Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/nzVh2jdvc5UnVT0IMgq8_Eq3_p0.roa
File: nzVh2jdvc5UnVT0IMgq8_Eq3_p0.roa (raw, json)
Hash identifier: vpBC5HkPiSyL0RgHOzEXGiJ2M4nLQn6deILAAyqFAsI=
Subject key identifier: 9F:35:61:DA:37:6F:73:95:27:55:3D:08:32:0A:BC:FC:4A:B7:FE:9D
Certificate issuer: /CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Certificate serial: 018570798BAB501CEF4C0BA2C49FFA0C8E73
Authority key identifier: 19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/nzVh2jdvc5UnVT0IMgq8_Eq3_p0.roa
Signing time: Mon 02 Jan 2023 03:14:51 +0000
ROA not before: Mon 02 Jan 2023 03:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207375
IP address blocks: 45.145.108.0/22 maxlen: 25
2a0e:fdc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:8b:ab:50:1c:ef:4c:0b:a2:c4:9f:fa:0c:8e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Validity
Not Before: Jan 2 03:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f3561da376f739527553d08320abcfc4ab7fe9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e1:28:f6:03:f0:5f:26:55:50:15:87:74:3b:
26:24:91:55:9c:10:da:df:85:8f:af:26:02:0d:db:
77:64:cb:fa:f6:e0:37:15:f5:ef:b9:9b:73:14:23:
c4:d0:af:04:8b:cd:a0:0c:71:6d:e6:ef:b2:63:e0:
a7:dd:0b:38:de:ca:be:37:4b:9d:31:bd:cb:cb:af:
00:6a:f9:d1:43:91:f9:db:0a:53:ac:26:36:01:59:
c7:d1:e5:22:8a:87:9b:72:c9:69:e7:43:ff:f2:ed:
fb:c7:68:7f:bd:ac:2f:dc:c7:6c:0a:8c:e2:8f:92:
f2:05:52:14:df:da:1c:e9:cb:6e:4f:bb:b1:37:27:
1a:81:aa:ff:3f:0e:82:01:7b:a0:d0:1a:dc:44:44:
bd:ce:43:0b:9f:f0:07:7c:32:9b:82:8a:d8:91:ab:
4f:a5:a6:e8:67:64:ed:9d:bb:72:0a:bf:fe:76:9c:
e4:e4:ae:d1:23:12:2f:f1:64:8b:b1:92:32:38:d0:
73:09:37:8c:6e:15:43:2e:b4:32:25:a1:b1:3c:d3:
b3:14:ce:7e:0e:3e:35:06:13:d6:99:7e:de:6f:c3:
34:76:45:52:d4:fa:34:ed:0c:84:0f:d9:7b:51:85:
f1:49:10:67:08:f0:ef:6f:0d:af:8f:ca:95:db:85:
8a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:35:61:DA:37:6F:73:95:27:55:3D:08:32:0A:BC:FC:4A:B7:FE:9D
X509v3 Authority Key Identifier:
keyid:19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/nzVh2jdvc5UnVT0IMgq8_Eq3_p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.108.0/22
IPv6:
2a0e:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:1c:1c:38:26:55:86:ac:37:20:e6:b9:cc:3b:e1:51:1d:a0:
0a:27:90:d5:76:72:97:e9:29:56:87:db:12:79:c3:22:4a:3b:
f4:51:d3:0c:6e:86:e9:c8:78:9d:c2:e5:17:03:30:77:15:ef:
63:e7:a5:ab:3a:ec:9b:6e:37:bc:4e:f4:b4:a7:81:61:bf:2f:
a9:2f:97:ba:77:a1:21:5b:8a:65:55:c5:33:d9:26:ef:f1:a1:
2a:f0:27:1a:c7:fd:42:76:70:54:ce:c1:ca:a3:ac:5e:23:ee:
f9:14:d0:0c:71:86:97:3b:0b:3d:e7:4e:a7:d7:62:af:c5:09:
49:5f:26:37:e0:a7:e8:8f:85:57:87:6a:8c:85:85:4f:24:9e:
e2:46:dc:e0:52:fb:45:f2:97:23:4e:13:2f:4b:fc:72:3f:de:
5a:d2:3d:e4:0c:83:80:ae:ff:f2:3d:34:0d:29:2e:2f:10:56:
e2:39:44:68:72:40:ac:9a:0d:56:16:86:53:be:ca:a0:c2:03:
ce:cd:c2:df:33:83:93:77:c4:97:3d:06:d5:cc:9b:cc:54:0b:
8f:9d:50:73:f4:0d:72:37:e6:ac:6d:d7:12:de:53:f6:55:4e:
1e:ec:ff:97:7f:48:96:aa:d4:a5:84:48:ae:42:ac:0d:e7:87:
28:3d:49:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweYurUBzvTAuixJ/6DI5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTQzZDgxNjU3YTNjMzhjMTUwZGU1NTc5N2YxYzdiNWYw
YzJlYmIwHhcNMjMwMTAyMDMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM1NjFkYTM3NmY3Mzk1Mjc1NTNkMDgzMjBhYmNmYzRhYjdmZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOEo9gPwXyZVUBWHdDsmJJFVnBDa
34WPryYCDdt3ZMv69uA3FfXvuZtzFCPE0K8Ei82gDHFt5u+yY+Cn3Qs43sq+N0ud
Mb3Ly68AavnRQ5H52wpTrCY2AVnH0eUiioebcslp50P/8u37x2h/vawv3MdsCozi
j5LyBVIU39oc6ctuT7uxNycagar/Pw6CAXug0BrcRES9zkMLn/AHfDKbgorYkatP
paboZ2TtnbtyCr/+dpzk5K7RIxIv8WSLsZIyONBzCTeMbhVDLrQyJaGxPNOzFM5+
Dj41BhPWmX7eb8M0dkVS1Po07QyED9l7UYXxSRBnCPDvbw2vj8qV24WK1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ81Ydo3b3OVJ1U9CDIKvPxKt/6dMB8GA1UdIwQY
MBaAFBmkPYFlejw4wVDeVXl/HHtfDC67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2Yt
MDdmNzRjMDE5NzMyLzEvbnpWaDJqZHZjNVVuVlQwSU1ncThfRXEzX3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2YtMDdmNzRjMDE5NzMy
LzEvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZFsMA0E
AgACMAcDBQMqDv3AMA0GCSqGSIb3DQEBCwUAA4IBAQB+HBw4JlWGrDcg5rnMO+FR
HaAKJ5DVdnKX6SlWh9sSecMiSjv0UdMMbobpyHidwuUXAzB3Fe9j56WrOuybbje8
TvS0p4Fhvy+pL5e6d6EhW4plVcUz2Sbv8aEq8Ccax/1CdnBUzsHKo6xeI+75FNAM
cYaXOws9506n12KvxQlJXyY34Kfoj4VXh2qMhYVPJJ7iRtzgUvtF8pcjThMvS/xy
P95a0j3kDIOArv/yPTQNKS4vEFbiOURockCsmg1WFoZTvsqgwgPOzcLfM4OTd8SX
PQbVzJvMVAuPnVBz9A1yN+asbdcS3lP2VU4e7P+Xf0iWqtSlhEiuQqwN54coPUn+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:19 2025 by rpki-client