Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/nmGb8pRkGeWoXCEszPosMdebBTI.roa
File: nmGb8pRkGeWoXCEszPosMdebBTI.roa (raw, json)
Hash identifier: ZJrXsawBBaUikfe1n6dQM0Tphm+PpYe1Y0/FYwNj+28=
Subject key identifier: 9E:61:9B:F2:94:64:19:E5:A8:5C:21:2C:CC:FA:2C:31:D7:9B:05:32
Certificate issuer: /CN=12c889964b35b51ba8e5e679a15b19a31f133578
Certificate serial: 01831C899A2EFA7D4D01280D4BC942028B5F
Authority key identifier: 12:C8:89:96:4B:35:B5:1B:A8:E5:E6:79:A1:5B:19:A3:1F:13:35:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/nmGb8pRkGeWoXCEszPosMdebBTI.roa
Signing time: Thu 08 Sep 2022 09:58:43 +0000
ROA not before: Thu 08 Sep 2022 09:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61113
IP address blocks: 82.146.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:89:9a:2e:fa:7d:4d:01:28:0d:4b:c9:42:02:8b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c889964b35b51ba8e5e679a15b19a31f133578
Validity
Not Before: Sep 8 09:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e619bf2946419e5a85c212cccfa2c31d79b0532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:46:1a:58:fe:58:1c:7a:17:d5:65:ca:85:21:
07:03:53:c3:fb:df:0a:e3:8f:e9:32:af:75:98:9f:
c8:1c:e1:21:a1:a9:a7:c8:ba:5e:6a:f1:a3:08:54:
0b:57:08:c7:b2:29:50:4b:63:52:f4:bf:af:c9:f6:
ff:cd:ca:44:48:42:7b:f8:e5:d6:b0:1d:79:55:67:
36:a2:c3:80:f5:42:66:d5:ef:56:86:a5:b7:ea:5c:
b1:03:9c:e8:30:5c:2e:e6:07:7e:f5:1e:e8:b2:cd:
92:d4:cb:45:6b:7a:32:d3:5c:f5:b0:02:87:e1:a1:
c5:01:0a:48:aa:59:f3:28:9b:db:d6:ef:0c:ff:45:
31:98:4c:af:bf:28:c0:d1:f8:26:a7:f7:cd:96:56:
5f:8d:37:e8:7f:4c:ba:f2:3b:e7:81:92:88:5e:c7:
78:76:e6:d6:3b:6a:6b:e2:2a:eb:b8:69:05:b6:2b:
70:6b:3a:e0:89:75:5e:a7:c8:89:2b:25:cd:10:08:
3d:32:a3:eb:6a:a2:86:f9:72:93:62:df:08:63:f5:
5c:9a:53:36:da:bc:08:cc:9f:70:ff:32:bb:20:c8:
a6:7d:50:da:39:91:d2:cb:84:68:bd:87:7c:b9:7b:
04:4f:d3:a9:36:43:08:99:1b:68:d5:84:af:0a:bc:
88:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:61:9B:F2:94:64:19:E5:A8:5C:21:2C:CC:FA:2C:31:D7:9B:05:32
X509v3 Authority Key Identifier:
keyid:12:C8:89:96:4B:35:B5:1B:A8:E5:E6:79:A1:5B:19:A3:1F:13:35:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/nmGb8pRkGeWoXCEszPosMdebBTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/EsiJlks1tRuo5eZ5oVsZox8TNXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.186.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c1:af:8d:d6:62:ee:9b:b9:57:c5:07:0e:07:72:34:2e:73:
