Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/npnPhM-1JiBGDCDMIEKSwVVWRmE.roa
File: npnPhM-1JiBGDCDMIEKSwVVWRmE.roa (raw, json)
Hash identifier: GZe+rUiQZYZc5En/NpMG72sEGb7pc/AUAoezmgXH9gw=
Subject key identifier: 9E:99:CF:84:CF:B5:26:20:46:0C:20:CC:20:42:92:C1:55:56:46:61
Certificate issuer: /CN=e566e0e51628554cd92634b711ab758f8467c485
Certificate serial: 01856E145B25F31164F81DD7B06B2B2E41EF
Authority key identifier: E5:66:E0:E5:16:28:55:4C:D9:26:34:B7:11:AB:75:8F:84:67:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/npnPhM-1JiBGDCDMIEKSwVVWRmE.roa
Signing time: Sun 01 Jan 2023 16:05:05 +0000
ROA not before: Sun 01 Jan 2023 16:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56837
IP address blocks: 86.39.64.0/20 maxlen: 20
31.22.16.0/24 maxlen: 24
31.22.20.0/22 maxlen: 22
2a00:6ec0:300::/40 maxlen: 40
2a00:6ec0:400::/40 maxlen: 40
2a00:6ec0:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:5b:25:f3:11:64:f8:1d:d7:b0:6b:2b:2e:41:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e566e0e51628554cd92634b711ab758f8467c485
Validity
Not Before: Jan 1 16:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e99cf84cfb52620460c20cc204292c155564661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2f:31:8f:42:cd:00:93:4c:67:f7:6a:41:de:
dc:e5:4f:bc:9e:05:f4:78:03:f5:0c:56:99:e7:58:
f5:b1:c6:0d:95:d1:65:cf:fd:38:42:54:52:24:78:
b4:14:14:a1:f6:03:88:be:ff:11:b4:67:b5:02:8e:
6c:a2:ee:77:da:a4:1f:33:35:fd:be:a0:de:35:40:
b7:e6:da:10:15:3b:9b:0c:f3:ab:9b:9c:3b:c2:25:
4d:29:d7:89:a1:0e:2f:54:29:c2:0d:7f:b9:e3:01:
e9:39:82:e4:2b:f5:5e:97:e5:d9:62:df:a8:fe:c0:
93:74:2c:01:cb:7d:21:1f:bc:b3:22:71:a2:76:26:
b7:d6:1d:b6:cd:a2:9d:bf:2d:0b:87:fc:7a:61:fd:
01:73:01:ba:0f:b7:2e:56:79:fd:bd:b7:e3:8f:a4:
21:80:09:22:77:4c:25:da:fd:08:8b:23:72:b1:2a:
aa:7c:8d:85:71:b0:b6:44:e4:88:aa:07:2c:0f:2f:
0b:ac:73:68:8b:df:d9:87:2c:59:58:a4:d2:d4:0b:
7a:48:25:f6:39:9d:58:04:96:0e:80:d4:27:03:bc:
dd:e9:58:d3:84:37:fa:5f:e5:33:aa:18:9d:84:43:
64:bb:7a:e6:a9:90:9d:f8:58:40:76:cf:4c:08:e6:
1a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:99:CF:84:CF:B5:26:20:46:0C:20:CC:20:42:92:C1:55:56:46:61
X509v3 Authority Key Identifier:
keyid:E5:66:E0:E5:16:28:55:4C:D9:26:34:B7:11:AB:75:8F:84:67:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/npnPhM-1JiBGDCDMIEKSwVVWRmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.16.0/24
31.22.20.0/22
86.39.64.0/20
IPv6:
2a00:6ec0:100::/40
2a00:6ec0:300::-2a00:6ec0:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:5c:49:c0:36:48:4e:f7:e6:77:44:21:b6:27:f5:03:4f:c1:
