Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/92b548-fdba-4cd4-8361-3cd952ba005d/1/niMpOY_d6g1oelWdGRfPoL-GgKU.roa
File: niMpOY_d6g1oelWdGRfPoL-GgKU.roa (raw, json)
Hash identifier: SSpD0HnU/jLCClERJadC1Ey+TmnXZwRMStYiBqBeO9Q=
Subject key identifier: 9E:23:29:39:8F:DD:EA:0D:68:7A:55:9D:19:17:CF:A0:BF:86:80:A5
Certificate issuer: /CN=0d12e0c7774191a55c3d1931fbf20004335fd21c
Certificate serial: 0186DDD511ADDA00FF710F5ADE3735473A25
Authority key identifier: 0D:12:E0:C7:77:41:91:A5:5C:3D:19:31:FB:F2:00:04:33:5F:D2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DRLgx3dBkaVcPRkx-_IABDNf0hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/92b548-fdba-4cd4-8361-3cd952ba005d/1/niMpOY_d6g1oelWdGRfPoL-GgKU.roa
Signing time: Tue 14 Mar 2023 01:56:13 +0000
ROA not before: Tue 14 Mar 2023 01:56:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34121
IP address blocks: 91.201.184.0/22 maxlen: 24
2001:678:d8c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:dd:d5:11:ad:da:00:ff:71:0f:5a:de:37:35:47:3a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d12e0c7774191a55c3d1931fbf20004335fd21c
Validity
Not Before: Mar 14 01:56:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2329398fddea0d687a559d1917cfa0bf8680a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:4b:5c:12:06:67:fe:e9:33:62:b5:20:47:
b0:02:d3:a8:76:cb:55:6a:86:a2:2b:a7:a8:5f:9c:
fd:e3:0b:ea:03:a8:f3:60:be:78:69:fe:72:5b:f3:
fa:8c:cf:bd:79:b3:65:ec:e6:23:54:67:d2:d9:fe:
2c:82:4b:3b:91:85:ce:36:15:26:d2:e9:47:b0:9b:
c3:ae:2e:f0:4a:0f:46:9b:c6:80:c1:0f:68:27:ab:
a9:aa:0c:1f:d0:07:98:8a:75:bb:b2:ee:d9:30:4a:
ca:a9:aa:40:b4:8e:d5:77:76:39:70:3d:91:bd:6e:
47:4c:9e:a6:ee:71:20:64:6e:ea:b4:21:40:d0:15:
39:3d:b5:74:39:0c:95:b4:83:f4:3f:fa:51:52:1d:
b0:c3:c5:2c:b2:61:29:2e:cc:e8:00:5b:46:75:84:
06:e8:fc:f5:35:0b:d2:fa:9c:c6:11:15:c9:d6:e8:
c5:20:04:8d:11:4b:95:9b:dd:ab:af:7f:eb:62:12:
86:f8:da:33:38:b7:68:01:a1:7f:6c:fe:cb:5b:10:
6b:c0:e8:02:35:07:1b:f1:50:3c:db:e2:7f:57:ad:
2a:fd:ca:06:8f:1b:8f:d4:c4:11:32:80:aa:de:a4:
e0:fa:22:02:50:0b:2b:b8:58:23:e7:07:72:3a:96:
6a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:23:29:39:8F:DD:EA:0D:68:7A:55:9D:19:17:CF:A0:BF:86:80:A5
X509v3 Authority Key Identifier:
keyid:0D:12:E0:C7:77:41:91:A5:5C:3D:19:31:FB:F2:00:04:33:5F:D2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRLgx3dBkaVcPRkx-_IABDNf0hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/92b548-fdba-4cd4-8361-3cd952ba005d/1/niMpOY_d6g1oelWdGRfPoL-GgKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/92b548-fdba-4cd4-8361-3cd952ba005d/1/DRLgx3dBkaVcPRkx-_IABDNf0hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.184.0/22
