Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Nhv_HP7RB8j16ZXmkLaR_mD1djk.roa
File: Nhv_HP7RB8j16ZXmkLaR_mD1djk.roa (raw, json)
Hash identifier: 4FKwU8q6q4QfA+Z7l9KLSn3HKvogxcvI1fbmgjjiu68=
Subject key identifier: 36:1B:FF:1C:FE:D1:07:C8:F5:E9:95:E6:90:B6:91:FE:60:F5:76:39
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01891C87836737E75FF2AD5117055C25D748
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Nhv_HP7RB8j16ZXmkLaR_mD1djk.roa
Signing time: Mon 03 Jul 2023 16:13:10 +0000
ROA not before: Mon 03 Jul 2023 16:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 185.49.125.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:87:83:67:37:e7:5f:f2:ad:51:17:05:5c:25:d7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 3 16:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=361bff1cfed107c8f5e995e690b691fe60f57639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1a:af:3c:6d:5f:ad:bf:2d:4f:2f:6b:eb:ca:
84:2a:ee:9d:50:cc:c6:ad:b6:8d:88:0e:94:a2:da:
c3:5b:aa:da:bc:0e:92:85:62:2a:cf:f7:94:54:7e:
84:0e:3e:d8:ab:d4:71:db:38:5b:ba:33:14:c5:5b:
45:53:6e:61:21:5b:75:71:3b:33:9b:9e:8a:c8:60:
61:11:0d:1e:78:47:31:ba:0c:7b:21:95:74:76:62:
04:bd:82:e2:ce:f4:4f:57:12:1e:9b:b4:a5:76:ee:
e2:ef:a4:29:dd:b1:13:a3:f7:8e:23:52:b1:4a:2d:
47:a2:b6:c2:ee:dd:f4:09:e2:29:39:7d:f8:98:99:
06:ec:08:8e:30:e8:6b:57:cc:09:a0:86:f0:58:47:
16:f5:ec:c9:7c:2e:4e:93:8c:95:46:95:e4:4b:0a:
02:5d:5a:2e:67:0d:82:19:72:35:93:34:37:db:e0:
c5:28:50:9b:b2:12:92:4c:b4:97:29:8d:a1:e7:f1:
2c:29:78:66:c7:a7:91:56:7f:63:4f:47:bb:ad:4b:
7c:18:ce:2b:0e:bb:29:4a:1c:eb:8f:72:54:c7:2e:
12:05:b0:a9:cb:5e:a5:9a:ea:fb:d8:80:27:c9:40:
f4:0d:7e:2a:60:6f:a4:76:e2:7b:60:8a:78:01:72:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1B:FF:1C:FE:D1:07:C8:F5:E9:95:E6:90:B6:91:FE:60:F5:76:39
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Nhv_HP7RB8j16ZXmkLaR_mD1djk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.221.0/24
89.213.145.0/24
89.213.155.0/24
89.213.160.0/24
89.213.183.0/24
109.176.243.0/24
185.49.125.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d3:58:6f:9b:2f:ae:14:b8:7e:3c:e7:3b:20:61:a8:44:5a:
3b:69:d1:e5:c6:a7:55:d0:d3:7c:27:a3:12:6b:ec:02:8b:0d:
36:c9:0a:e7:de:c7:cb:7f:ff:81:1d:b1:da:0f:80:89:85:19:
3c:94:2a:35:6a:6e:0e:2c:9c:ff:52:99:ac:75:fb:ca:c8:87:
1b:17:03:85:e1:b7:88:ef:26:46:73:d4:86:c1:62:aa:50:0d:
fd:48:fc:89:f4:3b:b2:65:ab:b5:94:03:55:aa:e7:1c:05:8a:
22:11:e0:d4:6a:67:fe:91:ce:2c:a5:92:51:ff:2f:f8:da:68:
32:27:a4:df:a5:32:f0:d9:9f:33:50:a4:96:e8:a0:10:1d:56:
6e:64:3a:fe:02:de:f8:f9:40:69:34:51:05:56:9f:4c:59:81:
24:b2:a4:fe:e0:8c:be:1b:6d:12:08:fc:66:b7:28:2d:ec:0e:
ea:ed:48:47:74:e1:cc:63:37:2f:a6:6e:69:a2:24:15:ee:48:
50:0e:82:1a:7b:4e:a8:f2:13:82:86:2d:3f:c3:ea:f6:1d:82:
a7:ef:42:28:9a:47:a5:92:48:c6:db:e0:ad:c2:86:53:49:68:
e4:6d:fd:72:8e:d5:c6:08:95:24:89:46:bc:6b:f8:b1:fa:02:
06:43:b9:50
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkch4NnN+df8q1RFwVcJddIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzAzMTYxMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFiZmYxY2ZlZDEwN2M4ZjVlOTk1ZTY5MGI2OTFmZTYwZjU3NjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRqvPG1frb8tTy9r68qEKu6dUMzG
rbaNiA6UotrDW6ravA6ShWIqz/eUVH6EDj7Yq9Rx2zhbujMUxVtFU25hIVt1cTsz
m56KyGBhEQ0eeEcxugx7IZV0dmIEvYLizvRPVxIem7Sldu7i76Qp3bETo/eOI1Kx
Si1HorbC7t30CeIpOX34mJkG7AiOMOhrV8wJoIbwWEcW9ezJfC5Ok4yVRpXkSwoC
XVouZw2CGXI1kzQ32+DFKFCbshKSTLSXKY2h5/EsKXhmx6eRVn9jT0e7rUt8GM4r
DrspShzrj3JUxy4SBbCpy16lmur72IAnyUD0DX4qYG+kduJ7YIp4AXKwlwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDYb/xz+0QfI9emV5pC2kf5g9XY5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTmh2X0hQN1JCOGoxNlpYbWtMYVJfbUQxZGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpndAwQA
WdWRAwQAWdWbAwQAWdWgAwQAWdW3AwQAbbDzAwQAuTF9MA0GCSqGSIb3DQEBCwUA
A4IBAQAw01hvmy+uFLh+POc7IGGoRFo7adHlxqdV0NN8J6MSa+wCiw02yQrn3sfL
f/+BHbHaD4CJhRk8lCo1am4OLJz/UpmsdfvKyIcbFwOF4beI7yZGc9SGwWKqUA39
SPyJ9DuyZau1lANVquccBYoiEeDUamf+kc4spZJR/y/42mgyJ6TfpTLw2Z8zUKSW
6KAQHVZuZDr+At74+UBpNFEFVp9MWYEksqT+4Iy+G20SCPxmtygt7A7q7UhHdOHM
Yzcvpm5poiQV7khQDoIae06o8hOChi0/w+r2HYKn70IomkelkkjG2+CtwoZTSWjk
bf1yjtXGCJUkiUa8a/ix+gIGQ7lQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:37 2025 by rpki-client