Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/9e9b17-ed83-4272-bfbe-e9301afc384f/1/NxAPWg5JS_4fsdBPXH2ogpJKhps.roa
File: NxAPWg5JS_4fsdBPXH2ogpJKhps.roa (raw, json)
Hash identifier: 5g5wfToG1LevHPQ6YHkcHnkoH2ej0oAr9inE/dmOvq4=
Subject key identifier: 37:10:0F:5A:0E:49:4B:FE:1F:B1:D0:4F:5C:7D:A8:82:92:4A:86:9B
Certificate issuer: /CN=a6a4a68aafec9522da9cac800b4324ccd7d6c5a5
Certificate serial: 0189F40A600CC139A2AEEF06A85CE7DF2EDD
Authority key identifier: A6:A4:A6:8A:AF:EC:95:22:DA:9C:AC:80:0B:43:24:CC:D7:D6:C5:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqSmiq_slSLanKyAC0MkzNfWxaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/9e9b17-ed83-4272-bfbe-e9301afc384f/1/NxAPWg5JS_4fsdBPXH2ogpJKhps.roa
Signing time: Mon 14 Aug 2023 12:34:27 +0000
ROA not before: Mon 14 Aug 2023 12:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 185.18.92.0/22 maxlen: 22
89.107.184.0/21 maxlen: 21
2a01:50c0:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:0a:60:0c:c1:39:a2:ae:ef:06:a8:5c:e7:df:2e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a4a68aafec9522da9cac800b4324ccd7d6c5a5
Validity
Not Before: Aug 14 12:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37100f5a0e494bfe1fb1d04f5c7da882924a869b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:4d:90:e3:52:bb:06:93:69:2a:e3:27:e6:
0a:61:c4:34:35:72:d6:b4:b6:ed:bf:85:d4:46:68:
81:32:64:ef:73:e9:79:8b:aa:8e:69:2d:11:36:12:
70:b6:7f:a6:75:f8:66:3a:3c:8e:1f:75:ea:47:dd:
e1:3d:36:1b:a7:ab:e8:8a:8f:d3:79:3d:e7:69:fe:
b0:fe:a8:4a:f1:94:10:ee:bd:9f:0d:c3:85:22:97:
36:4e:5a:f4:4f:50:35:0b:ea:d9:f0:67:a0:3e:e6:
76:be:88:4a:3f:49:b2:7c:ea:1c:e9:b6:7d:ad:5c:
b1:aa:1f:d1:a1:60:c5:8b:0a:4b:96:8d:b1:15:4d:
f0:1f:d2:99:9b:c0:45:cf:bc:3b:c7:48:b7:e8:13:
ff:aa:c6:39:bd:60:ed:12:e0:90:ef:1b:54:6d:23:
b6:74:39:18:19:f6:30:89:55:6a:3c:24:d1:5f:7e:
4b:99:9d:c9:b3:6c:3b:97:38:1f:16:35:f4:30:33:
75:60:8d:e0:16:ce:0c:27:0b:8f:c2:80:a0:47:96:
eb:f9:6e:34:14:7f:26:ec:89:d6:8d:71:25:d5:08:
aa:f3:27:f5:60:3d:bd:af:c3:46:b1:88:cd:af:1e:
a9:54:5b:80:24:f6:a0:5a:50:dd:63:f9:3e:94:e9:
ba:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:10:0F:5A:0E:49:4B:FE:1F:B1:D0:4F:5C:7D:A8:82:92:4A:86:9B
X509v3 Authority Key Identifier:
keyid:A6:A4:A6:8A:AF:EC:95:22:DA:9C:AC:80:0B:43:24:CC:D7:D6:C5:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqSmiq_slSLanKyAC0MkzNfWxaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9e9b17-ed83-4272-bfbe-e9301afc384f/1/NxAPWg5JS_4fsdBPXH2ogpJKhps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9e9b17-ed83-4272-bfbe-e9301afc384f/1/pqSmiq_slSLanKyAC0MkzNfWxaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.184.0/21
