Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/NPCt9wQzqrr4yOIqKckgmN8TYw8.roa
File: NPCt9wQzqrr4yOIqKckgmN8TYw8.roa (raw, json)
Hash identifier: dlfGa+hD0kdmtyg8jwUMYBbblScyfmQkcZdVywrsrmw=
Subject key identifier: 34:F0:AD:F7:04:33:AA:BA:F8:C8:E2:2A:29:C9:20:98:DF:13:63:0F
Certificate issuer: /CN=7d477ba40a72752bf50e42c0003765e4d7473e46
Certificate serial: 01856F54C01475B290D05BB48B72A268E466
Authority key identifier: 7D:47:7B:A4:0A:72:75:2B:F5:0E:42:C0:00:37:65:E4:D7:47:3E:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fUd7pApydSv1DkLAADdl5NdHPkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/NPCt9wQzqrr4yOIqKckgmN8TYw8.roa
Signing time: Sun 01 Jan 2023 21:55:03 +0000
ROA not before: Sun 01 Jan 2023 21:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206138
IP address blocks: 91.206.60.0/23 maxlen: 24
195.34.64.0/23 maxlen: 24
2001:67c:518::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:c0:14:75:b2:90:d0:5b:b4:8b:72:a2:68:e4:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d477ba40a72752bf50e42c0003765e4d7473e46
Validity
Not Before: Jan 1 21:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34f0adf70433aabaf8c8e22a29c92098df13630f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:fc:d2:2b:eb:e9:c5:e6:87:fb:5e:87:e8:
d5:56:57:dd:1f:7e:0e:c7:21:fb:36:0f:4b:f1:2b:
e5:3d:21:a5:9f:05:b3:9f:2c:ac:6f:dc:d4:e2:07:
88:54:5a:26:5f:b5:05:10:4f:da:6b:df:6d:1a:e7:
e4:47:20:e2:1f:00:44:45:fc:c0:9b:ab:d6:a4:d6:
95:40:dd:ed:77:f6:20:9b:03:b4:3d:09:50:dc:e2:
80:a2:9c:d2:3c:90:8c:de:a3:4e:77:1f:b7:0a:b1:
04:be:77:ee:38:a5:e8:c7:d1:0d:2c:3c:63:0a:97:
30:ae:dd:68:ff:31:2b:21:e9:39:35:ea:ce:06:fd:
b2:ca:4a:6d:c9:96:ba:3f:65:fe:9a:0d:81:a7:22:
ef:4f:4c:d1:d2:97:26:9c:fd:9a:1e:92:35:e2:ac:
f4:da:08:cd:91:9d:00:26:dd:0f:48:24:0a:d5:15:
0f:0c:2f:18:c8:74:27:c9:7a:eb:ac:21:a8:24:6a:
8c:5c:66:19:f7:fe:4d:89:7b:89:67:91:78:ee:76:
bd:c0:26:d5:e8:07:68:bf:b6:ac:5c:bd:1e:2c:1e:
e0:1d:87:61:42:8a:48:a6:a2:35:b6:95:19:62:2f:
d9:cc:ea:e4:13:19:f4:74:ef:aa:d0:14:02:83:09:
47:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F0:AD:F7:04:33:AA:BA:F8:C8:E2:2A:29:C9:20:98:DF:13:63:0F
X509v3 Authority Key Identifier:
keyid:7D:47:7B:A4:0A:72:75:2B:F5:0E:42:C0:00:37:65:E4:D7:47:3E:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUd7pApydSv1DkLAADdl5NdHPkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/NPCt9wQzqrr4yOIqKckgmN8TYw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/fUd7pApydSv1DkLAADdl5NdHPkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.60.0/23
195.34.64.0/23
IPv6:
