Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/NorWXrOQT4eusHmmhXli3qdBbyI.roa
File: NorWXrOQT4eusHmmhXli3qdBbyI.roa (raw, json)
Hash identifier: Ah3mhGjpDv61AZoGqJ4q9oGvbfJxh+1KpU+SJpGYksc=
Subject key identifier: 36:8A:D6:5E:B3:90:4F:87:AE:B0:79:A6:85:79:62:DE:A7:41:6F:22
Certificate issuer: /CN=b653166a6f1f33e4720e67d24dd32e44580352f0
Certificate serial: 01856EB8FE8BD00D179208E9A4DBB5AB9C98
Authority key identifier: B6:53:16:6A:6F:1F:33:E4:72:0E:67:D2:4D:D3:2E:44:58:03:52:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tlMWam8fM-RyDmfSTdMuRFgDUvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/NorWXrOQT4eusHmmhXli3qdBbyI.roa
Signing time: Sun 01 Jan 2023 19:04:55 +0000
ROA not before: Sun 01 Jan 2023 19:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39702
IP address blocks: 89.106.216.0/21 maxlen: 24
185.5.100.0/22 maxlen: 24
178.251.88.0/21 maxlen: 24
85.190.192.0/19 maxlen: 24
2a01:4d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:fe:8b:d0:0d:17:92:08:e9:a4:db:b5:ab:9c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b653166a6f1f33e4720e67d24dd32e44580352f0
Validity
Not Before: Jan 1 19:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=368ad65eb3904f87aeb079a6857962dea7416f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2e:5a:63:4f:60:8b:68:7d:92:f2:f2:cf:84:
8b:de:68:ba:ce:be:19:7a:f5:14:6e:a8:48:05:cf:
d3:74:f9:91:05:7b:8a:f7:89:52:44:e6:cb:49:3b:
40:0d:50:fc:cb:c2:de:05:4d:5b:0e:7a:6b:a7:85:
d8:2b:14:cd:ea:c2:fe:39:2b:0d:d1:50:ad:32:82:
ba:c6:64:f8:2e:d6:e8:3d:cb:64:41:d8:7f:72:61:
c6:69:9b:6a:a1:58:9f:89:d9:f7:35:83:db:a8:0a:
27:f9:9a:75:e9:cb:1a:7e:9e:17:a1:09:cf:4e:a1:
3e:05:8a:f4:0c:d8:16:79:6a:12:20:e4:59:ed:8c:
4f:c9:1e:c3:12:55:96:3b:f8:6f:bf:db:1d:cc:d2:
9d:21:6c:37:37:1b:25:48:3f:8b:e0:1e:bf:02:9c:
d1:a4:83:db:0b:c7:d6:20:95:2e:c1:a4:17:99:ac:
c9:30:1e:74:e0:ca:ca:3b:fb:5e:07:50:37:d9:d3:
18:25:9b:cd:12:cc:a5:92:bc:df:ad:74:d0:ca:50:
de:a2:d3:87:9d:8a:c1:22:db:dd:de:ac:58:de:5b:
90:3f:fc:f9:6e:5d:9f:63:de:60:a5:c7:4d:4e:ce:
1b:6e:17:eb:c7:8b:4b:b5:23:57:5e:db:39:3c:6a:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8A:D6:5E:B3:90:4F:87:AE:B0:79:A6:85:79:62:DE:A7:41:6F:22
X509v3 Authority Key Identifier:
keyid:B6:53:16:6A:6F:1F:33:E4:72:0E:67:D2:4D:D3:2E:44:58:03:52:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tlMWam8fM-RyDmfSTdMuRFgDUvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/NorWXrOQT4eusHmmhXli3qdBbyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/tlMWam8fM-RyDmfSTdMuRFgDUvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.192.0/19
89.106.216.0/21
178.251.88.0/21