185.18.92.0/22
IPv6:
2a01:50c0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
34:b6:b7:f8:22:18:be:45:79:b7:8b:f7:0e:2c:86:d1:f2:99:
e3:41:75:e8:8f:a9:ae:58:27:ed:9b:6c:24:cb:72:28:27:ac:
cc:26:fe:0b:c5:82:b8:79:3a:37:a7:c0:a1:23:7f:da:00:94:
fd:a4:75:90:ca:9d:46:0d:02:23:d8:d1:f5:91:2f:b1:0f:2c:
6f:19:c9:ce:a1:23:db:3a:07:c1:91:83:61:f7:9f:24:b0:9d:
34:fe:53:38:d8:1e:7d:9e:fd:f7:37:39:5b:cc:e2:59:4b:75:
a5:83:e0:08:1d:0f:7e:15:6f:73:c6:6f:1c:c2:91:bc:30:77:
1b:00:59:ab:71:e6:61:04:58:ca:de:57:72:0f:f4:1d:4a:0b:
2d:fe:9a:1a:68:78:f7:07:ce:e7:9d:0b:8b:08:58:f3:da:bc:
7b:a5:87:42:69:47:34:62:1d:ff:2c:0c:55:fc:a2:43:5b:81:
45:a4:55:9a:13:10:a7:ff:29:ca:8e:bd:5a:b1:ec:5d:5a:45:
91:3b:8b:0f:d2:70:2e:04:05:54:a0:dc:da:9e:6f:8a:0e:4e:
b2:25:d9:6b:f6:db:3e:d5:67:d5:d0:92:7a:63:e1:2d:fe:02:
42:3e:3f:23:bc:36:92:38:bf:04:9b:e4:95:6e:a4:1d:6e:92:
7f:34:68:6c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYn0CmAMwTmiru8GqFzn3y7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YTRhNjhhYWZlYzk1MjJkYTljYWM4MDBiNDMyNGNjZDdk
NmM1YTUwHhcNMjMwODE0MTIzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzEwMGY1YTBlNDk0YmZlMWZiMWQwNGY1YzdkYTg4MjkyNGE4NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn01NkONSuwaTaSrjJ+YKYcQ0NXLW
tLbtv4XURmiBMmTvc+l5i6qOaS0RNhJwtn+mdfhmOjyOH3XqR93hPTYbp6voio/T
eT3naf6w/qhK8ZQQ7r2fDcOFIpc2Tlr0T1A1C+rZ8GegPuZ2vohKP0myfOoc6bZ9
rVyxqh/RoWDFiwpLlo2xFU3wH9KZm8BFz7w7x0i36BP/qsY5vWDtEuCQ7xtUbSO2
dDkYGfYwiVVqPCTRX35LmZ3Js2w7lzgfFjX0MDN1YI3gFs4MJwuPwoCgR5br+W40
FH8m7InWjXEl1Qiq8yf1YD29r8NGsYjNrx6pVFuAJPagWlDdY/k+lOm6DQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDcQD1oOSUv+H7HQT1x9qIKSSoabMB8GA1UdIwQY
MBaAFKakpoqv7JUi2pysgAtDJMzX1sWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFTbWlxX3NsU0xhbkt5QUMwTWt6TmZXeGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85ZTliMTctZWQ4My00MjcyLWJmYmUt
ZTkzMDFhZmMzODRmLzEvTnhBUFdnNUpTXzRmc2RCUFhIMm9ncEpLaHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85ZTliMTctZWQ4My00MjcyLWJmYmUtZTkzMDFhZmMzODRm
LzEvcHFTbWlxX3NsU0xhbkt5QUMwTWt6TmZXeGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDWWu4AwQC
uRJcMA4EAgACMAgDBgQqAVDAEDANBgkqhkiG9w0BAQsFAAOCAQEANLa3+CIYvkV5
t4v3DiyG0fKZ40F16I+prlgn7ZtsJMtyKCeszCb+C8WCuHk6N6fAoSN/2gCU/aR1
kMqdRg0CI9jR9ZEvsQ8sbxnJzqEj2zoHwZGDYfefJLCdNP5TONgefZ799zc5W8zi
WUt1pYPgCB0PfhVvc8ZvHMKRvDB3GwBZq3HmYQRYyt5Xcg/0HUoLLf6aGmh49wfO
550LiwhY89q8e6WHQmlHNGId/ywMVfyiQ1uBRaRVmhMQp/8pyo69WrHsXVpFkTuL
D9JwLgQFVKDc2p5vig5OsiXZa/bbPtVn1dCSemPhLf4CQj4/I7w2kji/BJvklW6k
HW6SfzRobA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:08:55 2025 by rpki-client