IPv6:
2001:678:d8c::/48
Signature Algorithm: sha256WithRSAEncryption
93:7e:45:cb:e8:8f:bf:82:c4:2f:16:a2:dd:33:1e:66:77:e0:
1b:cd:ce:d6:ae:21:ed:90:33:7c:6f:39:07:68:14:5f:6f:69:
64:22:78:bb:2e:e0:9b:8a:95:9e:84:12:ba:33:e1:7c:a4:11:
17:c0:00:5e:f3:1d:28:b4:fb:1d:6c:30:af:97:cc:84:cd:8a:
dd:39:96:5a:a9:58:93:43:99:72:a3:8b:96:3e:db:5d:f3:30:
dc:90:d2:eb:ac:df:b2:de:be:a8:9c:8a:6a:84:09:9a:62:87:
a7:fa:50:82:3e:b7:d6:ba:da:be:bb:df:c2:c5:8b:34:16:f1:
c8:db:cd:7e:6b:06:0d:3a:14:71:fa:6b:00:4a:6e:32:a6:fe:
82:ed:fb:6c:c1:ca:a2:ba:ee:41:c5:a9:08:b2:3e:70:09:60:
71:3c:83:76:59:01:a4:3e:f9:8a:28:f9:f6:6c:52:f3:c2:ca:
95:d0:07:16:52:74:ad:7d:8b:7f:0e:47:a9:bd:2d:c4:c5:bf:
c1:36:d4:bf:a4:d6:13:14:d5:71:51:3c:7b:e2:54:0e:4a:66:
b3:ad:4a:36:b1:82:2c:c8:09:82:4f:1e:78:39:de:cd:f6:d8:
72:ef:8d:3f:9f:45:2e:3b:35:3f:39:1e:65:09:d3:92:97:d5:
47:c3:99:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbd1RGt2gD/cQ9a3jc1RzolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMTJlMGM3Nzc0MTkxYTU1YzNkMTkzMWZiZjIwMDA0MzM1
ZmQyMWMwHhcNMjMwMzE0MDE1NjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTIzMjkzOThmZGRlYTBkNjg3YTU1OWQxOTE3Y2ZhMGJmODY4MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7tLXBIGZ/7pM2K1IEewAtOodstV
aoaiK6eoX5z94wvqA6jzYL54af5yW/P6jM+9ebNl7OYjVGfS2f4sgks7kYXONhUm
0ulHsJvDri7wSg9Gm8aAwQ9oJ6upqgwf0AeYinW7su7ZMErKqapAtI7Vd3Y5cD2R
vW5HTJ6m7nEgZG7qtCFA0BU5PbV0OQyVtIP0P/pRUh2ww8UssmEpLszoAFtGdYQG
6Pz1NQvS+pzGERXJ1ujFIASNEUuVm92rr3/rYhKG+NozOLdoAaF/bP7LWxBrwOgC
NQcb8VA82+J/V60q/coGjxuP1MQRMoCq3qTg+iICUAsruFgj5wdyOpZqdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ4jKTmP3eoNaHpVnRkXz6C/hoClMB8GA1UdIwQY
MBaAFA0S4Md3QZGlXD0ZMfvyAAQzX9IcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFJMZ3gzZEJrYVZjUFJreC1fSUFCRE5mMGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85MmI1NDgtZmRiYS00Y2Q0LTgzNjEt
M2NkOTUyYmEwMDVkLzEvbmlNcE9ZX2Q2ZzFvZWxXZEdSZlBvTC1HZ0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85MmI1NDgtZmRiYS00Y2Q0LTgzNjEtM2NkOTUyYmEwMDVk
LzEvRFJMZ3gzZEJrYVZjUFJreC1fSUFCRE5mMGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8m4MA8E
AgACMAkDBwAgAQZ4DYwwDQYJKoZIhvcNAQELBQADggEBAJN+Rcvoj7+CxC8Wot0z
HmZ34BvNztauIe2QM3xvOQdoFF9vaWQieLsu4JuKlZ6EEroz4XykERfAAF7zHSi0
+x1sMK+XzITNit05llqpWJNDmXKji5Y+213zMNyQ0uus37LevqicimqECZpih6f6
UII+t9a62r6738LFizQW8cjbzX5rBg06FHH6awBKbjKm/oLt+2zByqK67kHFqQiy
PnAJYHE8g3ZZAaQ++Yoo+fZsUvPCypXQBxZSdK19i38OR6m9LcTFv8E21L+k1hMU
1XFRPHviVA5KZrOtSjaxgizICYJPHng53s322HLvjT+fRS47NT85HmUJ05KX1UfD
mRw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:43 2025 by rpki-client