Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/NWw1FASlCA75VJgumQCM_bPf3tg.roa
File: NWw1FASlCA75VJgumQCM_bPf3tg.roa (raw, json)
Hash identifier: mNNe5Tyd/VN1ifz+ci02rv96iMgUhn+WffpqceqlQxc=
Subject key identifier: 35:6C:35:14:04:A5:08:0E:F9:54:98:2E:99:00:8C:FD:B3:DF:DE:D8
Certificate issuer: /CN=81062dce1a791e7341d5f4259811ab4d65f6b075
Certificate serial: 029126D9
Authority key identifier: 81:06:2D:CE:1A:79:1E:73:41:D5:F4:25:98:11:AB:4D:65:F6:B0:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQYtzhp5HnNB1fQlmBGrTWX2sHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/NWw1FASlCA75VJgumQCM_bPf3tg.roa
Signing time: Sat 01 Jan 2022 14:04:36 +0000
ROA not before: Sat 01 Jan 2022 14:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199189
IP address blocks: 89.22.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43067097 (0x29126d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81062dce1a791e7341d5f4259811ab4d65f6b075
Validity
Not Before: Jan 1 14:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=356c351404a5080ef954982e99008cfdb3dfded8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b3:c3:fa:ab:ba:5c:b7:43:31:99:1e:4f:38:
ef:9d:d1:d7:99:e1:2d:13:f2:17:49:59:c3:70:5f:
57:a5:9b:43:14:51:26:e1:97:9f:a7:d6:2c:40:8d:
34:b9:8b:3f:1e:76:c4:50:13:64:37:fd:0e:a0:b0:
82:0c:76:50:e3:90:6d:a5:ef:2d:4f:d2:91:ab:ca:
c9:09:27:31:7e:7e:e8:b1:29:f9:54:8d:d2:92:a5:
78:e8:e8:c2:40:ad:b5:da:a2:b7:05:f4:e2:a4:ea:
cd:e3:99:cf:fb:16:7a:e7:62:e0:cc:1b:42:66:a4:
5b:71:82:0c:c4:94:2d:9c:89:70:0d:5e:75:fd:7f:
76:91:4e:1a:4e:46:72:47:d9:fd:22:22:fd:49:10:
a1:35:4f:1b:48:60:d6:1b:85:b8:d4:d6:64:fe:29:
86:79:c1:95:ed:3c:12:d3:5f:b4:7c:b3:99:83:5c:
26:e2:f6:59:f3:11:1f:e3:ba:a7:ad:a0:c0:57:01:
8b:d6:2f:5c:4d:f9:fe:56:6e:b2:96:13:6d:4c:5a:
f2:38:ab:5e:c8:1e:e8:b5:cc:81:6e:99:8b:13:c4:
e5:6d:14:bc:ea:95:91:60:5e:e7:87:b6:b3:86:97:
fc:3d:88:69:7f:f8:ea:24:e2:fd:20:7f:b0:51:71:
92:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6C:35:14:04:A5:08:0E:F9:54:98:2E:99:00:8C:FD:B3:DF:DE:D8
X509v3 Authority Key Identifier:
keyid:81:06:2D:CE:1A:79:1E:73:41:D5:F4:25:98:11:AB:4D:65:F6:B0:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQYtzhp5HnNB1fQlmBGrTWX2sHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/NWw1FASlCA75VJgumQCM_bPf3tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/gQYtzhp5HnNB1fQlmBGrTWX2sHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.49.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:a7:d5:c0:c0:fc:bd:e8:80:25:ff:1f:d2:4c:2f:6f:04:7d:
