Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/NNV6criXZXnoHpmzsh3vSJgzBKk.roa
File: NNV6criXZXnoHpmzsh3vSJgzBKk.roa (raw, json)
Hash identifier: P+gH3SaD2/UbNhGaG+jVldsMjeAxwJdP4na40ozYddA=
Subject key identifier: 34:D5:7A:72:B8:97:65:79:E8:1E:99:B3:B2:1D:EF:48:98:33:04:A9
Certificate issuer: /CN=df512010611f91b16296728a94d1a665b4ab7570
Certificate serial: 092E5457
Authority key identifier: DF:51:20:10:61:1F:91:B1:62:96:72:8A:94:D1:A6:65:B4:AB:75:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/31EgEGEfkbFilnKKlNGmZbSrdXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/NNV6criXZXnoHpmzsh3vSJgzBKk.roa
Signing time: Sat 01 Jan 2022 09:01:10 +0000
ROA not before: Sat 01 Jan 2022 09:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24961
IP address blocks: 91.194.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154031191 (0x92e5457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df512010611f91b16296728a94d1a665b4ab7570
Validity
Not Before: Jan 1 09:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34d57a72b8976579e81e99b3b21def48983304a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:36:92:15:d3:d7:1f:a8:93:32:d5:49:1f:58:
ed:16:33:67:a6:73:d1:8a:f5:ad:4e:d9:f0:3c:ae:
14:25:87:58:d7:d6:0c:df:34:54:e1:f7:1d:24:aa:
89:a7:6e:4e:b6:f7:58:30:1f:8c:3e:e0:b1:68:de:
c6:f1:6a:4d:e1:db:d7:e7:2b:0d:b9:72:83:2a:0e:
24:52:68:29:48:ef:78:d0:b5:54:35:a9:be:05:6f:
f7:d8:3e:ac:0b:a1:c6:2f:c8:cc:66:a7:ec:20:8b:
39:45:da:34:99:d4:dd:67:38:83:75:81:c7:64:6a:
45:08:12:42:f2:6c:8c:0c:b3:70:e5:6c:1d:55:70:
b6:1c:84:9c:61:a5:0e:ae:32:73:cb:2f:f8:84:ad:
b0:4b:06:2a:fb:b4:98:28:b4:b2:68:19:68:cc:f1:
d1:14:ba:ce:93:13:9e:6f:ac:40:3b:8e:a1:52:67:
c9:38:8c:6b:72:b0:f1:94:78:60:26:1e:e1:2e:e2:
eb:27:f4:3f:17:93:b5:4c:eb:6a:0d:b6:dc:ab:59:
37:1b:c0:be:c6:17:06:96:b2:f6:6a:55:d0:ab:b9:
06:e3:2a:dc:e1:53:6c:ab:59:76:4f:b1:7c:83:0c:
fd:10:76:5e:72:32:2c:d1:a0:05:cb:e9:b6:c1:7b:
c4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D5:7A:72:B8:97:65:79:E8:1E:99:B3:B2:1D:EF:48:98:33:04:A9
X509v3 Authority Key Identifier:
keyid:DF:51:20:10:61:1F:91:B1:62:96:72:8A:94:D1:A6:65:B4:AB:75:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31EgEGEfkbFilnKKlNGmZbSrdXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/NNV6criXZXnoHpmzsh3vSJgzBKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f7e1-6cbc-4f5a-b2eb-b062e9725b1d/1/31EgEGEfkbFilnKKlNGmZbSrdXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.85.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:87:79:99:a3:cb:9a:2c:ba:d8:7f:23:32:41:bd:c4:e1:56:
