Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/nVdwn875GzOdpypew0FoHu0GRKQ.roa
File: nVdwn875GzOdpypew0FoHu0GRKQ.roa (raw, json)
Hash identifier: bXqFRzAy1sng6AyvSR9ZnwcU0sVHZERGDVv3th3a0Gc=
Subject key identifier: 9D:57:70:9F:CE:F9:1B:33:9D:A7:2A:5E:C3:41:68:1E:ED:06:44:A4
Certificate issuer: /CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Certificate serial: 0188442300ED4E03128993C945E815371B1F
Authority key identifier: 72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/nVdwn875GzOdpypew0FoHu0GRKQ.roa
Signing time: Mon 22 May 2023 15:45:24 +0000
ROA not before: Mon 22 May 2023 15:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34968
IP address blocks: 89.207.24.0/21 maxlen: 24
95.155.184.0/21 maxlen: 24
46.38.192.0/19 maxlen: 24
193.238.240.0/22 maxlen: 24
2a01:710::/32 maxlen: 64
2a0f:4880::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:23:00:ed:4e:03:12:89:93:c9:45:e8:15:37:1b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Validity
Not Before: May 22 15:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d57709fcef91b339da72a5ec341681eed0644a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8d:72:06:03:9b:d8:f7:47:61:ea:6f:a5:b4:
08:74:6a:b2:40:a4:d4:e0:d5:87:bc:1c:57:a5:b5:
db:ab:25:e5:b6:c8:4d:d2:9f:91:3d:58:d2:77:dc:
df:da:0f:4b:05:8d:b9:e8:68:bc:0e:c3:aa:cb:61:
99:1b:42:0e:80:73:7e:86:eb:39:1b:5e:33:0e:c1:
3e:a7:d9:50:1a:0a:74:b9:96:a4:01:0b:5a:be:26:
d2:19:4a:16:65:b0:3e:bd:ad:2f:58:3d:d2:ec:b5:
61:74:ea:7c:50:06:05:1d:d7:da:af:c4:79:84:8d:
d6:c6:d0:4a:65:3e:e2:58:d4:b1:f3:20:e3:ad:ea:
07:20:08:6a:cf:1b:82:e0:b0:4e:47:b7:a5:1b:19:
47:42:7c:3c:98:0f:ef:92:3b:a3:53:bf:05:86:b1:
55:b3:2d:f1:f3:f0:e7:f5:60:2c:5d:ff:2a:20:81:
32:70:2d:eb:d7:a6:1c:59:01:72:68:5f:13:80:66:
dd:cd:9b:e9:f6:44:31:36:81:4b:8d:7f:d5:2a:62:
84:3f:00:5b:7b:59:f8:0b:8f:ae:36:b1:c1:b3:77:
6c:5f:2b:d9:1c:2b:88:3e:f2:07:b1:36:f5:45:d5:
37:12:20:85:ab:42:34:f4:aa:ea:f3:14:4c:30:8e:
7b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:57:70:9F:CE:F9:1B:33:9D:A7:2A:5E:C3:41:68:1E:ED:06:44:A4
X509v3 Authority Key Identifier:
keyid:72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/nVdwn875GzOdpypew0FoHu0GRKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.192.0/19
89.207.24.0/21
95.155.184.0/21
193.238.240.0/22
IPv6:
2a01:710::/32
2a0f:4880::/29
Signature Algorithm: sha256WithRSAEncryption
