Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/nAKI9IhmZ64KoDX9GGjH1B8Y0hw.roa
File: nAKI9IhmZ64KoDX9GGjH1B8Y0hw.roa (raw, json)
Hash identifier: Wa9HskSyh63ZMh9Ts0V1ydOWnTnVEDqd/L+YiUZyEcE=
Subject key identifier: 9C:02:88:F4:88:66:67:AE:0A:A0:35:FD:18:68:C7:D4:1F:18:D2:1C
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD5195AEC820543A25181607130C270
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/nAKI9IhmZ64KoDX9GGjH1B8Y0hw.roa
Signing time: Mon 02 Jan 2023 00:15:14 +0000
ROA not before: Mon 02 Jan 2023 00:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35397
IP address blocks: 86.107.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:19:5a:ec:82:05:43:a2:51:81:60:71:30:c2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c0288f4886667ae0aa035fd1868c7d41f18d21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d6:ba:a7:7d:16:df:10:ef:cb:d5:d6:8a:e7:
0f:1b:d2:9e:a9:48:8b:f2:1e:73:70:f9:5a:3c:bb:
bd:89:23:04:3b:71:af:fb:1f:91:23:7c:8c:97:ad:
ee:ed:75:f9:2f:33:2c:46:4a:c4:a3:4d:ca:20:d4:
4b:cc:f5:7f:a5:05:03:68:12:86:33:e4:25:33:8f:
1c:fb:31:fb:41:ee:98:09:06:46:5a:30:35:24:d8:
40:35:14:a1:e6:23:2b:6d:16:8b:69:d6:0e:a8:5a:
9b:79:90:8e:02:8c:0a:48:8a:e3:56:d9:ee:dd:6b:
77:0d:42:5a:d4:3c:a7:ba:44:8f:c6:23:d8:78:fc:
8d:88:aa:7f:bc:00:2c:56:0a:12:37:a6:90:f0:f4:
8c:9c:57:0d:f6:04:85:6f:77:a6:5a:5d:62:5f:e8:
ba:3b:2d:5b:44:a7:f9:38:bb:7d:88:b3:85:42:65:
9d:97:60:d7:4a:32:10:71:dd:a2:2e:b0:30:c9:cf:
a3:c4:bd:a1:5f:cb:02:c1:ea:52:a5:5e:03:07:71:
ab:fe:ee:3a:99:c2:f4:89:cf:48:a3:a2:3e:82:94:
fc:38:0e:c5:a2:d8:3e:dc:49:68:70:88:f1:77:ba:
b2:73:bf:16:1b:e6:69:2e:2f:04:e8:c7:c7:f3:f5:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:02:88:F4:88:66:67:AE:0A:A0:35:FD:18:68:C7:D4:1F:18:D2:1C
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/nAKI9IhmZ64KoDX9GGjH1B8Y0hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.240.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:d6:81:3e:62:5b:14:46:67:52:25:bd:20:4a:21:05:d1:08:
8f:79:06:a6:44:32:c3:11:47:75:c8:c3:33:c3:53:35:47:d7:
a5:4a:4d:1b:af:69:7a:4d:20:6e:c5:91:af:f3:46:db:3f:b7:
b6:17:20:30:fd:f8:de:d2:56:64:2f:88:ec:c8:cc:17:cb:79:
bf:f0:67:ed:26:a1:48:6e:4d:1c:43:5d:a1:91:d5:8d:4c:2f:
5b:03:1e:b9:46:e5:4b:cb:a2:00:ed:e5:09:4f:11:9b:87:6f:
6a:3f:ee:86:53:27:09:ed:5f:a7:fc:80:41:57:06:1b:5e:4e:
24:01:43:05:fc:9f:94:7a:bc:8d:64:b0:2a:0d:01:c5:ce:17:
46:ef:49:64:a8:07:c3:4a:e7:ed:45:9d:03:9e:f2:99:c1:9a:
bc:82:e6:c6:13:ee:13:4b:78:f2:6b:1f:ca:e0:01:71:2b:5e:
1f:fe:3c:6d:9d:54:56:b9:37:2e:80:20:28:2f:ca:b9:0b:97:
7b:2a:d9:1b:4b:67:56:6e:db:37:b2:87:c2:45:1b:02:2e:24:
20:17:66:19:d5:3c:18:bd:bc:1f:4a:b4:c1:6f:33:53:e8:60:
e5:07:69:3e:2f:6d:0a:80:74:6d:5e:9e:47:62:9f:e4:f7:71:
29:b7:fd:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1Rla7IIFQ6JRgWBxMMJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAyODhmNDg4NjY2N2FlMGFhMDM1ZmQxODY4YzdkNDFmMThkMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9a6p30W3xDvy9XWiucPG9KeqUiL
8h5zcPlaPLu9iSMEO3Gv+x+RI3yMl63u7XX5LzMsRkrEo03KINRLzPV/pQUDaBKG
M+QlM48c+zH7Qe6YCQZGWjA1JNhANRSh5iMrbRaLadYOqFqbeZCOAowKSIrjVtnu
3Wt3DUJa1DynukSPxiPYePyNiKp/vAAsVgoSN6aQ8PSMnFcN9gSFb3emWl1iX+i6
Oy1bRKf5OLt9iLOFQmWdl2DXSjIQcd2iLrAwyc+jxL2hX8sCwepSpV4DB3Gr/u46
mcL0ic9Io6I+gpT8OA7Fotg+3ElocIjxd7qyc78WG+ZpLi8E6MfH8/WE1QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJwCiPSIZmeuCqA1/Rhox9QfGNIcMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL25BS0k5SWhtWjY0S29EWDlHR2pIMUI4WTBody5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWa/Aw
DQYJKoZIhvcNAQELBQADggEBAMjWgT5iWxRGZ1IlvSBKIQXRCI95BqZEMsMRR3XI
wzPDUzVH16VKTRuvaXpNIG7Fka/zRts/t7YXIDD9+N7SVmQviOzIzBfLeb/wZ+0m
oUhuTRxDXaGR1Y1ML1sDHrlG5UvLogDt5QlPEZuHb2o/7oZTJwntX6f8gEFXBhte
TiQBQwX8n5R6vI1ksCoNAcXOF0bvSWSoB8NK5+1FnQOe8pnBmryC5sYT7hNLePJr
H8rgAXErXh/+PG2dVFa5Ny6AICgvyrkLl3sq2RtLZ1Zu2zeyh8JFGwIuJCAXZhnV
PBi9vB9KtMFvM1PoYOUHaT4vbQqAdG1enkdin+T3cSm3/UA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:40 2025 by rpki-client