Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/NVMu8goA-CI47Jr5ologMNSpw0I.roa
File: NVMu8goA-CI47Jr5ologMNSpw0I.roa (raw, json)
Hash identifier: BD5A3LBdbkP3rYrgQwuWqbC32EyBQ2PwgkmBswBUYn8=
Subject key identifier: 35:53:2E:F2:0A:00:F8:22:38:EC:9A:F9:A2:5A:20:30:D4:A9:C3:42
Certificate issuer: /CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Certificate serial: 01856B933377772A9B302F7B8D00D705101C
Authority key identifier: 1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/NVMu8goA-CI47Jr5ologMNSpw0I.roa
Signing time: Sun 01 Jan 2023 04:24:47 +0000
ROA not before: Sun 01 Jan 2023 04:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53550
IP address blocks: 77.111.208.0/22 maxlen: 24
185.37.220.0/22 maxlen: 24
2a00:fa60::/32 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:33:77:77:2a:9b:30:2f:7b:8d:00:d7:05:10:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Validity
Not Before: Jan 1 04:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35532ef20a00f82238ec9af9a25a2030d4a9c342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8e:20:34:18:98:63:c2:e6:3f:77:d7:10:41:
aa:d4:e9:98:2b:4f:1e:7a:25:fc:b2:4a:44:22:f8:
f5:b7:b8:69:d0:7b:3e:bd:13:87:d1:9d:74:1d:6f:
95:cb:df:61:c1:85:4a:e8:43:d2:b6:7e:9a:49:18:
98:38:e1:9b:21:c9:6b:c7:66:09:2d:76:ca:41:4a:
aa:30:04:e9:78:49:53:83:c1:d3:99:b2:e2:1b:36:
8b:f7:f9:cb:a3:41:70:61:a2:0d:b8:66:bb:e4:63:
93:8b:e1:8b:8f:83:74:a3:41:d5:74:7f:0d:dd:ce:
8e:30:e4:23:a2:82:10:6c:6d:8d:29:98:70:3d:a7:
0b:c0:df:ab:3a:07:35:cb:21:ef:b9:c0:c3:55:0e:
e5:d4:4f:ae:18:68:f3:35:f2:a2:20:8a:e9:1d:e1:
06:4e:ca:83:0f:b8:a0:d7:e3:b6:67:ff:f1:f6:7b:
dc:4b:0e:1a:1e:f9:39:2b:4b:83:f7:58:a8:3e:68:
a2:4f:85:84:13:ae:02:08:73:42:b5:5f:07:c1:d2:
ed:bf:18:27:30:9b:ea:06:1a:90:9f:b1:b9:b8:dd:
44:8e:b6:38:ac:ec:ac:b4:4e:eb:95:e1:c4:9d:4c:
c5:6e:71:74:98:0c:d9:69:cc:24:6e:8d:0b:f3:39:
2f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:53:2E:F2:0A:00:F8:22:38:EC:9A:F9:A2:5A:20:30:D4:A9:C3:42
X509v3 Authority Key Identifier:
keyid:1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/NVMu8goA-CI47Jr5ologMNSpw0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.208.0/22
185.37.220.0/22
IPv6:
2a00:fa60::/32
Signature Algorithm: sha256WithRSAEncryption
96:cb:69:78:9a:1d:90:93:11:ac:fa:60:e5:d2:0a:18:b0:26:
a6:1a:5c:7f:6e:75:c7:aa:46:4e:67:fc:21:53:e9:37:e0:31:
ae:24:66:2f:1f:89:6f:a1:63:86:00:96:50:d8:d0:2d:f9:91:
1e:c6:6d:94:2b:96:b0:59:ea:ec:46:e4:6b:ff:78:6c:98:1d:
61:c7:cf:6a:c5:65:6a:e3:f3:7d:30:05:dc:75:a8:0a:7e:8a:
56:66:66:f2:13:10:07:7a:cb:d2:6c:91:94:54:5c:90:a6:6c:
a7:74:c6:1e:51:22:f1:77:bf:33:5e:d5:37:e4:a9:bc:b5:a9:
fb:1f:3b:79:e8:9a:6b:7e:7d:7c:c5:02:39:46:6b:21:29:d3:
60:8f:ea:08:84:8f:a5:e3:a9:24:e5:f5:7d:de:f8:bd:a3:56:
ff:49:b5:b1:e9:51:e3:86:e9:8a:99:e2:13:c5:01:b3:b2:48:
5f:c8:b5:cf:a0:45:06:7b:15:71:38:0d:89:82:3b:73:0d:2d:
e9:e1:83:66:a1:b2:e5:2e:ba:96:6f:2c:6f:cd:ab:3a:2a:a4:
52:79:2d:0e:86:1c:5e:6e:e1:73:a6:77:fc:7e:a0:16:4d:c4:
a0:0e:84:86:45:23:95:d0:4a:c7:21:b7:21:6d:26:0c:da:4f:
7b:a4:31:53
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrkzN3dyqbMC97jQDXBRAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjkzMTJjZWE1YWE3NDM4YjRkOTBjMDgzNmM4MmYwNTBh
MmEwMGEwHhcNMjMwMTAxMDQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTUzMmVmMjBhMDBmODIyMzhlYzlhZjlhMjVhMjAzMGQ0YTljMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY4gNBiYY8LmP3fXEEGq1OmYK08e
eiX8skpEIvj1t7hp0Hs+vROH0Z10HW+Vy99hwYVK6EPStn6aSRiYOOGbIclrx2YJ
LXbKQUqqMATpeElTg8HTmbLiGzaL9/nLo0FwYaINuGa75GOTi+GLj4N0o0HVdH8N
3c6OMOQjooIQbG2NKZhwPacLwN+rOgc1yyHvucDDVQ7l1E+uGGjzNfKiIIrpHeEG
TsqDD7ig1+O2Z//x9nvcSw4aHvk5K0uD91ioPmiiT4WEE64CCHNCtV8HwdLtvxgn
MJvqBhqQn7G5uN1EjrY4rOystE7rleHEnUzFbnF0mAzZacwkbo0L8zkvXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDVTLvIKAPgiOOya+aJaIDDUqcNCMB8GA1UdIwQY
MBaAFB75MSzqWqdDi02QwINsgvBQoqAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUt
MGI4MDFiZjgwZDUzLzEvTlZNdThnb0EtQ0k0N0pyNW9sb2dNTlNwdzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUtMGI4MDFiZjgwZDUz
LzEvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTW/QAwQC
uSXcMA0EAgACMAcDBQAqAPpgMA0GCSqGSIb3DQEBCwUAA4IBAQCWy2l4mh2QkxGs
+mDl0goYsCamGlx/bnXHqkZOZ/whU+k34DGuJGYvH4lvoWOGAJZQ2NAt+ZEexm2U
K5awWersRuRr/3hsmB1hx89qxWVq4/N9MAXcdagKfopWZmbyExAHesvSbJGUVFyQ
pmyndMYeUSLxd78zXtU35Km8tan7Hzt56Jprfn18xQI5RmshKdNgj+oIhI+l46kk
5fV93vi9o1b/SbWx6VHjhumKmeITxQGzskhfyLXPoEUGexVxOA2JgjtzDS3p4YNm
obLlLrqWbyxvzas6KqRSeS0OhhxebuFzpnf8fqAWTcSgDoSGRSOV0ErHIbchbSYM
2k97pDFT
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:08:42 2025 by rpki-client