Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/NXRX_1clUz4R0Zqao0xWEqJr5E8.roa
File: NXRX_1clUz4R0Zqao0xWEqJr5E8.roa (raw, json)
Hash identifier: UqWfM7+nXk5NMZGc3kdh9KLBgDp2IhEePfPjZS1Xzmw=
Subject key identifier: 35:74:57:FF:57:25:53:3E:11:D1:9A:9A:A3:4C:56:12:A2:6B:E4:4F
Certificate issuer: /CN=c77549551405d9948c662dfe4de24de055daff5e
Certificate serial: 018571FA0564070D02D92F0665F33D7CF00E
Authority key identifier: C7:75:49:55:14:05:D9:94:8C:66:2D:FE:4D:E2:4D:E0:55:DA:FF:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3VJVRQF2ZSMZi3-TeJN4FXa_14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/NXRX_1clUz4R0Zqao0xWEqJr5E8.roa
Signing time: Mon 02 Jan 2023 10:14:48 +0000
ROA not before: Mon 02 Jan 2023 10:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209256
IP address blocks: 217.20.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:05:64:07:0d:02:d9:2f:06:65:f3:3d:7c:f0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77549551405d9948c662dfe4de24de055daff5e
Validity
Not Before: Jan 2 10:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=357457ff5725533e11d19a9aa34c5612a26be44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c9:8e:14:c8:40:2d:b5:f0:8b:5d:d4:6b:af:
76:3b:62:ea:73:84:a9:75:38:f8:44:7a:9e:fc:4d:
eb:e4:ab:24:d5:13:e5:ee:a0:e5:b3:48:ae:d2:9f:
8f:67:4e:43:35:42:24:27:34:29:ad:05:d0:44:22:
25:f8:9d:9d:34:d5:d3:3d:d1:57:57:05:b2:dc:7c:
c6:7c:43:45:9d:62:06:19:de:74:eb:8b:b4:07:25:
5b:96:60:9d:67:06:57:e3:ac:ef:e8:5c:6b:63:9f:
06:d3:b0:15:dd:d2:5f:12:b6:08:a9:17:c6:b2:c3:
21:9b:c9:4b:5e:55:31:5a:2b:6a:83:ac:86:3b:02:
93:ee:10:ae:d5:f2:b9:02:73:9c:b2:5b:ff:b7:d8:
8d:ef:3a:12:5c:c7:ea:09:33:d3:2e:ea:a6:f1:58:
4a:5d:ce:35:e3:2f:b3:b0:68:6e:29:94:c9:cf:e5:
94:40:7b:ce:86:8e:25:fc:fc:fc:47:d0:1f:f9:29:
83:88:be:b4:16:c3:6f:81:e0:a9:90:b5:fd:d7:6f:
15:5b:81:de:5d:ea:97:31:7a:41:5d:06:66:99:41:
67:d4:29:b7:63:cf:7a:b0:8b:05:0f:07:8a:57:5b:
ed:cf:fc:b6:87:60:37:2c:b1:fa:18:33:a1:17:0e:
90:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:74:57:FF:57:25:53:3E:11:D1:9A:9A:A3:4C:56:12:A2:6B:E4:4F
X509v3 Authority Key Identifier:
keyid:C7:75:49:55:14:05:D9:94:8C:66:2D:FE:4D:E2:4D:E0:55:DA:FF:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3VJVRQF2ZSMZi3-TeJN4FXa_14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/NXRX_1clUz4R0Zqao0xWEqJr5E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/5a4341-bc5f-4246-92ea-1bf75f75fa87/1/x3VJVRQF2ZSMZi3-TeJN4FXa_14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.96.0/20
