Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/nDvfbHZ2jXxfXK2FlGkUqWCrj_Y.roa
File: nDvfbHZ2jXxfXK2FlGkUqWCrj_Y.roa (raw, json)
Hash identifier: UhmkzkZG37CwWzYeBMasWDTnrZYK70JJ+oytvXduZEo=
Subject key identifier: 9C:3B:DF:6C:76:76:8D:7C:5F:5C:AD:85:94:69:14:A9:60:AB:8F:F6
Certificate issuer: /CN=f4ac99d77a7a1c84dd47f43bb72051aa73b1aad6
Certificate serial: 01856D93FE2C4731EBC98BF71F8FA1E5403B
Authority key identifier: F4:AC:99:D7:7A:7A:1C:84:DD:47:F4:3B:B7:20:51:AA:73:B1:AA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/nDvfbHZ2jXxfXK2FlGkUqWCrj_Y.roa
Signing time: Sun 01 Jan 2023 13:44:53 +0000
ROA not before: Sun 01 Jan 2023 13:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203015
IP address blocks: 91.213.103.0/24 maxlen: 24
194.50.33.0/24 maxlen: 24
193.23.178.0/24 maxlen: 24
193.23.177.0/24 maxlen: 24
193.23.176.0/24 maxlen: 24
2a0c:82c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:fe:2c:47:31:eb:c9:8b:f7:1f:8f:a1:e5:40:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4ac99d77a7a1c84dd47f43bb72051aa73b1aad6
Validity
Not Before: Jan 1 13:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c3bdf6c76768d7c5f5cad85946914a960ab8ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:12:1f:ae:2f:9f:f7:91:c8:4b:ac:52:34:
9a:b1:f8:e4:e1:d8:b9:54:70:1a:ed:92:d7:47:c7:
8a:51:c2:86:2e:77:7b:1d:6f:20:1a:30:a9:80:78:
b3:95:2a:03:a8:8d:96:b5:d7:6f:56:8c:7c:6a:76:
57:52:29:f9:14:99:70:43:9d:fa:72:4a:1b:08:1f:
88:4b:d1:cc:23:fb:f5:cb:f9:bc:57:59:75:51:52:
5f:92:90:2f:93:8b:df:6c:23:55:3c:8d:d3:ae:56:
6b:bc:30:76:9a:e6:7e:f6:5e:ce:10:06:0d:e4:b9:
78:69:fd:61:50:33:9e:ca:39:17:42:70:66:71:2e:
82:cf:97:ac:36:cb:46:5d:c7:b2:94:2c:9d:f6:34:
04:88:a7:fb:4f:c1:99:0a:09:a4:20:81:c5:cb:17:
c4:44:b6:6e:a9:10:4b:a1:90:1e:2d:10:77:8e:5a:
16:80:fe:2b:5e:ab:cf:d6:99:61:f7:c7:09:30:27:
f5:46:a5:65:3d:15:2c:71:f9:45:3e:9a:39:fe:08:
49:aa:99:7b:17:34:b1:d4:0d:db:84:95:37:57:c9:
af:82:6c:f5:e5:bd:88:e4:4d:a9:1c:27:6c:f2:35:
8f:80:e9:e7:bd:ea:16:e4:83:99:ba:67:3e:62:95:
0d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3B:DF:6C:76:76:8D:7C:5F:5C:AD:85:94:69:14:A9:60:AB:8F:F6
X509v3 Authority Key Identifier:
keyid:F4:AC:99:D7:7A:7A:1C:84:DD:47:F4:3B:B7:20:51:AA:73:B1:AA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9KyZ13p6HITdR_Q7tyBRqnOxqtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/nDvfbHZ2jXxfXK2FlGkUqWCrj_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a76445-198a-4f85-bbf8-66cca81e6c07/1/9KyZ13p6HITdR_Q7tyBRqnOxqtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.103.0/24
193.23.176.0-193.23.178.255
194.50.33.0/24
