Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/9NQ_87zcOOty9JfjtCneDqje4OY.roa
File: 9NQ_87zcOOty9JfjtCneDqje4OY.roa (raw, json)
Hash identifier: r47NZhA9mkZ2+Ge8x5CmHkbfV2g9E/AhtT1HFU1bUrE=
Subject key identifier: F4:D4:3F:F3:BC:DC:38:EB:72:F4:97:E3:B4:29:DE:0E:A8:DE:E0:E6
Certificate issuer: /CN=349c02b30adbf10f71f9be0f4644424498263df3
Certificate serial: 01856D13B0BB03FB91078B60F090F37FD0EC
Authority key identifier: 34:9C:02:B3:0A:DB:F1:0F:71:F9:BE:0F:46:44:42:44:98:26:3D:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJwCswrb8Q9x-b4PRkRCRJgmPfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/9NQ_87zcOOty9JfjtCneDqje4OY.roa
Signing time: Sun 01 Jan 2023 11:24:44 +0000
ROA not before: Sun 01 Jan 2023 11:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56674
IP address blocks: 91.226.150.0/24 maxlen: 24
91.226.148.0/24 maxlen: 24
91.226.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:b0:bb:03:fb:91:07:8b:60:f0:90:f3:7f:d0:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349c02b30adbf10f71f9be0f4644424498263df3
Validity
Not Before: Jan 1 11:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d43ff3bcdc38eb72f497e3b429de0ea8dee0e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:71:88:28:22:e3:5d:5b:e8:9b:dd:99:2f:
ae:d3:6f:c4:16:1e:5e:70:2b:98:74:94:97:15:97:
1f:0a:2b:71:9f:b7:3c:71:0d:45:56:ed:3c:c3:dc:
e6:43:a0:23:47:ef:56:5b:f8:a8:a2:68:e1:8f:99:
29:65:b2:06:d5:4d:b6:e7:9c:6d:0c:1f:78:14:89:
cf:ff:25:f9:8f:b0:7d:46:5a:3c:c6:43:1e:f6:0d:
d7:d8:3a:ab:31:dd:25:b1:6d:a1:07:8f:46:7f:08:
a3:7c:8d:43:a5:bd:b7:ea:4c:cb:cb:9c:eb:16:89:
40:95:79:5c:3f:0f:79:fc:1f:4e:7d:c1:39:6a:be:
0b:69:55:d9:7e:f6:59:05:8e:74:b2:65:fb:8f:4a:
bb:c7:b8:27:df:13:cf:bd:ed:0b:32:0d:ff:1d:a4:
12:05:d2:ec:5e:60:af:b8:a8:0a:01:b5:62:95:76:
ee:37:48:6f:68:a6:fe:47:05:17:8b:68:4d:a2:8b:
f4:50:a4:cb:76:fb:15:17:b3:d0:cc:50:8f:97:62:
2d:ba:ce:8c:60:ee:5f:e2:25:2f:23:75:e8:43:3d:
55:a7:37:ef:a8:e4:f1:9e:6b:7c:83:4c:7d:32:8c:
9d:59:72:2d:f4:86:86:76:e8:98:36:9a:70:b8:e8:
45:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D4:3F:F3:BC:DC:38:EB:72:F4:97:E3:B4:29:DE:0E:A8:DE:E0:E6
X509v3 Authority Key Identifier:
keyid:34:9C:02:B3:0A:DB:F1:0F:71:F9:BE:0F:46:44:42:44:98:26:3D:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJwCswrb8Q9x-b4PRkRCRJgmPfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/9NQ_87zcOOty9JfjtCneDqje4OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/813821-24f4-485f-9c4b-433403d30a83/1/NJwCswrb8Q9x-b4PRkRCRJgmPfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.148.0-91.226.150.255