Signature Algorithm: sha256WithRSAEncryption
22:2b:a4:ca:7a:39:b6:9c:b6:07:14:95:1a:67:6f:ba:52:66:
1e:e5:ea:3b:63:53:5d:1f:e3:29:74:f3:a1:27:8c:23:c8:7c:
d4:90:ba:22:bb:00:e2:e4:5e:7b:a6:0f:97:1c:19:f2:c4:fe:
b4:fd:93:be:7b:e1:ab:78:ad:3c:06:02:66:b4:32:01:cb:18:
78:86:ab:fe:28:b4:76:12:2a:c0:ac:37:4b:cd:66:50:35:ff:
de:c6:45:58:89:1e:76:c1:67:47:9d:5c:19:44:50:b4:6b:c0:
c2:d4:cf:b6:25:33:28:7e:b0:2a:e9:94:ae:8d:5b:ad:e5:81:
ab:c0:02:7a:2b:eb:60:ad:e8:9d:fa:2d:88:58:14:51:bc:3f:
d1:0d:58:cf:cd:01:1e:8c:6f:3c:ff:a0:4c:8c:f6:ee:9d:16:
eb:39:2f:29:c7:3b:58:1c:a0:c0:f7:c7:6c:10:1d:b7:4a:1d:
6b:17:dd:f3:c5:3b:10:60:06:40:2f:7b:9f:74:59:7e:6c:f1:
78:e9:56:96:45:ef:3a:71:69:68:c0:92:86:b0:01:f7:11:dc:
a4:3d:53:9f:73:aa:b5:c1:54:c7:67:8b:cc:28:9d:6a:62:58:
4e:d8:a4:31:53:31:a1:2c:48:98:69:a9:cc:46:fb:c8:90:60:
de:d5:1e:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+gVkBw0C2S8GZfM9fPAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzU0OTU1MTQwNWQ5OTQ4YzY2MmRmZTRkZTI0ZGUwNTVk
YWZmNWUwHhcNMjMwMTAyMTAxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc0NTdmZjU3MjU1MzNlMTFkMTlhOWFhMzRjNTYxMmEyNmJlNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8mOFMhALbXwi13Ua692O2Lqc4Sp
dTj4RHqe/E3r5Ksk1RPl7qDls0iu0p+PZ05DNUIkJzQprQXQRCIl+J2dNNXTPdFX
VwWy3HzGfENFnWIGGd5064u0ByVblmCdZwZX46zv6FxrY58G07AV3dJfErYIqRfG
ssMhm8lLXlUxWitqg6yGOwKT7hCu1fK5AnOcslv/t9iN7zoSXMfqCTPTLuqm8VhK
Xc414y+zsGhuKZTJz+WUQHvOho4l/Pz8R9Af+SmDiL60FsNvgeCpkLX9128VW4He
XeqXMXpBXQZmmUFn1Cm3Y896sIsFDweKV1vtz/y2h2A3LLH6GDOhFw6QLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDV0V/9XJVM+EdGamqNMVhKia+RPMB8GA1UdIwQY
MBaAFMd1SVUUBdmUjGYt/k3iTeBV2v9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNWSlZSUUYyWlNNWmkzLVRlSk40RlhhXzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC81YTQzNDEtYmM1Zi00MjQ2LTkyZWEt
MWJmNzVmNzVmYTg3LzEvTlhSWF8xY2xVejRSMFpxYW8weFdFcUpyNUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC81YTQzNDEtYmM1Zi00MjQ2LTkyZWEtMWJmNzVmNzVmYTg3
LzEveDNWSlZSUUYyWlNNWmkzLVRlSk40RlhhXzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RRgMA0G
CSqGSIb3DQEBCwUAA4IBAQAiK6TKejm2nLYHFJUaZ2+6UmYe5eo7Y1NdH+MpdPOh
J4wjyHzUkLoiuwDi5F57pg+XHBnyxP60/ZO+e+GreK08BgJmtDIByxh4hqv+KLR2
EirArDdLzWZQNf/exkVYiR52wWdHnVwZRFC0a8DC1M+2JTMofrAq6ZSujVut5YGr
wAJ6K+tgreid+i2IWBRRvD/RDVjPzQEejG88/6BMjPbunRbrOS8pxztYHKDA98ds
EB23Sh1rF93zxTsQYAZAL3ufdFl+bPF46VaWRe86cWlowJKGsAH3EdykPVOfc6q1
wVTHZ4vMKJ1qYlhO2KQxUzGhLEiYaanMRvvIkGDe1R6D
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:25 2025 by rpki-client