Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/NW7Vu9WVV2dxFRHS5ybfyQN3IJo.roa
File: NW7Vu9WVV2dxFRHS5ybfyQN3IJo.roa (raw, json)
Hash identifier: jyRyKf1jB1k09Vm65Xst5HV4w5m9q8HD4CY4uRxZPA4=
Subject key identifier: 35:6E:D5:BB:D5:95:57:67:71:15:11:D2:E7:26:DF:C9:03:77:20:9A
Certificate issuer: /CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Certificate serial: 01857079848AAA0A1F4B8F1F70299DD8C09C
Authority key identifier: 9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/NW7Vu9WVV2dxFRHS5ybfyQN3IJo.roa
Signing time: Mon 02 Jan 2023 03:14:50 +0000
ROA not before: Mon 02 Jan 2023 03:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48964
IP address blocks: 91.204.122.0/24 maxlen: 24
91.204.123.0/24 maxlen: 24
91.204.120.0/24 maxlen: 24
91.212.80.0/24 maxlen: 24
193.19.243.0/24 maxlen: 24
193.19.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:84:8a:aa:0a:1f:4b:8f:1f:70:29:9d:d8:c0:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Validity
Not Before: Jan 2 03:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=356ed5bbd5955767711511d2e726dfc90377209a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:1f:63:c4:f2:77:8a:df:bb:5b:c8:d7:1d:
75:0f:6d:09:39:a8:db:63:f3:ac:ac:75:71:bc:5a:
4e:40:ea:14:02:dd:00:64:10:69:54:dc:cf:91:6a:
4c:15:03:e9:94:ee:aa:49:fd:e2:59:55:59:57:5a:
f7:17:c9:f5:6a:ae:7d:4f:18:88:20:9d:71:c2:6e:
87:7d:38:a8:ef:be:aa:af:1d:8a:83:a8:0c:19:e1:
e6:59:12:d1:2d:1f:7d:f5:54:99:d2:80:a2:e3:0c:
e5:ea:2b:d8:c0:73:75:31:0d:6e:6d:ee:f4:2a:c7:
73:21:07:d5:7c:be:35:11:aa:b4:d1:25:7d:27:9a:
c6:00:37:64:8d:02:eb:da:84:4d:73:47:c9:4f:99:
6b:20:03:b7:61:ed:24:7b:e0:f9:26:1b:d6:4b:86:
9b:b6:f5:ba:a3:2b:8f:b1:9b:a2:57:ff:33:4f:72:
e9:24:c8:c9:70:64:62:e2:fe:9b:d9:6f:81:df:7c:
50:69:6c:70:ec:f3:d0:81:6e:b4:af:3c:93:ea:6d:
69:d3:31:71:d8:7e:14:48:fa:dc:8f:57:d1:76:83:
45:a5:9e:26:cc:64:47:78:0b:1e:8a:e4:1b:b9:bb:
8a:b3:3e:bc:33:b2:17:bf:f2:ad:65:58:df:c4:40:
4e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6E:D5:BB:D5:95:57:67:71:15:11:D2:E7:26:DF:C9:03:77:20:9A
X509v3 Authority Key Identifier:
keyid:9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/NW7Vu9WVV2dxFRHS5ybfyQN3IJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.120.0/24
91.204.122.0/23
91.212.80.0/24
193.19.241.0/24
193.19.243.0/24
Signature Algorithm: sha256WithRSAEncryption
82:99:d4:76:d9:d2:14:86:4f:27:2f:48:b9:11:b0:99:30:84:
03:47:37:28:2c:e3:b9:f7:a2:7d:bf:0e:b4:00:83:d8:3c:c1:
