Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nw9-wOVEju9MiKr_r1lc8Ihw9sg.roa
File: nw9-wOVEju9MiKr_r1lc8Ihw9sg.roa (raw, json)
Hash identifier: /+fFTALzAFcQFU9dqC7crhAdeUbDy+SzmRtVTkR3YOM=
Subject key identifier: 9F:0F:7E:C0:E5:44:8E:EF:4C:88:AA:FF:AF:59:5C:F0:88:70:F6:C8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018AE0FA6216D3B86BDCDFEF0CB0103130A2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nw9-wOVEju9MiKr_r1lc8Ihw9sg.roa
Signing time: Fri 29 Sep 2023 12:47:00 +0000
ROA not before: Fri 29 Sep 2023 12:47:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399073
IP address blocks: 89.213.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:fa:62:16:d3:b8:6b:dc:df:ef:0c:b0:10:31:30:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 29 12:47:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f0f7ec0e5448eef4c88aaffaf595cf08870f6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:ba:ff:fc:d9:c6:b7:54:2c:4c:09:26:da:
53:f3:5f:6f:3f:96:63:a0:fa:5a:4f:3e:d0:46:56:
3f:d2:62:71:59:68:3f:93:4c:73:83:8a:fd:e3:9e:
68:71:8a:d9:48:bc:56:ab:55:a5:18:8e:81:f6:6a:
63:ef:33:6f:80:96:9a:ab:35:39:73:cb:87:6c:53:
b7:17:96:2f:c6:3f:a7:17:50:f3:4f:40:39:bf:27:
74:09:80:ef:2c:77:f6:13:63:08:cd:1b:e9:33:99:
65:83:58:07:f3:69:ac:0c:00:48:c4:5d:ae:37:4b:
10:84:82:d1:21:d3:9f:07:c0:a6:25:6b:38:c4:3c:
20:a8:37:2c:71:0d:e1:cf:d2:7e:76:c8:86:e8:a6:
19:3e:a0:bd:c4:20:e2:ff:b9:fb:5f:4c:8e:ed:1f:
fe:2b:d8:6f:cf:27:f8:ff:44:d8:46:c3:93:00:4e:
01:67:b7:b5:d5:4c:da:48:2e:94:67:74:af:b4:89:
62:62:1e:6a:d1:f6:af:01:b2:09:ec:c1:60:5a:ef:
da:35:fb:36:87:a1:01:ef:c3:e9:8c:ae:ae:22:76:
57:85:fc:7f:aa:3e:4d:db:01:2d:0f:32:d4:45:d8:
15:26:e3:b5:01:9e:7a:61:9b:2d:2b:ef:fd:d5:26:
d7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0F:7E:C0:E5:44:8E:EF:4C:88:AA:FF:AF:59:5C:F0:88:70:F6:C8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nw9-wOVEju9MiKr_r1lc8Ihw9sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.156.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:9d:1a:b3:44:cb:54:b1:77:2d:10:99:e9:0c:8e:a8:21:01:
0c:f7:4b:05:12:bb:12:d7:3e:84:a3:1c:25:26:f7:d6:e8:8d:
b1:2a:aa:06:16:59:72:f1:47:c5:eb:bf:55:14:38:1b:6f:e3:
ec:03:6d:ed:80:86:fe:23:46:03:db:e5:77:e3:42:3c:76:3d:
fb:d2:64:4f:69:4c:ea:d2:0a:7e:42:62:82:53:67:04:9f:11:
03:81:ef:8e:70:e6:d4:7e:6a:fa:37:02:90:a9:bb:97:76:ef:
97:90:65:4e:03:14:bc:3c:d0:3c:e1:82:1f:e0:3c:12:ce:53:
ae:ca:e6:24:d3:f3:2d:e0:a1:3f:64:c4:72:28:80:77:7b:8f:
12:c0:89:ad:f7:53:96:bb:25:a7:9a:cc:0a:8f:da:0d:ff:95:
77:59:ec:c8:4a:35:3a:d6:75:40:d6:6f:12:af:c3:5d:ad:c1:
9d:71:d2:a7:92:88:53:48:44:b8:60:7d:da:cb:38:12:55:b8:
34:25:1d:3a:28:c6:b0:6e:fb:88:c3:91:5a:fd:68:06:8e:24:
e5:96:7c:bf:18:0a:d2:fe:ea:74:0f:4c:e2:53:2c:06:d7:9a:
69:83:d9:9d:75:78:d7:86:93:66:cb:e9:56:9e:e7:4e:74:dc:
3c:3a:cc:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrg+mIW07hr3N/vDLAQMTCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTI5MTI0NzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjBmN2VjMGU1NDQ4ZWVmNGM4OGFhZmZhZjU5NWNmMDg4NzBmNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9S6//zZxrdULEwJJtpT819vP5Zj
oPpaTz7QRlY/0mJxWWg/k0xzg4r9455ocYrZSLxWq1WlGI6B9mpj7zNvgJaaqzU5
c8uHbFO3F5Yvxj+nF1DzT0A5vyd0CYDvLHf2E2MIzRvpM5llg1gH82msDABIxF2u
N0sQhILRIdOfB8CmJWs4xDwgqDcscQ3hz9J+dsiG6KYZPqC9xCDi/7n7X0yO7R/+
K9hvzyf4/0TYRsOTAE4BZ7e11UzaSC6UZ3SvtIliYh5q0favAbIJ7MFgWu/aNfs2
h6EB78PpjK6uInZXhfx/qj5N2wEtDzLURdgVJuO1AZ56YZstK+/91SbXHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8PfsDlRI7vTIiq/69ZXPCIcPbIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbnc5LXdPVkVqdTlNaUtyX3IxbGM4SWh3OXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWdWcMA0G
CSqGSIb3DQEBCwUAA4IBAQAcnRqzRMtUsXctEJnpDI6oIQEM90sFErsS1z6Eoxwl
JvfW6I2xKqoGFlly8UfF679VFDgbb+PsA23tgIb+I0YD2+V340I8dj370mRPaUzq
0gp+QmKCU2cEnxEDge+OcObUfmr6NwKQqbuXdu+XkGVOAxS8PNA84YIf4DwSzlOu
yuYk0/Mt4KE/ZMRyKIB3e48SwImt91OWuyWnmswKj9oN/5V3WezISjU61nVA1m8S
r8NdrcGdcdKnkohTSES4YH3ayzgSVbg0JR06KMawbvuIw5Fa/WgGjiTllny/GArS
/up0D0ziUywG15ppg9mddXjXhpNmy+lWnudOdNw8Osx4
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:30 2025 by rpki-client