1c:9f:92:65:9d:89:af:bf:c2:fd:23:ae:e7:7d:11:f0:37:ed:
c4:25:36:97:ec:a7:69:08:44:4d:ba:41:49:f4:10:22:47:ed:
67:7b:4e:f6:e2:cc:4d:f0:e7:33:d3:dd:e0:f5:51:73:fb:8f:
23:90:2e:19:e5:c5:56:79:86:7c:ae:1a:39:7c:a7:ce:cc:50:
83:7a:fc:51:a1:7f:62:36:7d:3e:06:73:84:9f:bd:94:6c:dd:
30:ee:d8:8d:77:8d:42:35:79:09:fe:d5:7e:6d:67:4d:17:da:
0b:43:df:9d:a7:1f:30:e4:7e:3f:32:18:d8:f1:9f:cd:1b:0b:
83:fe:0e:28:10:80:43:1e:c4:e2:bd:9a:13:a6:d7:3f:9a:64:
e5:b2:4e:48:4e:e3:58:dd:68:e0:ad:2d:33:28:ad:4f:b9:8f:
ad:52:93:46:99:d8:3f:ee:03:b2:96:19:28:fb:95:b5:9b:b7:
b8:b5:41:a3:6b:7a:78:a5:1d:6a:b0:c6:8d:8a:49:1f:f7:f6:
26:d1:39:66:56:0f:83:73:d0:3a:e4:cf:cf:8a:85:30:a0:6b:
a6:f5:9b:28:c0:02:13:bc:d9:37:af:e6:53:83:24:06:95:a3:
52:ce:06:90:67:54:a7:3e:39:48:7c:50:c6:4d:37:5f:1c:2f:
66:f2:f0:b6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYhEIwDtTgMSiZPJRegVNxsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWFkYzdhN2VjZTQ3N2Q1ZjRkNzc3MjQzYjYwZjJiYmJi
NzU2MDMwHhcNMjMwNTIyMTU0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDU3NzA5ZmNlZjkxYjMzOWRhNzJhNWVjMzQxNjgxZWVkMDY0NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo1yBgOb2PdHYepvpbQIdGqyQKTU
4NWHvBxXpbXbqyXltshN0p+RPVjSd9zf2g9LBY256Gi8DsOqy2GZG0IOgHN+hus5
G14zDsE+p9lQGgp0uZakAQtavibSGUoWZbA+va0vWD3S7LVhdOp8UAYFHdfar8R5
hI3WxtBKZT7iWNSx8yDjreoHIAhqzxuC4LBOR7elGxlHQnw8mA/vkjujU78FhrFV
sy3x8/Dn9WAsXf8qIIEycC3r16YcWQFyaF8TgGbdzZvp9kQxNoFLjX/VKmKEPwBb
e1n4C4+uNrHBs3dsXyvZHCuIPvIHsTb1RdU3EiCFq0I09Krq8xRMMI578QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJ1XcJ/O+RsznacqXsNBaB7tBkSkMB8GA1UdIwQY
MBaAFHLq3Hp+zkd9X013ckO2Dyu7t1YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjkt
NDczODUxNzA5YzU4LzEvblZkd244NzVHek9kcHlwZXcwRm9IdTBHUktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjktNDczODUxNzA5YzU4
LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQFLibAAwQD
Wc8YAwQDX5u4AwQCwe7wMBQEAgACMA4DBQAqAQcQAwUDKg9IgDANBgkqhkiG9w0B
AQsFAAOCAQEAHJ+SZZ2Jr7/C/SOu530R8DftxCU2l+ynaQhETbpBSfQQIkftZ3tO
9uLMTfDnM9Pd4PVRc/uPI5AuGeXFVnmGfK4aOXynzsxQg3r8UaF/YjZ9PgZzhJ+9
lGzdMO7YjXeNQjV5Cf7Vfm1nTRfaC0PfnacfMOR+PzIY2PGfzRsLg/4OKBCAQx7E
4r2aE6bXP5pk5bJOSE7jWN1o4K0tMyitT7mPrVKTRpnYP+4DspYZKPuVtZu3uLVB
o2t6eKUdarDGjYpJH/f2JtE5ZlYPg3PQOuTPz4qFMKBrpvWbKMACE7zZN6/mU4Mk
BpWjUs4GkGdUpz45SHxQxk03XxwvZvLwtg==
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:57:15 2025 by rpki-client