Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/NTKHvomVtWmT0vaBVclLBt970wQ.roa
File: NTKHvomVtWmT0vaBVclLBt970wQ.roa (raw, json)
Hash identifier: xbEiKR4WngxZtKozLgR+jJ+4UGRoaFTrkZkju5HabtA=
Subject key identifier: 35:32:87:BE:89:95:B5:69:93:D2:F6:81:55:C9:4B:06:DF:7B:D3:04
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01852AB7318F82578391FEE3298676C79B98
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/NTKHvomVtWmT0vaBVclLBt970wQ.roa
Signing time: Mon 19 Dec 2022 14:08:46 +0000
ROA not before: Mon 19 Dec 2022 14:08:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 91.149.215.0/24 maxlen: 24
91.149.219.0/24 maxlen: 24
91.149.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:b7:31:8f:82:57:83:91:fe:e3:29:86:76:c7:9b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Dec 19 14:08:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=353287be8995b56993d2f68155c94b06df7bd304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bb:67:99:fa:5b:cd:42:56:d2:7b:68:c0:23:
26:05:f8:c5:bd:54:df:95:31:33:09:78:e4:45:89:
79:f4:3f:64:c9:dc:f9:c8:48:2d:25:48:b9:80:df:
45:92:8d:94:78:e6:34:ca:46:f9:42:6f:c5:1b:51:
08:a4:87:81:79:2f:cf:df:15:33:77:04:02:03:29:
c8:eb:bc:78:d9:38:8e:28:2a:d1:bf:01:38:e8:d5:
f0:e3:77:61:6b:f0:4c:86:b9:d7:37:2f:e9:96:2f:
a0:4e:56:2f:15:a2:00:38:49:0a:80:bd:95:51:05:
6e:2e:f5:b1:cd:c5:56:2f:aa:b0:20:bf:42:15:36:
bf:0d:c3:1a:b9:fd:dd:a8:26:3d:8e:1c:2e:18:74:
1e:15:e7:40:7b:f8:84:1d:53:46:dd:79:5e:8b:0c:
3d:e3:d1:33:e9:08:72:39:ca:af:75:49:8f:fa:e7:
7c:03:16:8f:04:f2:32:9e:c7:c0:21:fb:3c:10:3a:
4c:e7:2a:20:d6:8d:85:a5:5c:fe:8e:8e:ea:07:fb:
70:4c:62:34:da:e7:55:40:a6:ea:df:8b:4c:b8:1c:
b6:b4:93:6c:b3:b9:57:54:a7:c7:cd:4a:3b:86:91:
86:5b:6c:85:d2:0b:05:eb:4e:28:da:22:67:f4:73:
fa:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:32:87:BE:89:95:B5:69:93:D2:F6:81:55:C9:4B:06:DF:7B:D3:04
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/NTKHvomVtWmT0vaBVclLBt970wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.215.0/24
91.149.219.0/24
91.149.221.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e8:c0:0e:71:93:98:49:26:0a:00:bb:12:fd:62:6c:9a:0d:
a4:08:0d:d4:46:4a:1e:6e:e1:75:b1:9b:b7:20:3a:e4:e9:90:
39:09:5a:8e:ad:b0:f7:d9:5b:f9:95:a2:e4:f5:77:9d:0b:de:
2f:3e:40:8a:b8:95:79:2d:1c:34:5b:aa:1f:14:7c:d3:52:55:
0a:dc:e1:1f:2c:05:49:27:aa:72:ce:86:ae:21:d4:4e:37:87:
fd:c7:d2:af:f5:ac:46:7e:12:bc:f2:1f:2d:3c:03:48:5b:6a:
34:18:28:32:0f:df:3a:72:ff:76:5d:fe:8d:d2:3c:04:13:5c:
4b:8f:6a:aa:69:fa:73:01:0b:b9:3d:06:a6:c0:21:ef:73:fe:
12:a4:39:ed:6f:19:85:06:22:27:04:f2:37:79:a0:86:20:cf:
98:13:35:ec:97:fb:dd:9b:9a:08:01:94:3b:91:7a:8b:14:3b:
90:84:eb:da:55:7c:9e:6c:fc:a2:e7:81:99:6d:9e:8b:7c:0d:
37:58:82:31:c8:77:ec:10:49:98:be:28:b6:e4:e9:a0:20:19:
95:a5:0b:7b:18:d4:66:ba:44:69:11:aa:57:58:6d:9b:11:f3:
c7:85:e1:9b:9b:b3:fc:32:f1:d9:40:a6:e2:1b:bc:72:b6:35:
19:86:0e:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUqtzGPgleDkf7jKYZ2x5uYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjIxMjE5MTQwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTMyODdiZTg5OTViNTY5OTNkMmY2ODE1NWM5NGIwNmRmN2JkMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7tnmfpbzUJW0ntowCMmBfjFvVTf
lTEzCXjkRYl59D9kydz5yEgtJUi5gN9Fko2UeOY0ykb5Qm/FG1EIpIeBeS/P3xUz
dwQCAynI67x42TiOKCrRvwE46NXw43dha/BMhrnXNy/pli+gTlYvFaIAOEkKgL2V
UQVuLvWxzcVWL6qwIL9CFTa/DcMauf3dqCY9jhwuGHQeFedAe/iEHVNG3Xleiww9
49Ez6QhyOcqvdUmP+ud8AxaPBPIynsfAIfs8EDpM5yog1o2FpVz+jo7qB/twTGI0
2udVQKbq34tMuBy2tJNss7lXVKfHzUo7hpGGW2yF0gsF604o2iJn9HP6CQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDUyh76JlbVpk9L2gVXJSwbfe9MEMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvTlRLSHZvbVZ0V21UMHZhQlZjbExCdDk3MHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5XXAwQA
W5XbAwQAW5XdMA0GCSqGSIb3DQEBCwUAA4IBAQA56MAOcZOYSSYKALsS/WJsmg2k
CA3URkoebuF1sZu3IDrk6ZA5CVqOrbD32Vv5laLk9XedC94vPkCKuJV5LRw0W6of
FHzTUlUK3OEfLAVJJ6pyzoauIdRON4f9x9Kv9axGfhK88h8tPANIW2o0GCgyD986
cv92Xf6N0jwEE1xLj2qqafpzAQu5PQamwCHvc/4SpDntbxmFBiInBPI3eaCGIM+Y
EzXsl/vdm5oIAZQ7kXqLFDuQhOvaVXyebPyi54GZbZ6LfA03WIIxyHfsEEmYvii2
5OmgIBmVpQt7GNRmukRpEapXWG2bEfPHheGbm7P8MvHZQKbiG7xytjUZhg7w
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:50 2023 by rpki-client on console-fra.rpki-client.org