Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/NZO719zfz6jgKGr-QuQ8w_p4X4I.roa
File: NZO719zfz6jgKGr-QuQ8w_p4X4I.roa (raw, json)
Hash identifier: tihigwvQ0ZNrdjJ0gDCrtRwO/jGu+hPzO/2dFYkkEyY=
Subject key identifier: 35:93:BB:D7:DC:DF:CF:A8:E0:28:6A:FE:42:E4:3C:C3:FA:78:5F:82
Certificate issuer: /CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Certificate serial: 018A8D75EBA46B9B28BDF0F4274CD0795963
Authority key identifier: E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/NZO719zfz6jgKGr-QuQ8w_p4X4I.roa
Signing time: Wed 13 Sep 2023 07:33:50 +0000
ROA not before: Wed 13 Sep 2023 07:33:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211619
IP address blocks: 91.241.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:75:eb:a4:6b:9b:28:bd:f0:f4:27:4c:d0:79:59:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Validity
Not Before: Sep 13 07:33:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3593bbd7dcdfcfa8e0286afe42e43cc3fa785f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a8:49:5b:f7:e4:a1:88:7a:b3:31:b2:8f:81:
4d:9b:7f:2b:6d:80:c7:23:38:67:66:c0:38:02:67:
72:26:43:79:2f:a2:89:e6:7b:18:b4:e6:93:28:c1:
37:08:4a:0d:e6:e2:89:01:e3:ad:cf:c9:6a:5a:88:
b1:f5:f7:aa:e9:83:98:d7:d9:e4:fb:f4:f0:d9:30:
ff:88:fc:26:f1:da:7c:56:48:2d:44:9d:90:4d:2d:
90:32:29:3a:a3:ee:e6:65:32:f4:c7:b5:de:fc:f2:
05:8e:32:e3:19:2a:2b:0e:27:d5:64:28:b0:1b:20:
4f:be:ac:a2:7d:40:3c:0a:a7:db:3a:82:3a:5f:28:
24:c2:6b:1f:a1:71:c5:25:19:80:30:1c:f2:1d:e3:
7f:08:2b:3f:d5:0a:de:41:55:4d:df:cf:fb:84:fa:
25:e4:d7:e4:fb:a4:1d:30:29:46:7b:7f:70:87:90:
99:a3:74:69:4e:39:b9:f1:55:99:cc:87:f4:e5:84:
3f:19:f1:54:e9:f0:05:2d:5d:21:f9:39:54:f3:ab:
38:5b:b9:21:5e:d5:c7:3d:7a:7f:f5:28:96:df:20:
17:d1:8a:84:c5:ba:6f:d8:28:dc:be:73:9c:fd:00:
7b:95:df:55:21:3c:a4:58:eb:0e:1d:30:9c:c6:cf:
11:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:93:BB:D7:DC:DF:CF:A8:E0:28:6A:FE:42:E4:3C:C3:FA:78:5F:82
X509v3 Authority Key Identifier:
keyid:E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/NZO719zfz6jgKGr-QuQ8w_p4X4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.168.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b1:77:7b:c9:b9:ce:d5:d7:f0:23:aa:b7:25:af:57:75:70:
a2:e7:db:d9:38:92:db:2b:5f:4d:90:27:e6:f3:ea:3e:b9:84:
19:70:cd:d2:12:ed:26:37:28:50:ca:96:06:23:b7:23:f1:1c:
c8:40:f9:47:5d:da:8c:99:2a:c8:71:01:74:65:33:0d:a0:68:
53:e4:65:89:67:10:e3:56:cf:72:32:ba:d8:52:69:4c:91:2c:
a9:d8:2e:95:c6:1d:e3:3a:75:5f:23:f5:4c:bc:63:e4:15:6b:
9a:f4:56:55:b0:04:20:0f:f2:31:ce:d0:dd:50:6b:9a:6d:f0:
8e:24:d6:1b:70:4a:a6:5d:05:bd:d7:bc:a9:27:53:cf:97:00:
3c:b0:c8:d5:66:0b:d8:d0:d3:56:ab:c8:18:ac:e3:ad:9c:b5:
9e:8c:24:80:60:a1:c5:e4:84:52:b4:75:67:9d:39:89:5a:28:
29:3b:99:ee:28:00:0a:af:f5:b0:37:2a:e5:b6:84:d1:f6:ea:
33:1b:f5:06:a2:2c:38:2d:97:27:e7:07:9d:f6:d0:b7:d3:fc:
67:1a:31:ce:11:b4:12:8b:58:96:dd:33:84:7a:85:9c:09:9b:
b0:af:eb:81:5b:89:3c:5e:55:3a:f4:c7:92:29:ab:ab:6c:16:
17:8f:b1:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqNdeuka5sovfD0J0zQeVljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZTRkYzk2OGVkNTI5MzVhMDRkZWUzYjIyOWMyMWNhOWJm
ZGJkN2UwHhcNMjMwOTEzMDczMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTkzYmJkN2RjZGZjZmE4ZTAyODZhZmU0MmU0M2NjM2ZhNzg1ZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKhJW/fkoYh6szGyj4FNm38rbYDH
IzhnZsA4AmdyJkN5L6KJ5nsYtOaTKME3CEoN5uKJAeOtz8lqWoix9feq6YOY19nk
+/Tw2TD/iPwm8dp8VkgtRJ2QTS2QMik6o+7mZTL0x7Xe/PIFjjLjGSorDifVZCiw
GyBPvqyifUA8CqfbOoI6XygkwmsfoXHFJRmAMBzyHeN/CCs/1QreQVVN38/7hPol
5Nfk+6QdMClGe39wh5CZo3RpTjm58VWZzIf05YQ/GfFU6fAFLV0h+TlU86s4W7kh
XtXHPXp/9SiW3yAX0YqExbpv2CjcvnOc/QB7ld9VITykWOsOHTCcxs8R9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWTu9fc38+o4Chq/kLkPMP6eF+CMB8GA1UdIwQY
MBaAFOnk3JaO1Sk1oE3uOyKcIcqb/b1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEt
NmM3ODU2ZWY3YjMxLzEvTlpPNzE5emZ6NmpnS0dyLVF1UTh3X3A0WDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEtNmM3ODU2ZWY3YjMx
LzEvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/GoMA0G
CSqGSIb3DQEBCwUAA4IBAQAKsXd7ybnO1dfwI6q3Ja9XdXCi59vZOJLbK19NkCfm
8+o+uYQZcM3SEu0mNyhQypYGI7cj8RzIQPlHXdqMmSrIcQF0ZTMNoGhT5GWJZxDj
Vs9yMrrYUmlMkSyp2C6Vxh3jOnVfI/VMvGPkFWua9FZVsAQgD/IxztDdUGuabfCO
JNYbcEqmXQW917ypJ1PPlwA8sMjVZgvY0NNWq8gYrOOtnLWejCSAYKHF5IRStHVn
nTmJWigpO5nuKAAKr/WwNyrltoTR9uozG/UGoiw4LZcn5wed9tC30/xnGjHOEbQS
i1iW3TOEeoWcCZuwr+uBW4k8XlU69MeSKaurbBYXj7GX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:03 2025 by rpki-client