Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/nfM1AxyBoVi5m64wh-tVhBj_rPs.roa
File: nfM1AxyBoVi5m64wh-tVhBj_rPs.roa (raw, json)
Hash identifier: R+2HSOktdyIDWS/ypp/7DnbObpttfoz16W1tzRFKPPo=
Subject key identifier: 9D:F3:35:03:1C:81:A1:58:B9:9B:AE:30:87:EB:55:84:18:FF:AC:FB
Certificate issuer: /CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Certificate serial: 01856C5CB4C728CF27491D855F3BFA85FF08
Authority key identifier: 95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/nfM1AxyBoVi5m64wh-tVhBj_rPs.roa
Signing time: Sun 01 Jan 2023 08:04:52 +0000
ROA not before: Sun 01 Jan 2023 08:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43459
IP address blocks: 86.105.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:b4:c7:28:cf:27:49:1d:85:5f:3b:fa:85:ff:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Validity
Not Before: Jan 1 08:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9df335031c81a158b99bae3087eb558418ffacfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:78:49:77:be:e2:30:b0:f1:6e:23:64:b3:6b:
bf:49:7e:f8:5a:e3:bd:ee:c8:64:a7:51:fd:2b:28:
80:33:f5:5a:06:78:aa:25:98:73:e1:f0:e3:ab:a6:
c5:98:90:7a:2e:59:ab:aa:69:2b:b0:15:f5:0b:ff:
37:b0:8b:13:c7:07:1f:96:09:dd:83:0c:8c:81:4a:
23:d7:87:1c:32:e6:ea:b7:e2:7c:82:1a:f8:fe:52:
c5:e6:e6:32:d7:ef:c1:05:c0:d7:7b:1e:02:d9:c4:
8b:c0:6b:74:4a:0a:f4:7f:4c:bf:e8:be:86:b5:aa:
ad:f5:ca:5c:8f:12:b2:13:f4:e0:86:99:a7:04:27:
da:e5:ac:5e:f6:a7:13:b3:fd:03:a1:08:fa:75:78:
49:5c:74:f8:bb:4a:8c:9d:d1:a0:36:71:a1:8c:65:
a7:90:0f:44:86:69:a1:52:0d:e8:4f:80:98:fb:a4:
56:cd:77:7a:89:8e:0d:d8:e2:06:6a:56:7b:bf:12:
33:72:21:5e:13:f0:5d:4a:81:5b:3c:d9:54:71:b5:
5f:bd:57:62:bd:65:3d:ac:83:b5:44:5f:4a:2b:a8:
9a:fd:45:0e:f6:a0:f5:70:df:76:66:d5:3f:2a:ef:
9b:5a:e9:db:1f:61:16:d8:5a:a1:39:46:d0:c3:6e:
3d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F3:35:03:1C:81:A1:58:B9:9B:AE:30:87:EB:55:84:18:FF:AC:FB
X509v3 Authority Key Identifier:
keyid:95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/nfM1AxyBoVi5m64wh-tVhBj_rPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.198.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:f2:f2:e3:82:21:7a:ee:32:40:3f:f4:5a:1b:1b:e7:44:1e:
0a:a6:cf:47:d5:41:f8:70:c5:cc:6b:5a:94:a8:f1:a2:31:d9:
52:11:b0:ae:51:ae:83:10:b0:96:d3:fd:53:4c:a2:ee:9f:cc:
27:cc:5e:fc:1d:64:6b:13:c9:eb:3f:7f:88:58:10:55:dd:12:
27:0a:d1:6d:69:f3:85:a9:33:a0:22:a7:8f:b1:90:6f:35:4c:
e2:a7:86:e8:9c:72:9d:e0:f7:fc:b1:d1:09:fd:6f:5f:23:1b:
69:8e:1b:9e:83:09:c8:3f:61:4a:14:d9:6a:65:f4:54:25:85:
56:c4:fd:28:e3:b0:12:a0:7e:6c:5e:b6:fd:b6:d5:9a:0a:1f:
e8:1d:93:5a:73:34:c1:da:93:ae:7d:53:ef:6a:b2:b8:d0:8f:
14:32:03:f2:74:4a:4d:52:ab:1f:18:f6:91:7d:b9:f3:50:d3:
8b:bf:03:2a:bc:f3:eb:af:07:b3:e9:42:82:3e:dc:26:5f:2e:
d3:f3:9a:e8:9e:d7:a4:6c:d4:1a:e5:b9:88:11:cf:c1:9d:f6:
3e:b1:78:24:ee:62:aa:1e:a1:45:03:e6:64:f9:00:90:64:55:
c8:3b:57:e7:d3:a8:fe:a9:e2:04:db:dd:b9:54:5e:6b:54:3e:
7b:4a:14:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsXLTHKM8nSR2FXzv6hf8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NWZjZjkyNzk4YTlkYmIzMGFiZDJiOWZhMjliZmE4ODA0
MjIwZjMwHhcNMjMwMTAxMDgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGYzMzUwMzFjODFhMTU4Yjk5YmFlMzA4N2ViNTU4NDE4ZmZhY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3hJd77iMLDxbiNks2u/SX74WuO9
7shkp1H9KyiAM/VaBniqJZhz4fDjq6bFmJB6LlmrqmkrsBX1C/83sIsTxwcflgnd
gwyMgUoj14ccMubqt+J8ghr4/lLF5uYy1+/BBcDXex4C2cSLwGt0Sgr0f0y/6L6G
taqt9cpcjxKyE/TghpmnBCfa5axe9qcTs/0DoQj6dXhJXHT4u0qMndGgNnGhjGWn
kA9EhmmhUg3oT4CY+6RWzXd6iY4N2OIGalZ7vxIzciFeE/BdSoFbPNlUcbVfvVdi
vWU9rIO1RF9KK6ia/UUO9qD1cN92ZtU/Ku+bWunbH2EW2FqhOUbQw249JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3zNQMcgaFYuZuuMIfrVYQY/6z7MB8GA1UdIwQY
MBaAFJVfz5J5ip27MKvSufopv6iAQiDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFZfUGtubUtuYnN3cTlLNS1pbV9xSUJDSVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9kZjE0MGEtMGFjMy00MTA1LWI4M2Et
MDUxODg2ZDBlZDRlLzEvbmZNMUF4eUJvVmk1bTY0d2gtdFZoQmpfclBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9kZjE0MGEtMGFjMy00MTA1LWI4M2EtMDUxODg2ZDBlZDRl
LzEvbFZfUGtubUtuYnN3cTlLNS1pbV9xSUJDSVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmnGMA0G
CSqGSIb3DQEBCwUAA4IBAQBq8vLjgiF67jJAP/RaGxvnRB4Kps9H1UH4cMXMa1qU
qPGiMdlSEbCuUa6DELCW0/1TTKLun8wnzF78HWRrE8nrP3+IWBBV3RInCtFtafOF
qTOgIqePsZBvNUzip4bonHKd4Pf8sdEJ/W9fIxtpjhuegwnIP2FKFNlqZfRUJYVW
xP0o47ASoH5sXrb9ttWaCh/oHZNaczTB2pOufVPvarK40I8UMgPydEpNUqsfGPaR
fbnzUNOLvwMqvPPrrwez6UKCPtwmXy7T85rontekbNQa5bmIEc/BnfY+sXgk7mKq
HqFFA+Zk+QCQZFXIO1fn06j+qeIE2925VF5rVD57ShRL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:54 2025 by rpki-client