Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/nBwZzR4cavpZNqVLgdkdoif8wHw.roa
File: nBwZzR4cavpZNqVLgdkdoif8wHw.roa (raw, json)
Hash identifier: mWcfcuZjkiW5c/0piQsiJqUeUBs1VqT2ZMbC4Ay5SPY=
Subject key identifier: 9C:1C:19:CD:1E:1C:6A:FA:59:36:A5:4B:81:D9:1D:A2:27:FC:C0:7C
Certificate issuer: /CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Certificate serial: 03E230EC
Authority key identifier: 09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/nBwZzR4cavpZNqVLgdkdoif8wHw.roa
Signing time: Sat 01 Jan 2022 16:02:08 +0000
ROA not before: Sat 01 Jan 2022 16:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207558
IP address blocks: 91.224.171.0/24 maxlen: 24
91.196.229.0/24 maxlen: 24
91.196.228.0/22 maxlen: 22
91.196.228.0/24 maxlen: 24
91.196.231.0/24 maxlen: 24
91.196.230.0/24 maxlen: 24
2a0f:d840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65155308 (0x3e230ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Validity
Not Before: Jan 1 16:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c1c19cd1e1c6afa5936a54b81d91da227fcc07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bd:45:e6:4a:e8:03:e7:7b:eb:a5:38:ca:ee:
95:88:31:10:00:83:8e:64:ea:e0:2c:4e:68:c1:b6:
c9:77:fd:c8:92:60:34:8c:13:c5:e4:63:e2:be:f5:
1d:65:a0:c6:11:b6:35:37:fc:d6:1b:46:c0:e8:5b:
a5:17:4d:10:5d:77:02:f3:3e:2a:87:bd:1b:30:8c:
95:66:2f:c0:35:85:46:0e:56:39:e4:07:5b:04:6d:
2e:0b:18:38:46:5e:65:63:5c:24:e9:f8:5b:d7:f6:
ad:0a:13:13:49:26:2a:92:db:49:db:d3:28:82:f8:
cb:91:22:3a:46:1a:08:ff:ce:34:fa:2f:36:84:a7:
51:67:34:90:90:75:e3:ec:0d:d1:09:1a:57:18:dd:
2b:63:88:86:85:70:ed:c8:8e:95:2d:08:f6:e5:e0:
c7:bc:04:62:bc:ed:5a:19:f6:b7:9c:ad:4b:11:11:
a2:d7:bf:3b:95:fd:a3:61:77:49:27:c8:3a:ec:56:
22:6d:5c:3d:a0:04:81:a3:c0:43:4b:09:a4:90:19:
37:bc:84:4c:cb:83:99:3f:8f:78:05:c6:3e:01:3a:
0e:b3:1c:07:97:09:1f:91:26:a9:c6:9e:b2:a5:f4:
7a:b1:e2:5a:c7:20:3c:9c:52:fc:47:63:00:e3:77:
24:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1C:19:CD:1E:1C:6A:FA:59:36:A5:4B:81:D9:1D:A2:27:FC:C0:7C
X509v3 Authority Key Identifier:
keyid:09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/nBwZzR4cavpZNqVLgdkdoif8wHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.228.0/22
91.224.171.0/24
IPv6:
2a0f:d840::/29
Signature Algorithm: sha256WithRSAEncryption
14:e4:f6:a7:ca:f0:6d:9c:33:be:66:d0:c2:c5:9c:b1:b9:c7:
d2:39:be:87:ec:9c:6e:94:0a:13:80:cd:a3:b1:06:77:e4:97:
