Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/c93i-NSS8E1PHU1Ada6zpKgKzM0.roa
File: c93i-NSS8E1PHU1Ada6zpKgKzM0.roa (raw, json)
Hash identifier: Oiqeui3fu1NVcKS1DmPHvbFt0a9fTvcGIY+1AOL1ybk=
Subject key identifier: 73:DD:E2:F8:D4:92:F0:4D:4F:1D:4D:40:75:AE:B3:A4:A8:0A:CC:CD
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0184AE470D188124FDD174A1A4B3120BE7DC
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/c93i-NSS8E1PHU1Ada6zpKgKzM0.roa
Signing time: Fri 25 Nov 2022 10:13:22 +0000
ROA not before: Fri 25 Nov 2022 10:13:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.137.0/24 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
84.254.145.0/24 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
95.210.133.0/24 maxlen: 24
176.227.131.0/24 maxlen: 24
84.254.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:47:0d:18:81:24:fd:d1:74:a1:a4:b3:12:0b:e7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Nov 25 10:13:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73dde2f8d492f04d4f1d4d4075aeb3a4a80acccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4e:26:6c:cf:06:df:ce:d1:74:b0:5a:0c:61:
67:47:c4:79:ba:b1:13:de:47:94:74:e3:d2:04:9a:
bf:76:62:65:e9:4a:df:77:9a:d9:a1:66:fe:2e:af:
52:36:a3:57:2b:94:c8:20:bd:f8:58:a8:5f:a8:11:
c6:ca:72:ee:ca:f0:1b:03:32:67:17:47:56:dc:fe:
73:1c:8a:ae:d8:c9:39:fb:07:71:cb:60:40:1b:8c:
ff:77:ac:de:8d:ce:fd:49:d6:da:4f:ca:c3:56:d7:
61:e0:50:04:b7:0f:67:66:a9:77:67:ee:d9:d9:bf:
e5:4a:bf:da:5d:84:04:1f:8d:21:86:3f:3f:00:20:
bc:e6:35:d9:4e:00:2a:e3:c7:7e:4c:56:fa:e5:0f:
32:15:44:34:c2:f0:61:4f:15:f4:f6:4c:35:81:5f:
43:63:5c:39:fd:17:99:dc:b9:a0:4b:c1:0b:4a:9b:
eb:d9:28:35:64:7b:5b:3e:f4:ba:94:b2:d2:0e:fd:
0c:c0:00:8e:28:39:cf:98:01:8c:97:f3:39:1b:83:
8c:15:b9:21:67:0e:a0:e8:0e:61:4b:83:52:a8:25:
26:a7:8a:0f:85:4c:b7:c2:ae:eb:63:66:a8:a8:04:
e1:5d:50:1b:6e:d0:0b:7e:c0:3c:84:63:f3:91:65:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:DD:E2:F8:D4:92:F0:4D:4F:1D:4D:40:75:AE:B3:A4:A8:0A:CC:CD
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/c93i-NSS8E1PHU1Ada6zpKgKzM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0/24
84.254.137.0/24
84.254.144.0/23
95.210.111.0/24
95.210.132.0/23
176.227.131.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7c:a6:a4:6f:43:71:c0:71:3e:35:b6:cb:bc:3f:68:59:6e:
4c:cb:b1:57:85:4d:4b:e1:4e:e9:e6:df:2c:a2:91:2c:16:2e:
06:7d:9c:db:6f:fb:c1:85:7a:4d:1b:ca:bf:ce:67:79:7e:cd:
bc:86:94:31:90:0f:ab:89:18:07:c6:72:a3:6c:30:0b:a2:24:
88:9e:9c:1a:6c:6a:29:91:5c:46:cc:43:2f:64:99:35:9d:35:
5e:fe:9b:4e:c9:c6:da:c1:73:f8:d9:ab:96:a6:67:06:2a:50:
5a:da:fa:d1:77:54:8b:47:49:47:93:ec:ad:e5:04:ee:05:6d:
ca:11:2d:4b:d9:a4:ba:2d:68:7e:4c:a4:9a:0e:80:1d:e7:13:
bf:1e:1f:68:9d:04:47:c5:2f:bd:08:48:de:57:4c:7a:3d:86:
39:ba:59:bd:08:b7:29:d6:92:fc:60:99:b7:db:1d:01:5c:5d:
fe:45:0b:e2:04:4a:3a:f6:1c:05:24:a0:80:38:0a:e4:bb:7d:
9a:16:d2:bc:94:03:4f:b9:fc:2e:58:e4:53:52:32:bd:fa:6e:
ed:d8:42:ad:7a:41:be:63:00:75:6a:99:18:f6:83:0c:ef:e0:
d6:4c:c7:dc:8b:71:da:02:41:eb:d8:88:87:91:5a:cd:ad:19:
e2:ee:06:12
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSuRw0YgST90XShpLMSC+fcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjIxMTI1MTAxMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2RkZTJmOGQ0OTJmMDRkNGYxZDRkNDA3NWFlYjNhNGE4MGFjY2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk04mbM8G387RdLBaDGFnR8R5urET
3keUdOPSBJq/dmJl6Urfd5rZoWb+Lq9SNqNXK5TIIL34WKhfqBHGynLuyvAbAzJn
F0dW3P5zHIqu2Mk5+wdxy2BAG4z/d6zejc79SdbaT8rDVtdh4FAEtw9nZql3Z+7Z
2b/lSr/aXYQEH40hhj8/ACC85jXZTgAq48d+TFb65Q8yFUQ0wvBhTxX09kw1gV9D
Y1w5/ReZ3LmgS8ELSpvr2Sg1ZHtbPvS6lLLSDv0MwACOKDnPmAGMl/M5G4OMFbkh
Zw6g6A5hS4NSqCUmp4oPhUy3wq7rY2aoqAThXVAbbtALfsA8hGPzkWUYYwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHPd4vjUkvBNTx1NQHWus6SoCszNMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvYzkzaS1OU1M4RTFQSFUxQWRhNnpwS2dLek0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVP6CAwQA
VP6JAwQBVP6QAwQAX9JvAwQBX9KEAwQAsOODMA0GCSqGSIb3DQEBCwUAA4IBAQBN
fKakb0NxwHE+NbbLvD9oWW5My7FXhU1L4U7p5t8sopEsFi4GfZzbb/vBhXpNG8q/
zmd5fs28hpQxkA+riRgHxnKjbDALoiSInpwabGopkVxGzEMvZJk1nTVe/ptOycba
wXP42auWpmcGKlBa2vrRd1SLR0lHk+yt5QTuBW3KES1L2aS6LWh+TKSaDoAd5xO/
Hh9onQRHxS+9CEjeV0x6PYY5ulm9CLcp1pL8YJm32x0BXF3+RQviBEo69hwFJKCA
OArku32aFtK8lANPufwuWORTUjK9+m7t2EKtekG+YwB1apkY9oMM7+DWTMfci3Ha
AkHr2IiHkVrNrRni7gYS
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:44 2025 by rpki-client