Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/NZupi3lO7DUKkAaKBDI7eGlEers.roa
File: NZupi3lO7DUKkAaKBDI7eGlEers.roa (raw, json)
Hash identifier: cbLE83BQUB2zwHtcgts+rqHNbGMPtglsG/r+a/bQ7Bo=
Subject key identifier: 35:9B:A9:8B:79:4E:EC:35:0A:90:06:8A:04:32:3B:78:69:44:7A:BB
Certificate issuer: /CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Certificate serial: 0189B102A37D0CFD159CC73CB3408E2DB5C1
Authority key identifier: A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/NZupi3lO7DUKkAaKBDI7eGlEers.roa
Signing time: Tue 01 Aug 2023 12:11:27 +0000
ROA not before: Tue 01 Aug 2023 12:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14907
IP address blocks: 91.198.174.0/24 maxlen: 24
185.71.138.0/24 maxlen: 24
185.15.56.0/24 maxlen: 24
185.15.57.0/24 maxlen: 24
185.15.58.0/24 maxlen: 24
185.15.59.0/24 maxlen: 24
2a02:ec80:600::/48 maxlen: 48
2a02:ec80:500::/48 maxlen: 48
2a02:ec80:300::/48 maxlen: 48
2001:67c:930::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:02:a3:7d:0c:fd:15:9c:c7:3c:b3:40:8e:2d:b5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a8e44e573c53c7192312fcc72150d2de377d6d
Validity
Not Before: Aug 1 12:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359ba98b794eec350a90068a04323b7869447abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fd:14:de:4d:f7:b4:12:1f:58:03:5d:fc:c6:
15:fe:b2:b4:4a:64:11:43:1a:4f:63:4d:c5:50:5a:
12:5c:f5:5a:86:34:c9:00:d4:d8:76:15:c6:3c:ea:
17:30:71:8c:d3:a9:6a:5e:8e:6a:56:10:00:56:37:
3e:8d:2f:ca:19:e8:ec:44:8a:c7:ca:c7:b1:9f:ac:
dd:62:bd:c4:bd:b4:1f:62:97:0c:ae:04:7e:11:28:
62:50:ca:fb:6a:8f:9e:05:d2:7f:45:ee:af:e2:88:
48:5a:f6:a3:f2:eb:fe:da:b0:d1:7d:d2:0a:0a:af:
62:6e:ce:a4:fd:2c:8e:18:48:3f:5b:f7:b0:62:cc:
cb:16:68:0f:c5:7d:25:1d:fd:4d:e4:35:fd:e9:98:
4e:c5:1e:b5:84:76:9c:f6:27:4c:72:d3:a3:ab:a2:
8a:a7:fd:04:45:28:f1:90:0e:61:e6:68:09:6b:d1:
9a:6b:70:e9:ab:a0:e8:9a:8b:9a:35:ed:7c:7e:0f:
0f:0f:f9:5f:5f:9c:27:7e:43:57:fb:7d:4f:61:08:
45:5b:e9:09:de:31:84:bd:42:37:43:a2:4f:01:aa:
50:13:fe:62:02:a3:59:48:4b:1e:f1:50:d4:e3:e1:
5c:5a:77:a5:7b:eb:4e:cd:1b:b6:5b:25:aa:5a:b2:
42:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9B:A9:8B:79:4E:EC:35:0A:90:06:8A:04:32:3B:78:69:44:7A:BB
X509v3 Authority Key Identifier:
keyid:A9:A8:E4:4E:57:3C:53:C7:19:23:12:FC:C7:21:50:D2:DE:37:7D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qajkTlc8U8cZIxL8xyFQ0t43fW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/NZupi3lO7DUKkAaKBDI7eGlEers.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/452dd5-d0e4-4d4b-8ae6-1951345cea33/1/qajkTlc8U8cZIxL8xyFQ0t43fW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.174.0/24