2001:67c:518::/48
Signature Algorithm: sha256WithRSAEncryption
6a:44:89:25:dc:6a:7f:86:42:8e:9f:d2:b2:4a:15:3c:0e:90:
7d:a2:0c:41:a7:d7:02:ff:d5:bf:ed:88:ed:ee:65:be:c1:24:
80:89:c4:e5:21:d7:a0:2f:0f:14:46:89:61:aa:40:10:a9:f2:
e8:46:ba:be:db:8f:61:34:a6:9b:11:4d:b6:2f:84:81:be:31:
35:12:24:4b:de:79:07:ae:82:0f:72:d5:57:74:47:75:2b:6b:
7f:ab:37:07:18:45:ef:49:a8:f5:59:f6:40:9e:f2:99:e3:e2:
35:5d:27:8b:b5:f0:9b:00:cd:6d:96:23:7f:86:5b:41:4a:4e:
ff:07:b8:2e:5a:df:39:af:9e:b1:4d:e8:ac:f2:0f:88:59:d2:
df:b6:d8:39:8a:83:ce:4a:d7:f6:4c:e7:94:41:95:26:8d:20:
17:be:fe:f2:58:e1:bb:1d:9c:14:46:97:6b:8b:d9:db:e7:48:
fb:65:b8:7e:77:ea:ac:35:ba:75:18:32:19:dd:a0:9f:a2:72:
53:db:99:97:46:dd:ad:ef:cf:04:32:d0:0d:d9:a9:5a:eb:0f:
23:fd:27:3c:49:63:71:37:03:eb:d4:c0:5b:9c:98:0e:64:aa:
57:16:e4:53:7f:d8:67:0e:77:64:94:fe:1f:82:a1:a5:58:59:
8c:92:fb:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvVMAUdbKQ0Fu0i3KiaORmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDc3YmE0MGE3Mjc1MmJmNTBlNDJjMDAwMzc2NWU0ZDc0
NzNlNDYwHhcNMjMwMTAxMjE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGYwYWRmNzA0MzNhYWJhZjhjOGUyMmEyOWM5MjA5OGRmMTM2MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqr80ivr6cXmh/teh+jVVlfdH34O
xyH7Ng9L8SvlPSGlnwWznyysb9zU4geIVFomX7UFEE/aa99tGufkRyDiHwBERfzA
m6vWpNaVQN3td/YgmwO0PQlQ3OKAopzSPJCM3qNOdx+3CrEEvnfuOKXox9ENLDxj
Cpcwrt1o/zErIek5NerOBv2yykptyZa6P2X+mg2BpyLvT0zR0pcmnP2aHpI14qz0
2gjNkZ0AJt0PSCQK1RUPDC8YyHQnyXrrrCGoJGqMXGYZ9/5NiXuJZ5F47na9wCbV
6Adov7asXL0eLB7gHYdhQopIpqI1tpUZYi/ZzOrkExn0dO+q0BQCgwlHqwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDTwrfcEM6q6+MjiKinJIJjfE2MPMB8GA1UdIwQY
MBaAFH1He6QKcnUr9Q5CwAA3ZeTXRz5GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVkN3BBcHlkU3YxRGtMQUFEZGw1TmRIUGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9iYThjMjUtNDBlZi00YmFiLWFhM2Et
OWE3ZTE0NjQ4NjJhLzEvTlBDdDl3UXpxcnI0eU9JcUtja2dtTjhUWXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9iYThjMjUtNDBlZi00YmFiLWFhM2EtOWE3ZTE0NjQ4NjJh
LzEvZlVkN3BBcHlkU3YxRGtMQUFEZGw1TmRIUGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW848AwQB
wyJAMA8EAgACMAkDBwAgAQZ8BRgwDQYJKoZIhvcNAQELBQADggEBAGpEiSXcan+G
Qo6f0rJKFTwOkH2iDEGn1wL/1b/tiO3uZb7BJICJxOUh16AvDxRGiWGqQBCp8uhG
ur7bj2E0ppsRTbYvhIG+MTUSJEveeQeugg9y1Vd0R3Ura3+rNwcYRe9JqPVZ9kCe
8pnj4jVdJ4u18JsAzW2WI3+GW0FKTv8HuC5a3zmvnrFN6KzyD4hZ0t+22DmKg85K
1/ZM55RBlSaNIBe+/vJY4bsdnBRGl2uL2dvnSPtluH536qw1unUYMhndoJ+iclPb
mZdG3a3vzwQy0A3ZqVrrDyP9JzxJY3E3A+vUwFucmA5kqlcW5FN/2GcOd2SU/h+C
oaVYWYyS+2Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:14 2025 by rpki-client