Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/NmVnKKg5sL6Euclkjceyquvm6Ww.roa
File: NmVnKKg5sL6Euclkjceyquvm6Ww.roa (raw, json)
Hash identifier: 5w89gRBJoRRjrgji7ZVwbWeM3CE7laUvbqZnSaMgpec=
Subject key identifier: 36:65:67:28:A8:39:B0:BE:84:B9:C9:64:8D:C7:B2:AA:EB:E6:E9:6C
Certificate issuer: /CN=d894365b28a082834a751a97771b791124524dec
Certificate serial: 01856FA6EA359553EA84FD5E5A0331B0906C
Authority key identifier: D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/NmVnKKg5sL6Euclkjceyquvm6Ww.roa
Signing time: Sun 01 Jan 2023 23:24:47 +0000
ROA not before: Sun 01 Jan 2023 23:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41107
IP address blocks: 91.108.160.0/21 maxlen: 21
185.31.152.0/22 maxlen: 22
109.68.196.0/22 maxlen: 22
159.253.160.0/21 maxlen: 21
159.253.160.0/22 maxlen: 22
159.253.164.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:ea:35:95:53:ea:84:fd:5e:5a:03:31:b0:90:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d894365b28a082834a751a97771b791124524dec
Validity
Not Before: Jan 1 23:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36656728a839b0be84b9c9648dc7b2aaebe6e96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:88:cb:40:58:02:51:60:5a:74:9e:d8:c9:
19:4d:d5:15:0d:7d:d8:0d:00:69:b1:c1:61:47:48:
35:0b:6f:41:78:e3:3c:36:4c:f1:fc:dc:61:b2:18:
22:25:51:f8:d2:03:50:67:18:d2:73:f0:de:32:d6:
f9:a0:b9:69:f3:d3:de:3d:e1:f6:ef:82:b1:bf:dd:
96:3a:d2:0b:b8:f3:b6:24:73:67:8c:c9:40:6e:72:
1f:97:a2:35:b9:2b:c1:a3:05:53:50:05:b9:50:bc:
2c:b8:72:09:a4:73:5b:82:74:10:7d:42:30:68:fe:
cf:0b:c9:40:69:77:38:40:bb:0c:86:b9:10:d1:b8:
7d:fe:a6:6b:63:97:fe:33:75:55:90:43:a1:5d:c2:
54:f3:19:87:1a:01:9e:1c:45:35:54:06:26:6f:64:
c3:c3:26:aa:cb:4e:09:66:b3:d0:bb:9b:bd:5b:04:
a1:19:59:0b:57:67:68:98:77:16:96:2a:0b:42:dc:
e6:c7:c7:02:03:1e:d9:fb:2e:b8:29:d4:98:8d:80:
73:69:61:06:69:5b:00:b8:e5:37:bf:56:a6:f9:f3:
e3:c1:7d:63:89:8b:a4:d2:02:89:46:1d:9a:e7:ff:
14:f4:93:ad:42:ce:46:bf:3e:75:f9:5a:b8:db:25:
c9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:65:67:28:A8:39:B0:BE:84:B9:C9:64:8D:C7:B2:AA:EB:E6:E9:6C
X509v3 Authority Key Identifier:
keyid:D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/NmVnKKg5sL6Euclkjceyquvm6Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.160.0/21
109.68.196.0/22
159.253.160.0/21
185.31.152.0/22
Signature Algorithm: sha256WithRSAEncryption
