Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/nmOY5DkmQV0WdijGJiE0g884MBw.roa
File: nmOY5DkmQV0WdijGJiE0g884MBw.roa (raw, json)
Hash identifier: JIWWBqHsD+lzGtPjkcSZR3D1+hJazgKrPzSaXsXPp8s=
Subject key identifier: 9E:63:98:E4:39:26:41:5D:16:76:28:C6:26:21:34:83:CF:38:30:1C
Certificate issuer: /CN=8407f0063ee9af31d87cfe65b9bc193eb42c8969
Certificate serial: 018BF642BBB01A3E2A0ABDCEF05CE35F4341
Authority key identifier: 84:07:F0:06:3E:E9:AF:31:D8:7C:FE:65:B9:BC:19:3E:B4:2C:89:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/nmOY5DkmQV0WdijGJiE0g884MBw.roa
Signing time: Wed 22 Nov 2023 09:00:50 +0000
ROA not before: Wed 22 Nov 2023 09:00:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 91.223.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:42:bb:b0:1a:3e:2a:0a:bd:ce:f0:5c:e3:5f:43:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8407f0063ee9af31d87cfe65b9bc193eb42c8969
Validity
Not Before: Nov 22 09:00:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e6398e43926415d167628c626213483cf38301c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:aa:69:95:35:bb:62:59:16:02:be:4a:6b:6e:
24:89:7d:d2:65:30:84:4e:d4:14:39:d5:fa:1d:58:
5d:ef:3c:4a:e8:f0:a9:5f:78:c5:79:24:7a:7a:ff:
ee:6a:84:09:eb:b7:ce:9c:09:a3:fa:5b:cb:48:7f:
21:23:54:e1:81:b4:74:43:75:d9:b1:d6:9f:ec:9a:
47:35:8e:40:46:31:8d:1c:3c:2a:2f:6e:06:ca:3b:
49:2d:3c:b6:30:34:8f:61:d3:96:a2:b5:b4:4b:a6:
25:cf:2f:2a:d0:58:69:1a:50:9e:4f:fe:6d:8c:3d:
4a:d1:f6:ec:95:d2:79:0b:6a:3a:c8:75:bf:d1:46:
56:25:21:72:2c:e6:da:86:f4:74:0d:e5:6a:f8:c6:
bf:d6:94:79:ad:c8:b3:ce:f6:bc:6f:3f:6d:fa:0e:
2b:61:81:e7:58:ea:6b:97:1b:f0:c2:ba:43:36:95:
52:9d:47:78:34:c4:ba:8c:b4:95:4f:9c:ee:ac:86:
df:30:f9:0f:9d:54:9e:ce:28:eb:17:5b:c5:4e:0f:
f8:20:27:af:db:2b:a2:2c:0f:66:ce:04:be:29:8a:
92:5e:3f:f1:ea:0a:de:a1:ff:bc:b4:fe:83:5f:3c:
4f:e5:5e:60:37:a7:26:41:e0:a4:1a:61:ee:8d:ce:
0e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:63:98:E4:39:26:41:5D:16:76:28:C6:26:21:34:83:CF:38:30:1C
X509v3 Authority Key Identifier:
keyid:84:07:F0:06:3E:E9:AF:31:D8:7C:FE:65:B9:BC:19:3E:B4:2C:89:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAfwBj7przHYfP5lubwZPrQsiWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/nmOY5DkmQV0WdijGJiE0g884MBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/657c59-e3b9-404f-afab-e1efcf2ed0a7/1/hAfwBj7przHYfP5lubwZPrQsiWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.210.0/24