76:a3:a6:3a:53:ea:f9:15:20:d4:36:8b:4c:18:2b:54:5c:6f:
6e:a4:68:e4:5d:e5:b2:75:12:92:4b:a7:31:0a:5b:fb:39:ff:
fc:94:08:d4:8f:c5:84:77:10:0b:1c:c3:ee:a5:1a:2f:0f:d4:
dc:f2:21:43:01:ed:5d:9a:1f:6c:81:c9:16:13:0e:b6:81:66:
30:87:ed:ca:66:62:a5:34:a1:f9:28:c4:46:93:8f:32:15:63:
32:cc:2e:b7:aa:d9:39:4f:a6:2b:15:82:f5:50:25:64:31:32:
36:b2:aa:29:df:ce:60:08:55:a1:3b:4a:9d:46:76:db:e7:86:
4e:c6:8e:89:f8:e5:8a:80:a6:b2:a8:39:e7:df:d2:71:1d:1e:
12:0e:15:24:30:94:d0:0c:7f:db:0b:f6:75:f8:d8:c3:30:3b:
66:31:0e:58:f8:95:7a:89:ff:75:83:dd:fa:26:c2:3f:a7:6e:
83:bd:bd:37:d0:f7:3d:b4:b6:74:76:f5:ab:cb:4a:bd:42:d9:
d1:97:74:2b:fc:5c:49:3c:54:ae:dd:dc:9d:b9:91:01:82:aa:
1e:98:bc:53:ea:80:3e:91:2b:c5:1f:63:21:e9:a3:40:8e:e9:
d1:0d:64:5a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVuFFsl8xFk+B3XsGsrLkHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjZlMGU1MTYyODU1NGNkOTI2MzRiNzExYWI3NThmODQ2
N2M0ODUwHhcNMjMwMTAxMTYwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTk5Y2Y4NGNmYjUyNjIwNDYwYzIwY2MyMDQyOTJjMTU1NTY0NjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS8xj0LNAJNMZ/dqQd7c5U+8ngX0
eAP1DFaZ51j1scYNldFlz/04QlRSJHi0FBSh9gOIvv8RtGe1Ao5sou532qQfMzX9
vqDeNUC35toQFTubDPOrm5w7wiVNKdeJoQ4vVCnCDX+54wHpOYLkK/Vel+XZYt+o
/sCTdCwBy30hH7yzInGidia31h22zaKdvy0Lh/x6Yf0BcwG6D7cuVnn9vbfjj6Qh
gAkid0wl2v0IiyNysSqqfI2FcbC2ROSIqgcsDy8LrHNoi9/ZhyxZWKTS1At6SCX2
OZ1YBJYOgNQnA7zd6VjThDf6X+UzqhidhENku3rmqZCd+FhAds9MCOYarwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJ6Zz4TPtSYgRgwgzCBCksFVVkZhMB8GA1UdIwQY
MBaAFOVm4OUWKFVM2SY0txGrdY+EZ8SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdiZzVSWW9WVXpaSmpTM0VhdDFqNFJueElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kOWUxNmQtN2U4Yy00M2VjLTk5Zjct
ZTI5NmNmZDk3MjA5LzEvbnBuUGhNLTFKaUJHRENETUlFS1N3VlZXUm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kOWUxNmQtN2U4Yy00M2VjLTk5ZjctZTI5NmNmZDk3MjA5
LzEvNVdiZzVSWW9WVXpaSmpTM0VhdDFqNFJueElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAYBAIAATASAwQAHxYQAwQC
HxYUAwQEVidAMCAEAgACMBoDBgAqAG7AATAQAwYAKgBuwAMDBgAqAG7ABDANBgkq
hkiG9w0BAQsFAAOCAQEAGFxJwDZITvfmd0Qhtif1A0/BdqOmOlPq+RUg1DaLTBgr
VFxvbqRo5F3lsnUSkkunMQpb+zn//JQI1I/FhHcQCxzD7qUaLw/U3PIhQwHtXZof
bIHJFhMOtoFmMIftymZipTSh+SjERpOPMhVjMswut6rZOU+mKxWC9VAlZDEyNrKq
Kd/OYAhVoTtKnUZ22+eGTsaOifjlioCmsqg559/ScR0eEg4VJDCU0Ax/2wv2dfjY
wzA7ZjEOWPiVeon/dYPd+ibCP6dug729N9D3PbS2dHb1q8tKvULZ0Zd0K/xcSTxU
rt3cnbmRAYKqHpi8U+qAPpErxR9jIemjQI7p0Q1kWg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:42:11 2025 by rpki-client