0f:31:ce:35:0c:6a:04:04:8a:23:92:80:74:a6:a6:22:f4:4f:
e1:5f:b0:1c:ba:b6:9b:ba:e9:e3:20:d7:04:14:10:9e:2f:bd:
2f:80:3a:c9:37:80:13:c4:32:c9:3a:8d:1d:a9:c0:e9:d0:b4:
b7:fa:70:41:36:35:e9:1c:a3:44:b5:8b:69:8b:e5:87:b2:d8:
33:75:cc:cc:1d:9e:ce:27:cb:d1:c1:19:ec:5b:f5:2a:6f:52:
06:84:c7:ab:1b:3c:01:10:d7:ab:77:92:e8:0e:63:c6:d1:7c:
f0:6b:36:bc:31:c2:93:49:43:82:42:61:b0:0e:6b:78:65:89:
f6:82:b6:ba:cb:89:f5:9b:c3:00:46:8f:46:0f:e3:40:c1:af:
ed:81:32:56:06:a1:7e:3e:23:2b:3e:9a:e4:c2:28:7d:8c:24:
ed:7a:cc:f8:42:99:b7:2f:43:49:4e:f6:21:57:21:0f:df:5d:
79:7a:37:4f:55:59:fa:38:92:5d:80:13:13:ce:ff:de:03:6c:
78:96:b2:d0:7a:11:dd:50:57:a8:23:f5:aa:fa:71:bb:2a:78:
f0:56:70:3c:3a:61:6e:fa:35:40:c8:ee:ed:a5:a3:a1:af:8d:
2d:e0:a0:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMciZou+n1NASgNS8lCAotfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzg4OTk2NGIzNWI1MWJhOGU1ZTY3OWExNWIxOWEzMWYx
MzM1NzgwHhcNMjIwOTA4MDk1ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTYxOWJmMjk0NjQxOWU1YTg1YzIxMmNjY2ZhMmMzMWQ3OWIwNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUYaWP5YHHoX1WXKhSEHA1PD+98K
44/pMq91mJ/IHOEhoamnyLpeavGjCFQLVwjHsilQS2NS9L+vyfb/zcpESEJ7+OXW
sB15VWc2osOA9UJm1e9WhqW36lyxA5zoMFwu5gd+9R7oss2S1MtFa3oy01z1sAKH
4aHFAQpIqlnzKJvb1u8M/0UxmEyvvyjA0fgmp/fNllZfjTfof0y68jvngZKIXsd4
dubWO2pr4irruGkFtitwazrgiXVep8iJKyXNEAg9MqPraqKG+XKTYt8IY/VcmlM2
2rwIzJ9w/zK7IMimfVDaOZHSy4RovYd8uXsET9OpNkMImRto1YSvCryIUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5hm/KUZBnlqFwhLMz6LDHXmwUyMB8GA1UdIwQY
MBaAFBLIiZZLNbUbqOXmeaFbGaMfEzV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNpSmxrczF0UnVvNWVaNW9Wc1pveDhUTlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xNmIwMmMtODMzYS00OGYwLWJhNTYt
YWQ2ZjBiZjg4NDM4LzEvbm1HYjhwUmtHZVdvWENFc3pQb3NNZGViQlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xNmIwMmMtODMzYS00OGYwLWJhNTYtYWQ2ZjBiZjg4NDM4
LzEvRXNpSmxrczF0UnVvNWVaNW9Wc1pveDhUTlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpK6MA0G
CSqGSIb3DQEBCwUAA4IBAQAcwa+N1mLum7lXxQcOB3I0LnMPMc41DGoEBIojkoB0
pqYi9E/hX7AcurabuunjINcEFBCeL70vgDrJN4ATxDLJOo0dqcDp0LS3+nBBNjXp
HKNEtYtpi+WHstgzdczMHZ7OJ8vRwRnsW/Uqb1IGhMerGzwBENerd5LoDmPG0Xzw
aza8McKTSUOCQmGwDmt4ZYn2gra6y4n1m8MARo9GD+NAwa/tgTJWBqF+PiMrPprk
wih9jCTtesz4Qpm3L0NJTvYhVyEP3115ejdPVVn6OJJdgBMTzv/eA2x4lrLQehHd
UFeoI/Wq+nG7KnjwVnA8OmFu+jVAyO7tpaOhr40t4KCD
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:16:04 2025 by rpki-client