0e:8d:0b:75:a1:4b:5e:97:9b:2f:be:59:8b:a8:2e:6c:f9:dd:
e2:b4:f8:32:2d:e7:3e:ae:32:ff:84:7e:06:cf:8d:8a:4d:bc:
be:3d:ae:1b:5e:19:7a:16:d4:04:60:17:7f:06:63:85:83:af:
04:88:f9:77:65:33:d1:0d:fb:2b:a9:9a:ae:e7:75:85:da:1a:
1d:d6:7f:b8:4d:19:62:81:61:38:4d:89:26:37:56:7d:27:33:
8c:1f:62:b6:c2:7b:0b:3d:72:81:f8:5c:e4:e5:34:50:4c:1e:
6f:c9:9d:5f:8a:e3:07:a1:93:98:26:a3:0b:7b:2e:16:9d:52:
f0:b5:9b:fb:6c:77:88:60:3f:35:c2:2e:ce:07:04:4b:34:e0:
36:fa:3f:c7:f9:34:2f:a8:11:ef:31:36:18:67:a3:f5:91:7f:
7c:c1:69:cb:9c:08:e4:1c:95:c2:d7:74:ec:31:54:33:d4:c8:
a4:23:31:0a:3d:58:9d:d4:43:66:3c:30:5c:c1:3e:c3:75:34:
b4:94:03:0e:77:0f:7a:9a:9d:86:c0:78:7a:54:f4:ed:02:02:
ad:2d:8e:ab:c3:dd:97:cc:2e:b6:7e:79:ba:ca:9c:e5:cb:a9:
57:6b:f2:8e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApEm2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTA2MmRjZTFhNzkxZTczNDFkNWY0MjU5ODExYWI0ZDY1ZjZiMDc1MB4XDTIyMDEw
MTE0MDQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU2YzM1MTQwNGE1
MDgwZWY5NTQ5ODJlOTkwMDhjZmRiM2RmZGVkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2zw/qruly3QzGZHk84753R15nhLRPyF0lZw3BfV6WbQxRR
JuGXn6fWLECNNLmLPx52xFATZDf9DqCwggx2UOOQbaXvLU/SkavKyQknMX5+6LEp
+VSN0pKleOjowkCttdqitwX04qTqzeOZz/sWeudi4MwbQmakW3GCDMSULZyJcA1e
df1/dpFOGk5GckfZ/SIi/UkQoTVPG0hg1huFuNTWZP4phnnBle08EtNftHyzmYNc
JuL2WfMRH+O6p62gwFcBi9YvXE35/lZuspYTbUxa8jirXsge6LXMgW6ZixPE5W0U
vOqVkWBe54e2s4aX/D2IaX/46iTi/SB/sFFxkskCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1bDUUBKUIDvlUmC6ZAIz9s9/e2DAfBgNVHSMEGDAWgBSBBi3OGnkec0HV
9CWYEatNZfawdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRWXR6aHA1SG5OQjFmUWxtQkdyVFdYMnNIVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvM2Q3OGQxLTNlMGMtNGMxYS1hMTQxLTc0ZTIxOGQ0YjYxMy8x
L05XdzFGQVNsQ0E3NVZKZ3VtUUNNX2JQZjN0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
M2Q3OGQxLTNlMGMtNGMxYS1hMTQxLTc0ZTIxOGQ0YjYxMy8xL2dRWXR6aHA1SG5O
QjFmUWxtQkdyVFdYMnNIVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkWMTANBgkqhkiG9w0BAQsFAAOC
AQEAzafVwMD8veiAJf8f0kwvbwR9Do0LdaFLXpebL75Zi6gubPnd4rT4Mi3nPq4y
/4R+Bs+Nik28vj2uG14ZehbUBGAXfwZjhYOvBIj5d2Uz0Q37K6marud1hdoaHdZ/
uE0ZYoFhOE2JJjdWfSczjB9itsJ7Cz1ygfhc5OU0UEweb8mdX4rjB6GTmCajC3su
Fp1S8LWb+2x3iGA/NcIuzgcESzTgNvo/x/k0L6gR7zE2GGej9ZF/fMFpy5wI5ByV
wtd07DFUM9TIpCMxCj1YndRDZjwwXME+w3U0tJQDDncPepqdhsB4elT07QICrS2O
q8Pdl8wutn55usqc5cupV2vyjg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:24 2025 by rpki-client