Signature Algorithm: sha256WithRSAEncryption
2d:32:87:3e:d8:4a:5b:65:78:7d:2c:35:65:db:8e:d2:51:5b:
84:8e:5e:1b:4a:91:7d:76:56:d6:9c:6a:18:e8:b0:13:1d:5b:
76:b5:0c:32:b9:da:c3:95:dd:39:3b:13:1c:fc:c8:22:67:e3:
ad:8b:85:fb:aa:1c:e6:4a:f6:eb:d6:55:19:b2:97:61:ff:26:
2b:1b:86:48:3d:f5:28:ab:dc:1d:16:27:aa:dd:29:8b:d6:e7:
0c:58:09:a2:52:16:32:b0:3d:9f:b7:91:01:66:d7:9e:21:04:
1f:f8:c8:53:01:6a:60:19:67:65:71:fb:3a:96:9e:07:51:a7:
fd:28:83:e7:aa:c7:8b:b6:08:e9:53:1f:95:ec:7d:9a:53:3e:
26:59:75:15:8d:4b:b7:40:0d:e9:a6:ef:81:82:85:c4:0f:37:
ad:d8:54:b6:df:a0:5a:4b:64:56:4f:0f:fc:20:00:9c:56:0d:
3c:af:3a:60:8b:b2:b2:70:f8:38:c1:ab:49:28:b0:32:55:d1:
87:b9:66:71:43:61:e0:ea:04:90:61:b7:17:8b:65:4e:ea:fb:
0e:19:b8:39:a9:dc:7e:02:b1:67:ae:5f:6f:68:1b:2e:b6:d2:
57:b7:83:21:ed:7a:1e:6e:a2:8f:46:00:eb:d7:5f:98:55:dd:
e6:13:dc:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtE7C7A/uRB4tg8JDzf9DsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWMwMmIzMGFkYmYxMGY3MWY5YmUwZjQ2NDQ0MjQ0OTgy
NjNkZjMwHhcNMjMwMTAxMTEyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ0M2ZmM2JjZGMzOGViNzJmNDk3ZTNiNDI5ZGUwZWE4ZGVlMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimVxiCgi411b6JvdmS+u02/EFh5e
cCuYdJSXFZcfCitxn7c8cQ1FVu08w9zmQ6AjR+9WW/ioomjhj5kpZbIG1U2255xt
DB94FInP/yX5j7B9Rlo8xkMe9g3X2DqrMd0lsW2hB49GfwijfI1Dpb236kzLy5zr
FolAlXlcPw95/B9OfcE5ar4LaVXZfvZZBY50smX7j0q7x7gn3xPPve0LMg3/HaQS
BdLsXmCvuKgKAbVilXbuN0hvaKb+RwUXi2hNoov0UKTLdvsVF7PQzFCPl2Itus6M
YO5f4iUvI3XoQz1VpzfvqOTxnmt8g0x9MoydWXIt9IaGduiYNppwuOhFxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPTUP/O83DjrcvSX47Qp3g6o3uDmMB8GA1UdIwQY
MBaAFDScArMK2/EPcfm+D0ZEQkSYJj3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp3Q3N3cmI4UTl4LWI0UFJrUkNSSmdtUGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84MTM4MjEtMjRmNC00ODVmLTljNGIt
NDMzNDAzZDMwYTgzLzEvOU5RXzg3emNPT3R5OUpmanRDbmVEcWplNE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84MTM4MjEtMjRmNC00ODVmLTljNGItNDMzNDAzZDMwYTgz
LzEvTkp3Q3N3cmI4UTl4LWI0UFJrUkNSSmdtUGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb4pQD
BABb4pYwDQYJKoZIhvcNAQELBQADggEBAC0yhz7YSltleH0sNWXbjtJRW4SOXhtK
kX12VtacahjosBMdW3a1DDK52sOV3Tk7Exz8yCJn462LhfuqHOZK9uvWVRmyl2H/
Jisbhkg99Sir3B0WJ6rdKYvW5wxYCaJSFjKwPZ+3kQFm154hBB/4yFMBamAZZ2Vx
+zqWngdRp/0og+eqx4u2COlTH5XsfZpTPiZZdRWNS7dADemm74GChcQPN63YVLbf
oFpLZFZPD/wgAJxWDTyvOmCLsrJw+DjBq0kosDJV0Ye5ZnFDYeDqBJBhtxeLZU7q
+w4ZuDmp3H4CsWeuX29oGy620le3gyHteh5uoo9GAOvXX5hV3eYT3GY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:57:13 2025 by rpki-client