2a:00:48:33:49:ff:8e:f8:f9:e5:7c:c3:9f:c9:3f:cb:65:d0:
7e:b7:7b:d1:4f:82:71:c1:c4:a3:08:c0:bb:e9:e2:b8:a2:84:
5b:d3:75:b4:61:c6:2c:0e:4d:ef:5b:54:1d:df:53:42:8a:0c:
93:9b:2c:34:19:bb:e9:90:ae:51:a1:a6:06:32:f7:2d:2d:32:
7d:1c:5c:f4:71:6f:71:ac:9f:b4:f4:35:44:c4:79:4d:da:00:
54:e1:f7:fc:0e:57:3a:fe:a1:36:3a:72:a3:15:15:65:51:c6:
7e:2d:24:4a:6e:e4:c9:b3:69:01:aa:60:f4:04:7d:e0:02:c0:
49:ce:3b:7e:e1:7c:ef:98:ce:21:69:9f:d6:31:fc:f6:59:fa:
c4:af:64:85:c1:a1:99:e9:1e:cd:87:a0:85:14:52:13:39:07:
27:36:48:fc:ba:31:99:46:99:58:eb:56:a0:0a:e3:4c:60:10:
7f:d6:ef:d4:b7:58:79:c6:71:e2:ec:a8:fe:24:e3:81:07:c3:
18:50:82:47:6d:20:56:1c:f0:ed:ff:5e:29:25:80:fb:ab:f3:
93:67:53:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVweYSKqgofS48fcCmd2MCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDUwNDg2MGE3YzkyNGU3MjFjYmZhZWE1ZjQ5YTcyYzgy
OTZjMzUwHhcNMjMwMTAyMDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZlZDViYmQ1OTU1NzY3NzExNTExZDJlNzI2ZGZjOTAzNzcyMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDsfY8Tyd4rfu1vI1x11D20JOajb
Y/OsrHVxvFpOQOoUAt0AZBBpVNzPkWpMFQPplO6qSf3iWVVZV1r3F8n1aq59TxiI
IJ1xwm6HfTio776qrx2Kg6gMGeHmWRLRLR999VSZ0oCi4wzl6ivYwHN1MQ1ube70
KsdzIQfVfL41Eaq00SV9J5rGADdkjQLr2oRNc0fJT5lrIAO3Ye0ke+D5JhvWS4ab
tvW6oyuPsZuiV/8zT3LpJMjJcGRi4v6b2W+B33xQaWxw7PPQgW60rzyT6m1p0zFx
2H4USPrcj1fRdoNFpZ4mzGRHeAseiuQbubuKsz68M7IXv/KtZVjfxEBOwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDVu1bvVlVdncRUR0ucm38kDdyCaMB8GA1UdIwQY
MBaAFJ3VBIYKfJJOchy/rqX0mnLIKWw1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRVRWhncDhrazV5SEwtdXBmU2Fjc2dwYkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80OTYyMzItZDE4Yi00NTU0LTlhNDMt
NDMyZjVjMWY0MWY3LzEvTlc3VnU5V1ZWMmR4RlJIUzV5YmZ5UU4zSUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80OTYyMzItZDE4Yi00NTU0LTlhNDMtNDMyZjVjMWY0MWY3
LzEvbmRVRWhncDhrazV5SEwtdXBmU2Fjc2dwYkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW8x4AwQB
W8x6AwQAW9RQAwQAwRPxAwQAwRPzMA0GCSqGSIb3DQEBCwUAA4IBAQCCmdR22dIU
hk8nL0i5EbCZMIQDRzcoLOO596J9vw60AIPYPMEqAEgzSf+O+PnlfMOfyT/LZdB+
t3vRT4JxwcSjCMC76eK4ooRb03W0YcYsDk3vW1Qd31NCigyTmyw0GbvpkK5RoaYG
MvctLTJ9HFz0cW9xrJ+09DVExHlN2gBU4ff8Dlc6/qE2OnKjFRVlUcZ+LSRKbuTJ
s2kBqmD0BH3gAsBJzjt+4XzvmM4haZ/WMfz2WfrEr2SFwaGZ6R7Nh6CFFFITOQcn
Nkj8ujGZRplY61agCuNMYBB/1u/Ut1h5xnHi7Kj+JOOBB8MYUIJHbSBWHPDt/14p
JYD7q/OTZ1OQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:38 2025 by rpki-client