IPv6:
2a0c:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:55:f6:a1:c4:21:96:d2:4f:bb:e8:de:7b:e8:f6:b7:75:91:
a5:ef:ad:27:d3:16:e4:5c:d5:2f:bb:12:77:a4:9d:90:aa:3e:
9d:2a:4d:20:62:86:e8:f7:05:ab:6f:7a:51:28:6a:6d:ec:14:
7a:78:a4:40:0e:30:2c:a1:8c:e7:0e:8d:e5:9a:42:27:13:d0:
83:a6:ac:8c:37:eb:11:06:77:16:f2:f9:15:6d:13:e5:4a:09:
a3:fc:b0:1d:0c:fa:23:c2:ea:55:8a:aa:dc:9b:21:94:b3:f4:
a0:f7:dc:4d:fb:b6:8e:99:5e:c4:98:d7:51:03:3a:bf:c4:9d:
0b:87:3a:da:da:00:00:74:73:ed:9b:8a:7b:38:3d:6f:79:13:
53:d0:71:c2:18:52:9c:76:c0:ef:1a:2e:9c:4d:03:02:15:ce:
9d:fe:66:b3:08:fa:96:75:1a:ec:85:5d:93:b6:6d:a0:d2:cd:
30:d2:33:72:f2:54:a5:19:89:52:e0:12:5b:2e:b1:68:da:95:
98:ce:61:4f:42:f6:94:5b:91:14:5e:b4:7b:b9:35:e9:41:66:
20:86:42:bc:c9:ad:02:0a:32:c8:a1:21:b2:69:ab:52:a2:79:
59:f2:d5:de:19:d1:5b:0f:48:8a:26:d9:c4:c2:5f:d6:51:6c:
f5:b2:ee:72
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVtk/4sRzHryYv3H4+h5UA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YWM5OWQ3N2E3YTFjODRkZDQ3ZjQzYmI3MjA1MWFhNzNi
MWFhZDYwHhcNMjMwMTAxMTM0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNiZGY2Yzc2NzY4ZDdjNWY1Y2FkODU5NDY5MTRhOTYwYWI4ZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCgSH64vn/eRyEusUjSasfjk4di5
VHAa7ZLXR8eKUcKGLnd7HW8gGjCpgHizlSoDqI2WtddvVox8anZXUin5FJlwQ536
ckobCB+IS9HMI/v1y/m8V1l1UVJfkpAvk4vfbCNVPI3TrlZrvDB2muZ+9l7OEAYN
5Ll4af1hUDOeyjkXQnBmcS6Cz5esNstGXceylCyd9jQEiKf7T8GZCgmkIIHFyxfE
RLZuqRBLoZAeLRB3jloWgP4rXqvP1plh98cJMCf1RqVlPRUscflFPpo5/ghJqpl7
FzSx1A3bhJU3V8mvgmz15b2I5E2pHCds8jWPgOnnveoW5IOZumc+YpUN1QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJw732x2do18X1ythZRpFKlgq4/2MB8GA1UdIwQY
MBaAFPSsmdd6ehyE3Uf0O7cgUapzsarWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUt5WjEzcDZISVRkUl9RN3R5QlJxbk94cXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNzY0NDUtMTk4YS00Zjg1LWJiZjgt
NjZjY2E4MWU2YzA3LzEvbkR2ZmJIWjJqWHhmWEsyRmxHa1VxV0Nyal9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNzY0NDUtMTk4YS00Zjg1LWJiZjgtNjZjY2E4MWU2YzA3
LzEvOUt5WjEzcDZISVRkUl9RN3R5QlJxbk94cXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAW9VnMAwD
BATBF7ADBADBF7IDBADCMiEwDQQCAAIwBwMFAyoMgsAwDQYJKoZIhvcNAQELBQAD
ggEBAIBV9qHEIZbST7vo3nvo9rd1kaXvrSfTFuRc1S+7EneknZCqPp0qTSBihuj3
BatvelEoam3sFHp4pEAOMCyhjOcOjeWaQicT0IOmrIw36xEGdxby+RVtE+VKCaP8
sB0M+iPC6lWKqtybIZSz9KD33E37to6ZXsSY11EDOr/EnQuHOtraAAB0c+2bins4
PW95E1PQccIYUpx2wO8aLpxNAwIVzp3+ZrMI+pZ1GuyFXZO2baDSzTDSM3LyVKUZ
iVLgElsusWjalZjOYU9C9pRbkRRetHu5NelBZiCGQrzJrQIKMsihIbJpq1KieVny
1d4Z0VsPSIom2cTCX9ZRbPWy7nI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:37 2025 by rpki-client