e1:08:6e:e0:c4:d3:e1:ac:a2:cb:32:fa:80:df:9d:c8:50:37:
2f:86:3d:03:48:95:72:5d:62:6f:db:c1:a5:5a:34:39:4e:68:
69:29:24:7b:b1:e3:08:4a:f9:1f:a5:65:a0:aa:91:d1:dd:6d:
cc:9b:6c:69:3f:1c:3a:88:21:52:3a:eb:82:42:c4:ef:77:a7:
6a:13:bd:e7:ce:41:f7:3a:cc:2c:28:f6:43:2c:bb:2f:8b:16:
1f:13:2e:8b:7a:81:5a:b1:cd:00:44:45:ee:83:87:23:88:2c:
f3:59:76:f1:11:a2:20:bc:ac:92:20:13:01:91:ca:42:7d:bc:
ad:42:5a:05:ac:8a:56:0b:a5:da:b8:f9:7c:ee:79:bc:d3:89:
8c:36:f9:ac:64:6b:75:ee:36:c6:33:29:d5:0a:48:1c:a5:d3:
53:3a:da:13:e1:ad:60:c8:c8:99:0f:44:91:e6:2c:ae:4d:2f:
1a:d3:5e:14:64:a6:0d:d3:95:a6:78:5b:cc:e3:cb:5f:2a:94:
d3:fb:5e:62:2f:17:cc:3c:c6:ca:00:47:05:a6:f3:dd:87:9b:
24:54:0d:e6:e4:5f:39:8b:bc:2f:b8:74:3a:92:5b:22:85:3f:
00:50:2f:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECS5UVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjUxMjAxMDYxMWY5MWIxNjI5NjcyOGE5NGQxYTY2NWI0YWI3NTcwMB4XDTIyMDEw
MTA5MDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRkNTdhNzJiODk3
NjU3OWU4MWU5OWIzYjIxZGVmNDg5ODMzMDRhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQ2khXT1x+okzLVSR9Y7RYzZ6Zz0Yr1rU7Z8DyuFCWHWNfW
DN80VOH3HSSqiaduTrb3WDAfjD7gsWjexvFqTeHb1+crDblygyoOJFJoKUjveNC1
VDWpvgVv99g+rAuhxi/IzGan7CCLOUXaNJnU3Wc4g3WBx2RqRQgSQvJsjAyzcOVs
HVVwthyEnGGlDq4yc8sv+IStsEsGKvu0mCi0smgZaMzx0RS6zpMTnm+sQDuOoVJn
yTiMa3Kw8ZR4YCYe4S7i6yf0PxeTtUzrag223KtZNxvAvsYXBpay9mpV0Ku5BuMq
3OFTbKtZdk+xfIMM/RB2XnIyLNGgBcvptsF7xD8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ01XpyuJdleegembOyHe9ImDMEqTAfBgNVHSMEGDAWgBTfUSAQYR+RsWKW
coqU0aZltKt1cDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMxRWdFR0Vma2JGaWxuS0tsTkdtWmJTcmRYQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvNTBmN2UxLTZjYmMtNGY1YS1iMmViLWIwNjJlOTcyNWIxZC8x
L05OVjZjcmlYWlhub0hwbXpzaDN2U0pnekJLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
NTBmN2UxLTZjYmMtNGY1YS1iMmViLWIwNjJlOTcyNWIxZC8xLzMxRWdFR0Vma2JG
aWxuS0tsTkdtWmJTcmRYQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvCVTANBgkqhkiG9w0BAQsFAAOC
AQEAPId5maPLmiy62H8jMkG9xOFW4Qhu4MTT4ayiyzL6gN+dyFA3L4Y9A0iVcl1i
b9vBpVo0OU5oaSkke7HjCEr5H6VloKqR0d1tzJtsaT8cOoghUjrrgkLE73enahO9
585B9zrMLCj2Qyy7L4sWHxMui3qBWrHNAERF7oOHI4gs81l28RGiILyskiATAZHK
Qn28rUJaBayKVgul2rj5fO55vNOJjDb5rGRrde42xjMp1QpIHKXTUzraE+GtYMjI
mQ9EkeYsrk0vGtNeFGSmDdOVpnhbzOPLXyqU0/teYi8XzDzGygBHBabz3YebJFQN
5uRfOYu8L7h0OpJbIoU/AFAv3Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:17 2023 by rpki-client on console-ams.rpki-client.org