Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/nskIPgHbzpOsMM3ItHM6GcOHErE.roa
File: nskIPgHbzpOsMM3ItHM6GcOHErE.roa (raw, json)
Hash identifier: a4GgPLYszg49eJPMuZIt+P0+BiAaBMfvDwQIfp94yPw=
Subject key identifier: 9E:C9:08:3E:01:DB:CE:93:AC:30:CD:C8:B4:73:3A:19:C3:87:12:B1
Certificate issuer: /CN=110e56177308c20c42fbf42f310f4c0ef6b27890
Certificate serial: 0184C37A94651063D72A9F29112B61A72C21
Authority key identifier: 11:0E:56:17:73:08:C2:0C:42:FB:F4:2F:31:0F:4C:0E:F6:B2:78:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EQ5WF3MIwgxC-_QvMQ9MDvayeJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/nskIPgHbzpOsMM3ItHM6GcOHErE.roa
Signing time: Tue 29 Nov 2022 13:01:41 +0000
ROA not before: Tue 29 Nov 2022 13:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36351
IP address blocks: 91.206.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:7a:94:65:10:63:d7:2a:9f:29:11:2b:61:a7:2c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=110e56177308c20c42fbf42f310f4c0ef6b27890
Validity
Not Before: Nov 29 13:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ec9083e01dbce93ac30cdc8b4733a19c38712b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:da:8e:3d:48:f9:c9:00:73:13:de:b3:dd:99:
28:b3:68:a5:4e:fc:38:1d:da:4e:a1:79:62:7a:ab:
3c:dd:8d:1b:49:e1:fe:1d:b3:ff:d6:29:ec:26:90:
71:02:1b:58:6a:16:c1:3f:96:0a:94:a3:38:b2:f8:
69:65:c7:88:32:01:dc:91:40:9f:4c:02:d5:98:f1:
69:b6:90:49:09:a2:35:d6:47:2f:d8:88:f7:5d:ef:
2b:b9:6d:73:83:6f:4b:71:13:e0:43:75:39:26:8e:
42:b5:f6:ab:bd:3b:9d:1e:f1:bd:b4:21:e9:11:46:
dc:6e:3f:e3:c6:b5:29:5d:fc:3a:21:42:5c:ad:bd:
7c:b2:77:67:9c:ec:1d:f2:5f:6e:a9:b5:72:3b:7a:
1a:52:d8:ba:56:62:52:e2:20:f4:3d:b1:23:03:4f:
91:ea:60:7e:92:42:87:96:da:36:a4:65:16:1e:36:
71:bc:e1:dc:a6:06:9f:a3:4f:a3:fe:fd:32:a2:8d:
33:4d:ac:71:8a:3b:fa:98:8d:f0:d8:98:6a:b3:45:
a5:fb:4d:23:25:b6:f7:6d:d6:ed:56:d6:f0:b7:37:
40:d2:7e:bc:67:8b:5e:45:02:7d:2a:44:8c:ba:ec:
f5:24:9d:3a:d6:9d:83:ae:6b:13:0a:0a:c8:e9:f5:
93:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C9:08:3E:01:DB:CE:93:AC:30:CD:C8:B4:73:3A:19:C3:87:12:B1
X509v3 Authority Key Identifier:
keyid:11:0E:56:17:73:08:C2:0C:42:FB:F4:2F:31:0F:4C:0E:F6:B2:78:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQ5WF3MIwgxC-_QvMQ9MDvayeJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/nskIPgHbzpOsMM3ItHM6GcOHErE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0e5711-2fd4-40ca-9136-6f4e6585b54b/1/EQ5WF3MIwgxC-_QvMQ9MDvayeJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.64.0/24