Signature Algorithm: sha256WithRSAEncryption
71:be:ea:d9:09:88:e9:78:39:dd:30:14:79:b5:a8:d2:c4:01:
53:18:05:5a:5e:dd:17:27:0b:49:13:ac:03:95:d6:c9:b8:a1:
85:95:c4:97:40:1a:c9:cf:73:55:1c:e1:35:51:2a:64:92:69:
e7:e2:ba:ee:03:0e:bb:03:0f:5f:18:8e:49:f3:f6:e1:00:7a:
98:43:ab:e4:d2:cc:f8:64:33:b0:95:90:f6:04:6e:8e:39:86:
ff:99:bd:13:24:74:ab:53:a3:70:6e:55:6e:8f:1c:e3:7b:3e:
39:7f:69:eb:6b:63:ec:df:07:bd:3c:ec:ea:1f:7b:97:0a:c6:
68:97:0e:41:2e:88:71:eb:74:07:30:6c:b4:ab:77:1c:a3:48:
b6:15:71:a8:3c:1b:33:24:ce:9f:3b:0b:0b:6c:20:ae:2f:27:
e5:64:19:30:dd:88:52:57:73:2b:d5:cf:24:03:de:97:10:f3:
f0:1e:f8:f9:ad:72:11:50:dc:a3:52:51:91:f6:63:17:94:6c:
de:90:ae:70:c8:a1:b9:cc:e9:2f:5b:d2:58:d2:44:2f:dc:b0:
19:8b:eb:4f:37:c2:d5:c4:63:5f:cd:c4:f9:cb:78:ab:47:63:
12:72:dd:6f:35:7f:3f:82:86:a7:3f:34:90:1b:3f:54:f2:70:
34:a3:54:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv2QruwGj4qCr3O8FzjX0NBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MDdmMDA2M2VlOWFmMzFkODdjZmU2NWI5YmMxOTNlYjQy
Yzg5NjkwHhcNMjMxMTIyMDkwMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTYzOThlNDM5MjY0MTVkMTY3NjI4YzYyNjIxMzQ4M2NmMzgzMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKpplTW7YlkWAr5Ka24kiX3SZTCE
TtQUOdX6HVhd7zxK6PCpX3jFeSR6ev/uaoQJ67fOnAmj+lvLSH8hI1ThgbR0Q3XZ
sdaf7JpHNY5ARjGNHDwqL24GyjtJLTy2MDSPYdOWorW0S6Ylzy8q0FhpGlCeT/5t
jD1K0fbsldJ5C2o6yHW/0UZWJSFyLObahvR0DeVq+Ma/1pR5rcizzva8bz9t+g4r
YYHnWOprlxvwwrpDNpVSnUd4NMS6jLSVT5zurIbfMPkPnVSezijrF1vFTg/4ICev
2yuiLA9mzgS+KYqSXj/x6greof+8tP6DXzxP5V5gN6cmQeCkGmHujc4OxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5jmOQ5JkFdFnYoxiYhNIPPODAcMB8GA1UdIwQY
MBaAFIQH8AY+6a8x2Hz+Zbm8GT60LIlpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NTdjNTktZTNiOS00MDRmLWFmYWIt
ZTFlZmNmMmVkMGE3LzEvbm1PWTVEa21RVjBXZGlqR0ppRTBnODg0TUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS82NTdjNTktZTNiOS00MDRmLWFmYWItZTFlZmNmMmVkMGE3
LzEvaEFmd0JqN3ByekhZZlA1bHVid1pQclFzaVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9/SMA0G
CSqGSIb3DQEBCwUAA4IBAQBxvurZCYjpeDndMBR5tajSxAFTGAVaXt0XJwtJE6wD
ldbJuKGFlcSXQBrJz3NVHOE1USpkkmnn4rruAw67Aw9fGI5J8/bhAHqYQ6vk0sz4
ZDOwlZD2BG6OOYb/mb0TJHSrU6NwblVujxzjez45f2nra2Ps3we9POzqH3uXCsZo
lw5BLohx63QHMGy0q3cco0i2FXGoPBszJM6fOwsLbCCuLyflZBkw3YhSV3Mr1c8k
A96XEPPwHvj5rXIRUNyjUlGR9mMXlGzekK5wyKG5zOkvW9JY0kQv3LAZi+tPN8LV
xGNfzcT5y3irR2MSct1vNX8/goanPzSQGz9U8nA0o1RY
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:29 2025 by rpki-client