78:95:8d:1f:6e:4e:69:3c:18:19:c4:e8:10:1d:5d:41:03:a0:
21:8f:97:6b:c1:21:d0:ed:91:91:9c:f4:1a:1e:8d:eb:db:df:
a0:3b:e9:4c:dc:a6:e7:b8:df:ba:d3:cb:73:ba:1f:fb:6b:36:
c7:fc:c4:0f:2f:a2:1f:05:50:b4:0a:98:93:1f:43:32:af:ad:
11:63:d5:0c:19:95:5d:f4:7a:96:e4:63:08:eb:81:df:f2:db:
fb:b8:bd:30:eb:db:09:14:58:59:48:45:5d:c2:7d:a5:10:4b:
48:6e:08:c1:a6:4f:f1:3a:f1:1a:51:2b:dd:24:a3:39:ec:8a:
7b:0b:2a:9f:0d:e4:02:98:ee:da:37:1c:d3:d7:92:b5:5d:37:
ed:4f:de:b1:51:ef:7a:d2:20:1c:42:d4:36:6b:35:3f:e7:44:
b9:24:cc:5b:76:72:86:d0:79:6e:47:af:ba:ed:ad:cc:6d:b9:
e3:ee:7d:10:d9:e4:0f:3e:61:ae:60:e3:a5:23:ee:04:9d:94:
2f:c1:d9:d8:58:b4:69:34:f2:b1:f3:03:b4:5b:8f:d1:18:5d:
ba:23:ba:09:ea:ec:4f:7b:8a:bc:3d:de:65:82:a2:3d:a6:d4:
9a:8b:90:50:12:ce:9c:f5:22:a6:d0:34:c3:4d:0d:ae:0a:30:
fb:75:76:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvpuo1lVPqhP1eWgMxsJBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTQzNjViMjhhMDgyODM0YTc1MWE5Nzc3MWI3OTExMjQ1
MjRkZWMwHhcNMjMwMTAxMjMyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjY1NjcyOGE4MzliMGJlODRiOWM5NjQ4ZGM3YjJhYWViZTZlOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0OIy0BYAlFgWnSe2MkZTdUVDX3Y
DQBpscFhR0g1C29BeOM8Nkzx/NxhshgiJVH40gNQZxjSc/DeMtb5oLlp89PePeH2
74Kxv92WOtILuPO2JHNnjMlAbnIfl6I1uSvBowVTUAW5ULwsuHIJpHNbgnQQfUIw
aP7PC8lAaXc4QLsMhrkQ0bh9/qZrY5f+M3VVkEOhXcJU8xmHGgGeHEU1VAYmb2TD
wyaqy04JZrPQu5u9WwShGVkLV2domHcWlioLQtzmx8cCAx7Z+y64KdSYjYBzaWEG
aVsAuOU3v1am+fPjwX1jiYuk0gKJRh2a5/8U9JOtQs5Gvz51+Vq42yXJawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDZlZyioObC+hLnJZI3Hsqrr5ulsMB8GA1UdIwQY
MBaAFNiUNlsooIKDSnUal3cbeREkUk3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEt
MjE0NjE3OWQ4ZTJiLzEvTm1WbktLZzVzTDZFdWNsa2pjZXlxdXZtNld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEtMjE0NjE3OWQ4ZTJi
LzEvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW2ygAwQC
bUTEAwQDn/2gAwQCuR+YMA0GCSqGSIb3DQEBCwUAA4IBAQB4lY0fbk5pPBgZxOgQ
HV1BA6Ahj5drwSHQ7ZGRnPQaHo3r29+gO+lM3KbnuN+608tzuh/7azbH/MQPL6If
BVC0CpiTH0Myr60RY9UMGZVd9HqW5GMI64Hf8tv7uL0w69sJFFhZSEVdwn2lEEtI
bgjBpk/xOvEaUSvdJKM57Ip7CyqfDeQCmO7aNxzT15K1XTftT96xUe960iAcQtQ2
azU/50S5JMxbdnKG0HluR6+67a3Mbbnj7n0Q2eQPPmGuYOOlI+4EnZQvwdnYWLRp
NPKx8wO0W4/RGF26I7oJ6uxPe4q8Pd5lgqI9ptSai5BQEs6c9SKm0DTDTQ2uCjD7
dXbR
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:05:54 2025 by rpki-client