Signature Algorithm: sha256WithRSAEncryption
25:bd:6c:df:c6:36:70:9a:33:50:bb:93:51:c0:62:dc:c2:91:
21:ed:fa:1b:52:38:e7:ec:45:d6:dc:08:6a:28:08:55:73:00:
59:a7:cd:7f:df:17:4d:bb:1e:44:c5:78:4c:c9:d8:2b:51:58:
bb:e9:56:94:b0:9e:01:80:f0:61:03:39:29:db:f4:df:f7:62:
83:fa:a5:c8:8c:a3:66:13:fb:4a:ed:06:0d:4e:e1:bb:45:f0:
10:93:f2:f4:68:3a:76:ec:64:6d:59:d8:46:58:b3:83:4a:8e:
67:ac:07:32:15:2d:db:14:99:6e:88:93:23:35:37:54:49:cc:
b3:2c:35:20:cf:70:c0:e0:7b:24:fe:8d:03:c5:72:d9:4b:3f:
73:07:86:ee:5d:66:44:df:1e:37:f0:05:be:15:0d:3c:70:ae:
4d:0d:ab:0a:c3:fe:6b:82:13:05:5a:27:f3:c1:25:24:3a:e5:
1d:2a:0f:ed:f3:af:8a:6a:bc:58:7c:a4:c7:69:e0:43:ba:77:
54:92:ca:c3:e0:d8:15:69:03:aa:81:8b:14:ba:cd:f0:a6:dc:
df:79:5e:50:42:cb:8f:96:8f:b7:bd:ba:24:15:8e:41:15:29:
c6:15:81:8b:d5:bf:0e:a8:63:31:9c:cb:c0:c3:bc:b7:46:46:
90:92:10:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTDepRlEGPXKp8pESthpywhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMGU1NjE3NzMwOGMyMGM0MmZiZjQyZjMxMGY0YzBlZjZi
Mjc4OTAwHhcNMjIxMTI5MTMwMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWM5MDgzZTAxZGJjZTkzYWMzMGNkYzhiNDczM2ExOWMzODcxMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9qOPUj5yQBzE96z3Zkos2ilTvw4
HdpOoXlieqs83Y0bSeH+HbP/1insJpBxAhtYahbBP5YKlKM4svhpZceIMgHckUCf
TALVmPFptpBJCaI11kcv2Ij3Xe8ruW1zg29LcRPgQ3U5Jo5CtfarvTudHvG9tCHp
EUbcbj/jxrUpXfw6IUJcrb18sndnnOwd8l9uqbVyO3oaUti6VmJS4iD0PbEjA0+R
6mB+kkKHlto2pGUWHjZxvOHcpgafo0+j/v0yoo0zTaxxijv6mI3w2Jhqs0Wl+00j
Jbb3bdbtVtbwtzdA0n68Z4teRQJ9KkSMuuz1JJ061p2DrmsTCgrI6fWTkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7JCD4B286TrDDNyLRzOhnDhxKxMB8GA1UdIwQY
MBaAFBEOVhdzCMIMQvv0LzEPTA72sniQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVE1V0YzTUl3Z3hDLV9Rdk1ROU1EdmF5ZUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wZTU3MTEtMmZkNC00MGNhLTkxMzYt
NmY0ZTY1ODViNTRiLzEvbnNrSVBnSGJ6cE9zTU0zSXRITTZHY09IRXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wZTU3MTEtMmZkNC00MGNhLTkxMzYtNmY0ZTY1ODViNTRi
LzEvRVE1V0YzTUl3Z3hDLV9Rdk1ROU1EdmF5ZUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW85AMA0G
CSqGSIb3DQEBCwUAA4IBAQAlvWzfxjZwmjNQu5NRwGLcwpEh7fobUjjn7EXW3Ahq
KAhVcwBZp81/3xdNux5ExXhMydgrUVi76VaUsJ4BgPBhAzkp2/Tf92KD+qXIjKNm
E/tK7QYNTuG7RfAQk/L0aDp27GRtWdhGWLODSo5nrAcyFS3bFJluiJMjNTdUScyz
LDUgz3DA4Hsk/o0DxXLZSz9zB4buXWZE3x438AW+FQ08cK5NDasKw/5rghMFWifz
wSUkOuUdKg/t86+KarxYfKTHaeBDundUksrD4NgVaQOqgYsUus3wptzfeV5QQsuP
lo+3vbokFY5BFSnGFYGL1b8OqGMxnMvAw7y3RkaQkhDc
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:22:09 2025 by rpki-client