Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/NTU79msuKUHOPCHS4wEqKg5tNzo.roa
File: NTU79msuKUHOPCHS4wEqKg5tNzo.roa (raw, json)
Hash identifier: DrKzVUza6HSfpT6EIM+wDehqJpZ3+TgqkLpplYj7lcw=
Subject key identifier: 35:35:3B:F6:6B:2E:29:41:CE:3C:21:D2:E3:01:2A:2A:0E:6D:37:3A
Certificate issuer: /CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Certificate serial: 0946E804
Authority key identifier: 4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/NTU79msuKUHOPCHS4wEqKg5tNzo.roa
Signing time: Sat 01 Jan 2022 12:56:12 +0000
ROA not before: Sat 01 Jan 2022 12:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51731
IP address blocks: 46.36.32.0/19 maxlen: 19
2a02:25b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155641860 (0x946e804)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Validity
Not Before: Jan 1 12:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35353bf66b2e2941ce3c21d2e3012a2a0e6d373a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:7d:c4:89:13:ec:4a:1f:2b:23:dc:ca:e5:
ee:3b:9a:3f:5f:49:21:40:67:07:a5:f8:e5:20:0c:
db:27:a6:be:9e:e7:8c:e8:5d:d0:a4:f9:5d:3e:03:
bf:e7:62:43:5d:c2:84:53:5d:1f:bc:52:b7:98:cc:
b5:3b:70:67:3a:00:32:06:01:01:52:dc:ba:86:3c:
cd:05:48:69:e1:e4:40:bc:39:6f:79:51:52:96:7d:
4f:21:df:13:aa:41:19:11:c4:95:e2:80:92:25:54:
f8:39:ab:61:f3:b3:be:cb:9a:50:ea:e4:2f:87:66:
82:02:d1:03:e5:db:7b:b3:9f:a1:26:bf:61:d6:64:
6d:14:5c:d9:e2:fb:9c:00:67:3a:1e:c2:d7:fe:a9:
e5:15:e9:6a:be:14:a8:1f:90:d5:77:d2:9c:3a:b7:
1c:c6:79:f9:75:af:84:c0:69:a6:81:73:06:c9:ac:
85:86:24:a9:0f:5f:ae:e2:b2:41:15:3c:8b:94:28:
f6:0f:56:ad:ae:76:18:5e:bd:5d:01:45:00:72:2f:
36:60:e4:56:68:e7:9d:9a:58:41:cd:5f:7b:98:49:
42:7f:83:1c:87:74:7e:f4:c8:7e:fa:14:71:a0:fc:
a3:90:9a:91:56:7a:57:19:3e:c4:e5:83:b8:44:e6:
0b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:35:3B:F6:6B:2E:29:41:CE:3C:21:D2:E3:01:2A:2A:0E:6D:37:3A
X509v3 Authority Key Identifier:
keyid:4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/NTU79msuKUHOPCHS4wEqKg5tNzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/TJiLk6t6KZmjJV7q5OGKsjsuDz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.32.0/19
IPv6:
2a02:25b0::/32
Signature Algorithm: sha256WithRSAEncryption
76:cb:13:eb:1b:19:86:68:d5:52:a6:5b:10:f8:03:c2:ab:f1:
88:fa:13:d1:fc:e7:d2:8f:9d:56:e1:7e:37:bd:15:00:f9:2a:
30:27:9c:4c:c5:02:e2:aa:3c:57:6a:c6:f5:d2:96:17:ae:a6:
a9:71:58:e8:cc:f6:dc:38:e7:05:cc:57:fd:54:6a:a4:e7:ce:
52:df:c6:21:9c:a8:41:83:6d:86:6b:b0:f1:9c:c1:45:2e:ef:
f7:a0:c2:96:b0:31:04:38:a6:a8:c3:ac:85:37:36:2a:e1:fb:
09:bd:4a:94:79:9c:58:cb:5e:f6:5f:d4:3a:0a:6a:95:b2:5d:
1a:d7:4c:b7:65:9d:4e:33:28:a9:89:98:24:03:7e:66:20:6d:
9b:9a:e6:2c:c8:1c:90:ad:1c:d1:1f:10:c6:f0:f1:e1:61:04:
be:f4:b4:c0:20:38:52:8f:64:57:76:13:1a:97:3f:29:bb:18:
3f:71:27:2e:ac:63:04:f0:dc:c8:11:b1:c5:5f:06:32:40:55:
d8:25:3c:ed:29:4f:ea:d5:cd:76:e5:ae:8c:c2:fb:d1:78:55:
f2:05:cf:f3:7f:0f:2a:ef:f6:8b:66:d5:75:6d:4d:4e:bd:6f:
cb:da:a9:15:36:99:41:aa:33:dc:0e:da:a2:58:5e:0c:4d:5c:
5b:16:45:e6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECUboBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Yzk4OGI5M2FiN2EyOTk5YTMyNTVlZWFlNGUxOGFiMjNiMmUwZjNlMB4XDTIyMDEw
MTEyNTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUzNTNiZjY2YjJl
Mjk0MWNlM2MyMWQyZTMwMTJhMmEwZTZkMzczYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+DfcSJE+xKHysj3Mrl7juaP19JIUBnB6X45SAM2yemvp7n
jOhd0KT5XT4Dv+diQ13ChFNdH7xSt5jMtTtwZzoAMgYBAVLcuoY8zQVIaeHkQLw5
b3lRUpZ9TyHfE6pBGRHEleKAkiVU+DmrYfOzvsuaUOrkL4dmggLRA+Xbe7OfoSa/
YdZkbRRc2eL7nABnOh7C1/6p5RXpar4UqB+Q1XfSnDq3HMZ5+XWvhMBppoFzBsms
hYYkqQ9fruKyQRU8i5Qo9g9Wra52GF69XQFFAHIvNmDkVmjnnZpYQc1fe5hJQn+D
HId0fvTIfvoUcaD8o5CakVZ6Vxk+xOWDuETmCwkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ1NTv2ay4pQc48IdLjASoqDm03OjAfBgNVHSMEGDAWgBRMmIuTq3opmaMl
Xurk4YqyOy4PPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RKaUxrNnQ2S1ptakpWN3E1T0dLc2pzdUR6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNGMxZjU5LTBjMTItNDE1My1hMTVjLTcxNWY5Y2Q2MzA4Ni8x
L05UVTc5bXN1S1VIT1BDSFM0d0VxS2c1dE56by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NGMxZjU5LTBjMTItNDE1My1hMTVjLTcxNWY5Y2Q2MzA4Ni8xL1RKaUxrNnQ2S1pt
akpWN3E1T0dLc2pzdUR6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBS4kIDANBAIAAjAHAwUAKgIlsDAN
BgkqhkiG9w0BAQsFAAOCAQEAdssT6xsZhmjVUqZbEPgDwqvxiPoT0fzn0o+dVuF+
N70VAPkqMCecTMUC4qo8V2rG9dKWF66mqXFY6Mz23DjnBcxX/VRqpOfOUt/GIZyo
QYNthmuw8ZzBRS7v96DClrAxBDimqMOshTc2KuH7Cb1KlHmcWMte9l/UOgpqlbJd
GtdMt2WdTjMoqYmYJAN+ZiBtm5rmLMgckK0c0R8QxvDx4WEEvvS0wCA4Uo9kV3YT
Gpc/KbsYP3EnLqxjBPDcyBGxxV8GMkBV2CU87SlP6tXNduWujML70XhV8gXP838P
Ku/2i2bVdW1NTr1vy9qpFTaZQaoz3A7aolheDE1cWxZF5g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:26 2025 by rpki-client