Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/N3scgTH1HYR-g0ISXyk7Y-qI998.roa
File: N3scgTH1HYR-g0ISXyk7Y-qI998.roa (raw, json)
Hash identifier: kh15874Wj3HBa2JK6BZHdexLyik/E+KsK2lTfg0eKG4=
Subject key identifier: 37:7B:1C:81:31:F5:1D:84:7E:83:42:12:5F:29:3B:63:EA:88:F7:DF
Certificate issuer: /CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Certificate serial: 026459
Authority key identifier: 31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/N3scgTH1HYR-g0ISXyk7Y-qI998.roa
Signing time: Thu 19 May 2022 08:01:17 +0000
ROA not before: Thu 19 May 2022 08:01:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41898
IP address blocks: 91.135.16.0/20 maxlen: 20
95.130.32.0/21 maxlen: 21
158.255.56.0/21 maxlen: 21
158.255.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156761 (0x26459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Validity
Not Before: May 19 08:01:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=377b1c8131f51d847e8342125f293b63ea88f7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fd:5a:64:6b:d1:e1:19:da:ab:44:d5:3d:ea:
29:1a:ce:71:8d:af:b6:34:7a:f8:45:e2:5f:da:8b:
da:54:8d:39:ec:5a:4f:a0:66:a1:de:6b:ee:fa:e5:
a3:31:51:62:2e:d7:cd:eb:5f:5b:14:a7:8d:e3:5b:
44:85:8a:e0:c3:41:d0:e9:89:89:72:88:de:9b:80:
c8:1a:91:73:c0:e5:bd:c0:32:8c:dc:02:43:8b:5a:
20:72:d4:31:dd:40:81:0e:95:22:da:51:ae:58:50:
9c:fe:dc:40:8e:52:9c:0f:c7:f6:3c:18:69:44:6d:
f1:fa:8c:48:02:3c:ef:6c:fc:66:9a:61:61:34:52:
ba:45:d9:f7:7b:6b:47:7b:5b:04:ce:01:af:66:ff:
76:77:bb:66:d7:60:93:15:49:f2:06:c5:67:a8:38:
25:19:82:6b:bf:df:1b:60:5a:8b:99:4e:d4:58:61:
81:3b:bb:c4:18:2e:66:5f:b3:cd:07:15:e9:44:32:
06:cc:59:6a:26:41:e7:28:a6:4e:ff:d7:72:94:93:
96:03:78:77:46:13:72:b9:c9:66:eb:ef:d8:1d:73:
eb:4b:f6:8c:f3:14:b1:50:a1:8c:36:45:e7:8d:a7:
b5:23:8b:31:0a:1f:5f:37:cd:5f:85:37:ee:71:d4:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:7B:1C:81:31:F5:1D:84:7E:83:42:12:5F:29:3B:63:EA:88:F7:DF
X509v3 Authority Key Identifier:
keyid:31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/N3scgTH1HYR-g0ISXyk7Y-qI998.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.16.0/20
95.130.32.0/21
158.255.56.0/21
Signature Algorithm: sha256WithRSAEncryption
62:06:c8:55:b7:2a:46:2b:4b:81:c0:bf:ee:8b:d7:ba:5d:6e:
17:7f:91:ee:55:da:0a:e3:94:d4:e3:c6:4e:da:ab:81:af:23:
9c:e5:e1:98:a6:85:92:d0:8b:4d:be:60:22:db:09:31:77:90:
fb:42:5c:78:ac:ba:40:25:90:d8:01:82:ed:6b:85:2b:30:e7:
0e:10:4d:f5:63:32:6a:af:a1:03:75:06:4a:8c:de:1f:ff:0f:
84:14:55:43:23:b1:b5:fc:6b:67:3a:26:6e:f0:6f:d0:ab:d0:
c3:b1:3b:ee:05:02:19:1c:3b:b3:dd:26:25:c0:61:ee:99:6e:
fd:64:71:45:61:28:35:ca:32:4a:1d:c4:a5:62:18:f8:f3:ad:
0d:85:c2:8d:5e:7a:68:4c:ec:45:35:01:40:49:34:4a:05:0e:
a2:8b:9b:ec:df:59:0d:df:7b:3f:a4:21:1b:42:da:65:4f:e2:
52:c8:b5:86:93:df:cd:8b:de:45:4a:ec:1c:3d:7c:ea:99:88:
49:fc:ca:dd:05:33:ac:b7:36:94:16:b4:11:04:a2:a5:34:dc:
bc:23:e0:d7:3d:21:0f:fc:41:38:cb:81:40:78:da:a7:9c:c4:
95:0b:bc:bc:b4:43:60:97:c0:8c:9f:8e:5c:d8:90:ca:7d:7a:
77:40:11:11
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDAmRZMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDMx
ODI4Yzk5ZDM1Y2I5MmUyZDUzZGFmMTI4ZTQ5N2U4NDFiNjNhYjAwHhcNMjIwNTE5
MDgwMTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNzdiMWM4MTMxZjUx
ZDg0N2U4MzQyMTI1ZjI5M2I2M2VhODhmN2RmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1v1aZGvR4Rnaq0TVPeopGs5xja+2NHr4ReJf2ovaVI057FpP
oGah3mvu+uWjMVFiLtfN619bFKeN41tEhYrgw0HQ6YmJcojem4DIGpFzwOW9wDKM
3AJDi1ogctQx3UCBDpUi2lGuWFCc/txAjlKcD8f2PBhpRG3x+oxIAjzvbPxmmmFh
NFK6Rdn3e2tHe1sEzgGvZv92d7tm12CTFUnyBsVnqDglGYJrv98bYFqLmU7UWGGB
O7vEGC5mX7PNBxXpRDIGzFlqJkHnKKZO/9dylJOWA3h3RhNyuclm6+/YHXPrS/aM
8xSxUKGMNkXnjae1I4sxCh9fN81fhTfucdSCUwIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFDd7HIEx9R2EfoNCEl8pO2PqiPffMB8GA1UdIwQYMBaAFDGCjJnTXLkuLVPa
8Sjkl+hBtjqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1LzEv
TjNzY2dUSDFIWVItZzBJU1h5azdZLXFJOTk4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82
Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1LzEvTVlLTW1kTmN1UzR0
VTlyeEtPU1g2RUcyT3JBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEW4cQAwQDX4IgAwQDnv84MA0GCSqG
SIb3DQEBCwUAA4IBAQBiBshVtypGK0uBwL/ui9e6XW4Xf5HuVdoK45TU48ZO2quB
ryOc5eGYpoWS0ItNvmAi2wkxd5D7Qlx4rLpAJZDYAYLta4UrMOcOEE31YzJqr6ED
dQZKjN4f/w+EFFVDI7G1/GtnOiZu8G/Qq9DDsTvuBQIZHDuz3SYlwGHumW79ZHFF
YSg1yjJKHcSlYhj4860NhcKNXnpoTOxFNQFASTRKBQ6ii5vs31kN33s/pCEbQtpl
T+JSyLWGk9/Ni95FSuwcPXzqmYhJ/MrdBTOstzaUFrQRBKKlNNy8I+DXPSEP/EE4
y4FAeNqnnMSVC7y8tENgl8CMn45c2JDKfXp3QBER
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:50 2025 by rpki-client