185.5.100.0/22
IPv6:
2a01:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
82:70:67:c0:0f:e9:a7:c0:7d:83:8c:19:ed:45:d5:e6:19:f6:
32:26:91:c3:fc:fd:6d:db:40:af:2c:62:52:9e:6c:3a:ec:46:
a0:a0:0a:c3:f4:ff:38:c9:3c:db:b4:fb:45:6f:01:f3:53:6e:
3e:10:0d:37:5a:8a:c6:0b:d5:cb:ba:ba:23:0f:9d:63:5a:7d:
0d:dd:48:ac:7d:6e:6f:3c:f8:99:5e:a6:19:6a:f0:f5:e7:8a:
47:e1:f8:38:92:4c:fc:aa:aa:92:c3:30:5f:3e:11:30:6a:3a:
3a:a9:cb:9e:a9:8b:21:50:9d:01:08:4a:f4:d1:af:28:63:bb:
8c:96:29:cb:3f:44:c1:c6:2b:6c:f6:89:80:3c:dc:0b:95:0f:
fc:73:dc:cc:f1:2b:0d:b5:20:cd:ec:a5:6b:c1:4a:f7:68:42:
34:aa:82:f2:07:ec:b3:c7:a3:9a:2d:27:56:67:2e:12:b3:57:
6f:06:d4:63:45:e8:d8:e2:d2:80:66:42:e3:fb:7c:b6:40:54:
51:99:1d:9c:f2:16:b8:dc:98:6c:90:67:56:77:1d:b6:d0:e4:
ba:69:6a:65:7d:d8:d5:9f:38:73:7d:ae:39:29:19:3e:6a:b3:
19:31:21:7d:c5:06:bb:9d:a1:c0:7b:60:2b:74:ed:64:fc:50:
9d:56:5f:c2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVuuP6L0A0XkgjppNu1q5yYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NTMxNjZhNmYxZjMzZTQ3MjBlNjdkMjRkZDMyZTQ0NTgw
MzUyZjAwHhcNMjMwMTAxMTkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjhhZDY1ZWIzOTA0Zjg3YWViMDc5YTY4NTc5NjJkZWE3NDE2ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly5aY09gi2h9kvLyz4SL3mi6zr4Z
evUUbqhIBc/TdPmRBXuK94lSRObLSTtADVD8y8LeBU1bDnprp4XYKxTN6sL+OSsN
0VCtMoK6xmT4LtboPctkQdh/cmHGaZtqoVifidn3NYPbqAon+Zp16csafp4XoQnP
TqE+BYr0DNgWeWoSIORZ7YxPyR7DElWWO/hvv9sdzNKdIWw3NxslSD+L4B6/ApzR
pIPbC8fWIJUuwaQXmazJMB504MrKO/teB1A32dMYJZvNEsylkrzfrXTQylDeotOH
nYrBItvd3qxY3luQP/z5bl2fY95gpcdNTs4bbhfrx4tLtSNXXts5PGooiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDaK1l6zkE+HrrB5poV5Yt6nQW8iMB8GA1UdIwQY
MBaAFLZTFmpvHzPkcg5n0k3TLkRYA1LwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGxNV2FtOGZNLVJ5RG1mU1RkTXVSRmdEVXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hZWI4YmMtODg0Yy00MDRmLWJjYjIt
ZmNkMzdmMjYwNDdmLzEvTm9yV1hyT1FUNGV1c0htbWhYbGkzcWRCYnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hZWI4YmMtODg0Yy00MDRmLWJjYjItZmNkMzdmMjYwNDdm
LzEvdGxNV2FtOGZNLVJ5RG1mU1RkTXVSRmdEVXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFVb7AAwQD
WWrYAwQDsvtYAwQCuQVkMA0EAgACMAcDBQAqAU2AMA0GCSqGSIb3DQEBCwUAA4IB
AQCCcGfAD+mnwH2DjBntRdXmGfYyJpHD/P1t20CvLGJSnmw67EagoArD9P84yTzb
tPtFbwHzU24+EA03WorGC9XLurojD51jWn0N3UisfW5vPPiZXqYZavD154pH4fg4
kkz8qqqSwzBfPhEwajo6qcueqYshUJ0BCEr00a8oY7uMlinLP0TBxits9omAPNwL
lQ/8c9zM8SsNtSDN7KVrwUr3aEI0qoLyB+yzx6OaLSdWZy4Ss1dvBtRjRejY4tKA
ZkLj+3y2QFRRmR2c8ha43JhskGdWdx220OS6aWplfdjVnzhzfa45KRk+arMZMSF9
xQa7naHAe2ArdO1k/FCdVl/C
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:27 2025 by rpki-client