Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NVG2AhA1DSfc9j0R4kIm9fnOpwI.roa
File: NVG2AhA1DSfc9j0R4kIm9fnOpwI.roa (raw, json)
Hash identifier: fKF0cIQ2lWsFDNPKeB0yXeJU97V/BvunIVv940gK50I=
Subject key identifier: 35:51:B6:02:10:35:0D:27:DC:F6:3D:11:E2:42:26:F5:F9:CE:A7:02
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018930FC06995973AE33B19D9E070DD40733
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NVG2AhA1DSfc9j0R4kIm9fnOpwI.roa
Signing time: Fri 07 Jul 2023 15:32:50 +0000
ROA not before: Fri 07 Jul 2023 15:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140155
IP address blocks: 109.176.252.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
89.213.47.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:fc:06:99:59:73:ae:33:b1:9d:9e:07:0d:d4:07:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 7 15:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3551b60210350d27dcf63d11e24226f5f9cea702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:92:d1:04:ec:73:a5:ca:08:af:c4:4e:3d:
ab:f2:df:d8:f4:7a:4f:c6:39:a8:41:4d:41:53:c7:
e3:0c:1f:ed:d9:98:f5:04:44:03:de:6f:df:5e:89:
ed:db:c7:f7:90:a9:d1:0e:8a:8b:c6:ef:11:38:22:
46:82:78:9a:16:ca:d0:84:b7:dc:ca:51:3c:50:b4:
b2:98:20:37:73:a0:e8:0e:e7:57:f5:76:71:e6:ec:
8b:00:d1:1f:b7:d0:bc:ac:0a:81:87:cd:e2:07:6a:
31:d8:8e:5a:79:72:60:24:21:b4:12:ab:5e:a4:fb:
56:67:ba:b8:de:be:50:55:7f:1d:35:c2:14:58:a4:
4c:9e:b5:8c:6f:b6:a4:99:3b:e4:df:fc:11:07:69:
a6:e7:95:a9:be:35:75:c1:41:ee:1d:d8:1a:bd:da:
74:f8:a4:7e:00:72:9c:4c:2c:18:53:96:5f:22:fd:
bd:73:02:99:00:f2:c5:c8:ee:3f:a0:a8:7b:ae:8d:
ab:77:04:f6:e1:bd:82:0c:27:7e:69:ee:06:bc:41:
33:7d:2d:5f:47:2a:70:60:0c:0e:6c:ce:22:9c:fe:
7b:4a:02:e9:ee:79:0f:10:37:54:1a:5b:29:51:71:
09:7f:54:dc:95:f2:12:b3:81:36:4c:03:32:8d:04:
ae:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:51:B6:02:10:35:0D:27:DC:F6:3D:11:E2:42:26:F5:F9:CE:A7:02
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NVG2AhA1DSfc9j0R4kIm9fnOpwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
82.153.227.0/24
89.213.47.0/24
89.213.141.0/24
89.213.146.0/24
89.213.154.0/24
89.213.162.0/24
89.213.164.0/24
89.213.174.0/24
89.213.181.0/24
89.213.188.0/23
109.176.251.0-109.176.253.255
Signature Algorithm: sha256WithRSAEncryption
0e:ed:56:19:31:ea:09:23:88:81:5c:58:b3:7f:00:a8:f4:91:
b5:c6:a7:68:d1:6c:b1:cd:24:57:ab:93:c9:aa:e0:43:99:bb:
1e:d9:61:7f:42:86:77:29:78:aa:e9:4f:21:14:fd:35:8b:31:
35:4e:04:5e:dc:22:06:5c:c8:da:08:1a:f4:13:96:b7:f7:7c:
6d:21:85:25:4f:26:44:53:2d:95:4c:95:35:c6:0d:59:05:e6:
19:01:9f:18:3d:46:d4:e4:2e:8b:56:b1:35:73:9b:28:14:1d:
a0:d5:fd:c8:45:c2:50:35:b5:e8:3b:52:c5:e6:e8:ce:06:b9:
34:e0:95:fa:24:c4:99:07:f9:c0:4f:45:42:ad:d5:83:40:3a:
1b:64:a3:16:d8:8d:ce:0d:e4:31:9a:af:0a:26:a5:71:b5:59:
a1:9c:78:a3:ce:29:6f:4c:be:eb:c3:e9:65:3f:e6:57:0c:9f:
80:53:2a:a4:6d:38:b6:6a:14:ea:1e:86:76:91:69:f4:f0:86:
96:67:f9:de:13:b3:19:a8:af:c2:d5:ce:c9:db:22:d6:30:93:
eb:4a:5b:8b:d1:5a:ab:ce:bd:5b:c9:6a:1b:06:15:52:bb:7f:
5e:a2:a9:0f:0c:1c:a8:08:7d:e1:16:7e:82:21:3b:6b:a4:39:
fb:12:2c:75
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYkw/AaZWXOuM7GdngcN1AczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA3MTUzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTUxYjYwMjEwMzUwZDI3ZGNmNjNkMTFlMjQyMjZmNWY5Y2VhNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HqS0QTsc6XKCK/ETj2r8t/Y9HpP
xjmoQU1BU8fjDB/t2Zj1BEQD3m/fXont28f3kKnRDoqLxu8ROCJGgniaFsrQhLfc
ylE8ULSymCA3c6DoDudX9XZx5uyLANEft9C8rAqBh83iB2ox2I5aeXJgJCG0Eqte
pPtWZ7q43r5QVX8dNcIUWKRMnrWMb7akmTvk3/wRB2mm55WpvjV1wUHuHdgavdp0
+KR+AHKcTCwYU5ZfIv29cwKZAPLFyO4/oKh7ro2rdwT24b2CDCd+ae4GvEEzfS1f
RypwYAwObM4inP57SgLp7nkPEDdUGlspUXEJf1TclfISs4E2TAMyjQSuywIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDVRtgIQNQ0n3PY9EeJCJvX5zqcCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTlZHMkFoQTFEU2ZjOWowUjRrSW05Zm5PcHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUpnhAwQA
UpnjAwQAWdUvAwQAWdWNAwQAWdWSAwQAWdWaAwQAWdWiAwQAWdWkAwQAWdWuAwQA
WdW1AwQBWdW8MAwDBABtsPsDBAFtsPwwDQYJKoZIhvcNAQELBQADggEBAA7tVhkx
6gkjiIFcWLN/AKj0kbXGp2jRbLHNJFerk8mq4EOZux7ZYX9ChncpeKrpTyEU/TWL
MTVOBF7cIgZcyNoIGvQTlrf3fG0hhSVPJkRTLZVMlTXGDVkF5hkBnxg9RtTkLotW
sTVzmygUHaDV/chFwlA1teg7UsXm6M4GuTTglfokxJkH+cBPRUKt1YNAOhtkoxbY
jc4N5DGarwompXG1WaGceKPOKW9MvuvD6WU/5lcMn4BTKqRtOLZqFOoehnaRafTw
hpZn+d4Tsxmor8LVzsnbItYwk+tKW4vRWqvOvVvJahsGFVK7f16iqQ8MHKgIfeEW
foIhO2ukOfsSLHU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:31 2025 by rpki-client