Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/NRudFLXdyc2Dwk-ngdggfd9S1hY.roa
File: NRudFLXdyc2Dwk-ngdggfd9S1hY.roa (raw, json)
Hash identifier: IaVU8HU/qEdlrcjEs14iXRnGa947CwYPdkhKW+eQXrc=
Subject key identifier: 35:1B:9D:14:B5:DD:C9:CD:83:C2:4F:A7:81:D8:20:7D:DF:52:D6:16
Certificate issuer: /CN=60d0b0207603be43d8492e9851378b8b4f09594f
Certificate serial: 01857139C7E176D15CF689F8505DC637745A
Authority key identifier: 60:D0:B0:20:76:03:BE:43:D8:49:2E:98:51:37:8B:8B:4F:09:59:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/NRudFLXdyc2Dwk-ngdggfd9S1hY.roa
Signing time: Mon 02 Jan 2023 06:44:50 +0000
ROA not before: Mon 02 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1103
IP address blocks: 145.5.0.0/16 maxlen: 16
130.115.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c7:e1:76:d1:5c:f6:89:f8:50:5d:c6:37:74:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60d0b0207603be43d8492e9851378b8b4f09594f
Validity
Not Before: Jan 2 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=351b9d14b5ddc9cd83c24fa781d8207ddf52d616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f6:77:b3:10:13:34:8b:a3:49:da:d2:5b:74:
31:b3:e1:6d:c4:76:c4:dd:b0:3b:3f:d5:81:cb:53:
89:ed:49:69:fd:6c:57:eb:28:4a:10:ba:8a:0b:5f:
ae:34:e9:b6:16:f5:a5:58:3c:12:69:5f:33:7d:f7:
c8:46:ff:91:96:5d:e2:60:be:96:cb:ac:00:c5:76:
2b:e6:28:16:41:6b:34:59:0b:6b:09:d5:b1:90:44:
7f:08:c5:7a:f0:a8:09:51:5c:77:ae:0a:1d:92:9c:
af:a3:0e:61:45:89:30:14:92:ce:72:70:f6:6b:86:
81:08:9e:47:89:35:2e:a9:cf:5f:bf:7e:f1:af:fd:
30:22:90:23:08:a5:20:16:84:f0:7e:05:f4:52:22:
90:19:4e:b8:7d:95:0a:9c:af:c1:46:ab:94:25:44:
31:97:c3:68:7d:0e:e7:94:f7:04:c0:99:bb:45:30:
18:41:0d:f4:0b:35:18:52:fc:33:60:93:ad:82:f7:
d6:ec:3e:8d:bd:c5:c8:fc:89:00:cc:48:72:da:01:
36:36:1f:42:a8:f3:49:83:f9:a1:09:71:a1:b8:08:
28:31:77:2d:86:db:8c:5c:ad:61:2b:c2:97:66:96:
d7:ac:da:62:51:b0:2b:0d:c3:34:10:f4:0f:0b:08:
ec:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1B:9D:14:B5:DD:C9:CD:83:C2:4F:A7:81:D8:20:7D:DF:52:D6:16
X509v3 Authority Key Identifier:
keyid:60:D0:B0:20:76:03:BE:43:D8:49:2E:98:51:37:8B:8B:4F:09:59:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNCwIHYDvkPYSS6YUTeLi08JWU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/NRudFLXdyc2Dwk-ngdggfd9S1hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f5794a-b191-4646-a842-f49fea545e78/1/YNCwIHYDvkPYSS6YUTeLi08JWU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.115.0.0/16
