f:0d:bd:90:b2:b3:d8:
53:42:c0:f7:ce:c0:47:d5:68:57:ad:b6:74:1f:e9:85:02:ba:
15:f4:f7:11:c9:e6:15:06:a2:3d:59:89:64:4d:16:0c:33:29:
6c:5b:39:95:7c:1c:42:2d:84:d8:0e:fe:46:39:98:c7:ee:2f:
45:54:a4:6b:21:94:b4:65:b5:02:a0:ba:07:8f:4f:d3:1f:52:
40:9c:de:7d:96:a4:b8:c9:44:27:79:ea:fa:aa:53:78:37:e3:
ee:b8:1f:e2:72:36:9b:b7:54:8c:63:59:2a:01:d6:35:b0:ea:
0e:22:97:38:09:96:31:24:36:57:08:14:9b:75:40:35:2a:70:
11:40:e3:04:a1:a5:86:c3:13:12:b9:1f:7b:06:e3:3e:c1:df:
1e:30:75:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwlW4W83tAwhVSeSOXASarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY0YmZjOGRkZWVlMzFjYjljMWY5ZWIwZjNiYjcwMTAxOWQwZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJDZKEeC3bD+DZDJQEXQE3G/gls5
8EoDr9LPjcQk9ZhWkJTeAtA8Yh1+DvoAJ6eCg+qaPS/ODxGnKvHywCcj73rg2QQi
BxumV4a6DEwFek9eSDpBiyeaTF4TvxofvjUmUZrKsK5ZSt45mJ+1EfRcNyoN6ng7
p9fc76zDq6N6QiJKEEnAAp4qKF4faR3R15acnrpIqtI1UdaXwQWikogOluFz6XYA
dViZrP2p+nYFS5pJrF/fvs3s+LKUZBMmJsavI83WH9qPcsv6rfoo9c46gTzxKeab
Lu1RbXaXxvOlaiECgGxhOhKyg+0e6vNhJJrYRzQK1oK74zejq2rCP6ZAWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDT0v8jd7uMcucH56w87twEBnQ+TMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTlBTX3lOM3U0eHk1d2ZuckR6dTNBUUdkRDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXaoAAwQA
XaoZAwQAXy5sAwQAXy+IMA0GCSqGSIb3DQEBCwUAA4IBAQAnWYIm8AbHKt6RSLT2
yMNqDINCdQZuWNKzIOKRA952sqQjPsUXkCdzNHnINj0EdQxDibK8aTfx4RimVEAx
1E2bFNMoRKtW+0TozzKxzYap3GlRdq0C/gNuW9/hhmUZ0smIvcQjpi8NvZCys9hT
QsD3zsBH1WhXrbZ0H+mFAroV9PcRyeYVBqI9WYlkTRYMMylsWzmVfBxCLYTYDv5G
OZjH7i9FVKRrIZS0ZbUCoLoHj0/TH1JAnN59lqS4yUQneer6qlN4N+PuuB/icjab
t1SMY1kqAdY1sOoOIpc4CZYxJDZXCBSbdUA1KnARQOMEoaWGwxMSuR97BuM+wd8e
MHXL
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:59 2025 by rpki-client