185.15.56.0/22
185.71.138.0/24
IPv6:
2001:67c:930::/48
2a02:ec80:300::/48
2a02:ec80:500::/48
2a02:ec80:600::/48
Signature Algorithm: sha256WithRSAEncryption
25:e6:59:04:e0:27:33:7f:d8:e3:82:18:8e:db:d5:ab:41:9b:
3c:87:48:bc:7d:69:46:7d:0a:37:06:e7:a4:93:65:8f:4c:00:
7e:d8:fc:b0:8f:8b:9b:5a:4f:f0:79:88:0e:d2:16:a3:40:69:
83:94:d6:c2:e5:fd:ee:10:c7:1d:fe:9c:9c:b5:ca:f7:27:03:
fd:b8:9f:e3:a9:c0:d8:61:0a:19:b1:d6:0c:e6:ef:76:11:7b:
a5:70:49:98:18:17:d3:8c:c4:3c:39:57:b6:84:79:aa:e2:c4:
dd:b4:fe:6d:76:62:49:55:d8:a2:17:5a:bc:1c:70:05:86:c6:
9e:db:71:82:8e:6d:6d:15:a7:c6:21:26:db:b1:67:13:1f:29:
c0:4e:9d:a8:fd:55:ee:bd:10:90:f2:9b:38:fc:4a:94:d9:f5:
bf:f2:62:70:16:04:4b:32:28:70:f9:0d:ea:61:f1:a2:8a:a1:
20:02:5f:38:f7:f0:f5:dd:12:2f:c9:19:67:6b:16:7c:17:83:
bb:8b:6f:00:6d:aa:f0:f7:73:3c:40:54:4f:b3:17:14:82:f6:
64:62:f8:e9:f6:67:ca:0b:a9:f3:e3:af:b0:8a:68:e5:95:91:
02:c5:84:1c:16:0e:ef:e1:76:bd:93:fd:12:c7:17:6a:31:09:
51:bf:b8:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYmxAqN9DP0VnMc8s0COLbXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YThlNDRlNTczYzUzYzcxOTIzMTJmY2M3MjE1MGQyZGUz
NzdkNmQwHhcNMjMwODAxMTIxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTliYTk4Yjc5NGVlYzM1MGE5MDA2OGEwNDMyM2I3ODY5NDQ3YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP0U3k33tBIfWANd/MYV/rK0SmQR
QxpPY03FUFoSXPVahjTJANTYdhXGPOoXMHGM06lqXo5qVhAAVjc+jS/KGejsRIrH
ysexn6zdYr3EvbQfYpcMrgR+EShiUMr7ao+eBdJ/Re6v4ohIWvaj8uv+2rDRfdIK
Cq9ibs6k/SyOGEg/W/ewYszLFmgPxX0lHf1N5DX96ZhOxR61hHac9idMctOjq6KK
p/0ERSjxkA5h5mgJa9Gaa3Dpq6DomouaNe18fg8PD/lfX5wnfkNX+31PYQhFW+kJ
3jGEvUI3Q6JPAapQE/5iAqNZSEse8VDU4+FcWnele+tOzRu2WyWqWrJChQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDWbqYt5Tuw1CpAGigQyO3hpRHq7MB8GA1UdIwQY
MBaAFKmo5E5XPFPHGSMS/MchUNLeN31tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYt
MTk1MTM0NWNlYTMzLzEvTlp1cGkzbE83RFVLa0FhS0JESTdlR2xFZXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy80NTJkZDUtZDBlNC00ZDRiLThhZTYtMTk1MTM0NWNlYTMz
LzEvcWFqa1RsYzhVOGNaSXhMOHh5RlEwdDQzZlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAYBAIAATASAwQAW8auAwQC
uQ84AwQAuUeKMCoEAgACMCQDBwAgAQZ8CTADBwAqAuyAAwADBwAqAuyABQADBwAq
AuyABgAwDQYJKoZIhvcNAQELBQADggEBACXmWQTgJzN/2OOCGI7b1atBmzyHSLx9
aUZ9CjcG56STZY9MAH7Y/LCPi5taT/B5iA7SFqNAaYOU1sLl/e4Qxx3+nJy1yvcn
A/24n+OpwNhhChmx1gzm73YRe6VwSZgYF9OMxDw5V7aEearixN20/m12YklV2KIX
WrwccAWGxp7bcYKObW0Vp8YhJtuxZxMfKcBOnaj9Ve69EJDymzj8SpTZ9b/yYnAW
BEsyKHD5Deph8aKKoSACXzj38PXdEi/JGWdrFnwXg7uLbwBtqvD3czxAVE+zFxSC
9mRi+On2Z8oLqfPjr7CKaOWVkQLFhBwWDu/hdr2T/RLHF2oxCVG/uJ0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:31 2025 by rpki-client