145.5.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:c4:02:15:66:31:42:e5:5d:52:2f:b5:d3:98:15:9f:e4:fa:
66:6b:5b:ad:2d:ce:e1:04:d3:58:2e:e7:a5:07:6b:b8:b1:cc:
3f:da:2a:45:36:54:5c:56:0e:92:c5:94:43:59:3c:4e:3c:df:
26:45:90:05:3f:5d:62:bc:13:db:b6:b9:92:05:8d:aa:20:73:
5f:20:60:a0:16:be:d4:4c:ce:eb:58:e5:ed:09:a3:fa:bf:7b:
fb:f4:bb:59:b3:9d:03:ad:88:30:3c:88:5c:b7:13:f0:97:4d:
7c:4c:ba:9e:17:ed:cb:6e:a5:74:b8:7e:09:96:33:ad:f4:50:
19:b0:4e:3b:60:55:2e:e7:d6:2b:81:cb:b6:fc:ee:83:c6:ae:
93:4e:67:b5:91:f3:f7:7b:d3:53:fb:e3:da:8e:49:84:5a:33:
bd:30:53:bc:c4:59:f8:7f:ee:c9:08:a4:0c:f3:21:74:45:2c:
2c:7b:dd:f0:05:74:87:18:b1:14:9e:62:be:6a:b2:39:5c:8f:
10:2a:53:19:72:3e:60:1e:04:54:54:08:e7:c2:9f:dd:eb:7e:
10:a4:9b:cb:fd:6d:09:3f:d2:6e:a5:8e:eb:df:32:89:4c:42:
e2:37:9b:bd:10:35:25:4e:51:32:78:33:88:38:3e:01:55:b4:
c4:d8:f3:1e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVxOcfhdtFc9on4UF3GN3RaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDBiMDIwNzYwM2JlNDNkODQ5MmU5ODUxMzc4YjhiNGYw
OTU5NGYwHhcNMjMwMTAyMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTFiOWQxNGI1ZGRjOWNkODNjMjRmYTc4MWQ4MjA3ZGRmNTJkNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfZ3sxATNIujSdrSW3Qxs+FtxHbE
3bA7P9WBy1OJ7Ulp/WxX6yhKELqKC1+uNOm2FvWlWDwSaV8zfffIRv+Rll3iYL6W
y6wAxXYr5igWQWs0WQtrCdWxkER/CMV68KgJUVx3rgodkpyvow5hRYkwFJLOcnD2
a4aBCJ5HiTUuqc9fv37xr/0wIpAjCKUgFoTwfgX0UiKQGU64fZUKnK/BRquUJUQx
l8NofQ7nlPcEwJm7RTAYQQ30CzUYUvwzYJOtgvfW7D6NvcXI/IkAzEhy2gE2Nh9C
qPNJg/mhCXGhuAgoMXcthtuMXK1hK8KXZpbXrNpiUbArDcM0EPQPCwjs3wIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFDUbnRS13cnNg8JPp4HYIH3fUtYWMB8GA1UdIwQY
MBaAFGDQsCB2A75D2EkumFE3i4tPCVlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mNTc5NGEtYjE5MS00NjQ2LWE4NDIt
ZjQ5ZmVhNTQ1ZTc4LzEvTlJ1ZEZMWGR5YzJEd2stbmdkZ2dmZDlTMWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mNTc5NGEtYjE5MS00NjQ2LWE4NDItZjQ5ZmVhNTQ1ZTc4
LzEvWU5Dd0lIWUR2a1BZU1M2WVVUZUxpMDhKV1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAgnMDAwCR
BTANBgkqhkiG9w0BAQsFAAOCAQEAusQCFWYxQuVdUi+105gVn+T6ZmtbrS3O4QTT
WC7npQdruLHMP9oqRTZUXFYOksWUQ1k8TjzfJkWQBT9dYrwT27a5kgWNqiBzXyBg
oBa+1EzO61jl7Qmj+r97+/S7WbOdA62IMDyIXLcT8JdNfEy6nhfty26ldLh+CZYz
rfRQGbBOO2BVLufWK4HLtvzug8auk05ntZHz93vTU/vj2o5JhFozvTBTvMRZ+H/u
yQikDPMhdEUsLHvd8AV0hxixFJ5ivmqyOVyPECpTGXI+YB4EVFQI58Kf3et+EKSb
y/1tCT/SbqWO698yiUxC4jebvRA1JU5RMngziDg+AVW0xNjzHg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:50:34 2025 by rpki-client