Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/nvIbYvZ1E40AMR5ueDFDcuzASXc.roa
File: nvIbYvZ1E40AMR5ueDFDcuzASXc.roa (raw, json)
Hash identifier: HMRmnq+K6JQvSsW8Wlm1dDuvKmesbc9eljC6DFST7PM=
Subject key identifier: 9E:F2:1B:62:F6:75:13:8D:00:31:1E:6E:78:31:43:72:EC:C0:49:77
Certificate issuer: /CN=6496ae38aedacbbeeee1e093956db3287ae7b53d
Certificate serial: 01856FCBB13DA012D3DB4D5E6BC701725C73
Authority key identifier: 64:96:AE:38:AE:DA:CB:BE:EE:E1:E0:93:95:6D:B3:28:7A:E7:B5:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZJauOK7ay77u4eCTlW2zKHrntT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/nvIbYvZ1E40AMR5ueDFDcuzASXc.roa
Signing time: Mon 02 Jan 2023 00:04:58 +0000
ROA not before: Mon 02 Jan 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28682
IP address blocks: 185.49.0.0/22 maxlen: 22
2a01:9ce0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b1:3d:a0:12:d3:db:4d:5e:6b:c7:01:72:5c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6496ae38aedacbbeeee1e093956db3287ae7b53d
Validity
Not Before: Jan 2 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ef21b62f675138d00311e6e78314372ecc04977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:92:6a:4f:ad:5b:b1:67:49:97:f9:d1:aa:
44:66:53:cd:d8:58:d8:32:1b:e0:9b:ce:c0:4a:9d:
c6:ca:61:e9:66:72:b5:3a:90:45:30:17:db:4c:49:
cf:4a:0d:aa:56:77:4a:25:f7:a5:49:6a:fa:59:1e:
af:c1:21:55:42:1f:dc:4c:b2:ae:1f:bc:8f:4c:c0:
15:a7:00:20:71:97:a5:d0:ce:38:e8:e0:2a:c4:3b:
a5:63:24:13:4d:1a:49:d7:7b:e8:62:2b:7a:a4:84:
4e:bf:88:e1:17:dc:25:f3:ea:78:1a:d5:b3:0f:00:
e3:4b:c5:89:70:ca:ae:1b:66:e8:05:ed:cb:3f:d8:
fa:15:28:ca:44:4e:7f:6e:55:ff:1e:1f:91:3b:42:
0e:6e:80:25:eb:e0:64:dd:47:01:ae:8d:63:6f:d4:
e2:44:6c:dd:17:c9:6c:85:5a:1b:3d:fb:80:2a:97:
cf:2e:2d:89:36:73:28:14:4d:3f:d9:e7:bd:55:a5:
39:ab:ac:c3:c8:bd:7f:7f:03:88:36:f0:36:de:96:
3b:82:ba:94:95:85:c1:ea:99:02:01:34:89:78:55:
84:86:10:a2:73:94:97:d5:38:16:cc:f5:2e:a3:65:
f2:15:c0:25:2e:91:56:49:b5:0e:13:f0:e5:9a:73:
24:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F2:1B:62:F6:75:13:8D:00:31:1E:6E:78:31:43:72:EC:C0:49:77
X509v3 Authority Key Identifier:
keyid:64:96:AE:38:AE:DA:CB:BE:EE:E1:E0:93:95:6D:B3:28:7A:E7:B5:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZJauOK7ay77u4eCTlW2zKHrntT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/nvIbYvZ1E40AMR5ueDFDcuzASXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/6c3125-fff1-4da0-8a32-7664e8a21fc7/1/ZJauOK7ay77u4eCTlW2zKHrntT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.0.0/22
IPv6:
2a01:9ce0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:5c:37:1e:55:12:45:05:41:de:89:ab:1b:a2:0a:e8:b6:6b:
b2:fe:99:17:35:ed:c2:5e:46:29:28:ba:1d:5a:4c:94:3a:16:
1c:68:e1:2a:0d:92:d8:64:68:06:d4:f8:9a:59:c6:11:40:53:
12:71:84:25:c5:23:74:22:09:17:56:98:e3:b9:54:9c:98:4b:
67:1e:ad:27:ca:b0:8c:c1:64:c9:76:c3:ba:45:e0:73:2f:54:
64:d2:a0:33:64:39:d8:6b:57:43:a9:37:69:ea:83:fa:81:7c:
9a:05:c5:35:62:cb:82:34:eb:7c:e7:8c:39:ad:78:91:da:9f:
b2:f3:a4:6a:94:1c:94:8d:d7:e0:ad:21:69:f1:c7:07:43:8d:
30:78:4d:83:e7:32:6c:fb:7d:28:e5:10:fb:1c:38:a1:c7:49:
b1:50:11:92:72:b9:81:29:bd:46:1d:b7:bc:7c:8f:c4:a5:40:
a8:2a:92:b6:66:de:47:00:8a:ad:84:ef:10:53:97:63:f8:4c:
de:6f:69:19:9d:8d:34:12:3e:8e:3e:7c:53:4b:3c:7e:67:28:
a9:5b:10:dd:c8:10:15:18:a7:b3:19:3d:d9:83:ae:a2:dc:f5:
81:f4:36:2a:da:19:5b:dc:3c:68:f4:4c:29:98:bf:e1:05:6b:
7b:be:b6:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvy7E9oBLT201ea8cBclxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0OTZhZTM4YWVkYWNiYmVlZWUxZTA5Mzk1NmRiMzI4N2Fl
N2I1M2QwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWYyMWI2MmY2NzUxMzhkMDAzMTFlNmU3ODMxNDM3MmVjYzA0OTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIOSak+tW7FnSZf50apEZlPN2FjY
Mhvgm87ASp3GymHpZnK1OpBFMBfbTEnPSg2qVndKJfelSWr6WR6vwSFVQh/cTLKu
H7yPTMAVpwAgcZel0M446OAqxDulYyQTTRpJ13voYit6pIROv4jhF9wl8+p4GtWz
DwDjS8WJcMquG2boBe3LP9j6FSjKRE5/blX/Hh+RO0IOboAl6+Bk3UcBro1jb9Ti
RGzdF8lshVobPfuAKpfPLi2JNnMoFE0/2ee9VaU5q6zDyL1/fwOINvA23pY7grqU
lYXB6pkCATSJeFWEhhCic5SX1TgWzPUuo2XyFcAlLpFWSbUOE/DlmnMkewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ7yG2L2dRONADEebngxQ3LswEl3MB8GA1UdIwQY
MBaAFGSWrjiu2su+7uHgk5Vtsyh657U9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkphdU9LN2F5Nzd1NGVDVGxXMnpLSHJudFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82YzMxMjUtZmZmMS00ZGEwLThhMzIt
NzY2NGU4YTIxZmM3LzEvbnZJYll2WjFFNDBBTVI1dWVERkRjdXpBU1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82YzMxMjUtZmZmMS00ZGEwLThhMzItNzY2NGU4YTIxZmM3
LzEvWkphdU9LN2F5Nzd1NGVDVGxXMnpLSHJudFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTEAMA0E
AgACMAcDBQAqAZzgMA0GCSqGSIb3DQEBCwUAA4IBAQCkXDceVRJFBUHeiasbogro
tmuy/pkXNe3CXkYpKLodWkyUOhYcaOEqDZLYZGgG1PiaWcYRQFMScYQlxSN0IgkX
VpjjuVScmEtnHq0nyrCMwWTJdsO6ReBzL1Rk0qAzZDnYa1dDqTdp6oP6gXyaBcU1
YsuCNOt854w5rXiR2p+y86RqlByUjdfgrSFp8ccHQ40weE2D5zJs+30o5RD7HDih
x0mxUBGScrmBKb1GHbe8fI/EpUCoKpK2Zt5HAIqthO8QU5dj+Ezeb2kZnY00Ej6O
PnxTSzx+ZyipWxDdyBAVGKezGT3Zg66i3PWB9DYq2hlb3Dxo9EwpmL/hBWt7vrap
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:42 2025 by rpki-client