cf:3e:05:17:23:10:45:59:7b:97:f9:01:d8:1c:19:87:48:da:
5d:05:bd:99:d4:e1:ea:9d:1e:fa:69:a6:64:f9:49:0b:0b:cc:
6c:b4:ff:b9:99:d7:16:66:23:41:73:6d:b0:55:0a:7d:5a:88:
cd:1c:73:9e:08:86:3e:3f:37:29:40:76:26:25:35:ce:52:44:
19:e0:9c:0e:78:7b:6c:53:73:81:41:58:e0:0e:75:c1:a9:56:
d6:69:65:f2:08:c3:dd:6f:62:c1:ee:ab:c9:44:46:c1:28:44:
c4:ba:bf:16:de:da:2c:4e:94:67:f1:13:bc:cd:fd:f9:50:02:
b5:33:ce:11:13:76:21:0b:04:79:cb:b6:e4:e3:bd:83:f3:0a:
59:87:45:eb:4a:a9:98:66:7e:ca:02:95:80:f9:98:b5:90:74:
f6:a6:53:7c:6e:c2:fc:31:d4:ae:3b:72:c8:bf:6e:d9:c9:cb:
91:53:47:58:ca:d6:5b:9f:62:d9:12:26:e2:58:3c:ca:83:85:
33:fa:dd:85:5e:63:3d:9a:a3:92:51:29:29:dc:08:25:5d:cc:
21:eb:10:cb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA+Iw7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWZlY2Q3MDcxYjcyN2RiM2QxMmYwOWVmYmI0NTRlMDRkNGY3NDNkMB4XDTIyMDEw
MTE2MDIwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMxYzE5Y2QxZTFj
NmFmYTU5MzZhNTRiODFkOTFkYTIyN2ZjYzA3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALK9ReZK6APne+ulOMrulYgxEACDjmTq4CxOaMG2yXf9yJJg
NIwTxeRj4r71HWWgxhG2NTf81htGwOhbpRdNEF13AvM+Koe9GzCMlWYvwDWFRg5W
OeQHWwRtLgsYOEZeZWNcJOn4W9f2rQoTE0kmKpLbSdvTKIL4y5EiOkYaCP/ONPov
NoSnUWc0kJB14+wN0QkaVxjdK2OIhoVw7ciOlS0I9uXgx7wEYrztWhn2t5ytSxER
ote/O5X9o2F3SSfIOuxWIm1cPaAEgaPAQ0sJpJAZN7yETMuDmT+PeAXGPgE6DrMc
B5cJH5EmqcaesqX0erHiWscgPJxS/EdjAON3JCUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBScHBnNHhxq+lk2pUuB2R2iJ/zAfDAfBgNVHSMEGDAWgBQJ/s1wcbcn2z0S
8J77tFTgTU90PTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NmN05jSEczSjlzOUV2Q2UtN1JVNEUxUGREMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvNzJlM2ExLTkwNmMtNDQ4Yi05OGRhLTVhMjA2ZThiMTM2OS8x
L25Cd1p6UjRjYXZwWk5xVkxnZGtkb2lmOHdIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
NzJlM2ExLTkwNmMtNDQ4Yi05OGRhLTVhMjA2ZThiMTM2OS8xL0NmN05jSEczSjlz
OUV2Q2UtN1JVNEUxUGREMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlvE5AMEAFvgqzANBAIAAjAHAwUD
Kg/YQDANBgkqhkiG9w0BAQsFAAOCAQEAFOT2p8rwbZwzvmbQwsWcsbnH0jm+h+yc
bpQKE4DNo7EGd+SXzz4FFyMQRVl7l/kB2BwZh0jaXQW9mdTh6p0e+mmmZPlJCwvM
bLT/uZnXFmYjQXNtsFUKfVqIzRxzngiGPj83KUB2JiU1zlJEGeCcDnh7bFNzgUFY
4A51walW1mll8gjD3W9iwe6ryURGwShExLq/Ft7aLE6UZ/ETvM39+VACtTPOERN2
IQsEecu25OO9g/MKWYdF60qpmGZ+ygKVgPmYtZB09qZTfG7C/DHUrjtyyL9u2cnL
kVNHWMrWW59i2RIm4lg8yoOFM/rdhV5jPZqjklEpKdwIJV3MIesQyw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:26 2025 by rpki-client