Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/NTpGxSlyXq6t68snWZPUuvIYNDQ.roa
File: NTpGxSlyXq6t68snWZPUuvIYNDQ.roa (raw, json)
Hash identifier: Urrz3LMzaemKKDAM00Mjk9CrhQJIrI7nj9vAZxCI0ws=
Subject key identifier: 35:3A:46:C5:29:72:5E:AE:AD:EB:CB:27:59:93:D4:BA:F2:18:34:34
Certificate issuer: /CN=99282d77c662e68bb87e83338b76ad6bead93185
Certificate serial: 01856DC1D6E04E1F399D5C632489D99325C3
Authority key identifier: 99:28:2D:77:C6:62:E6:8B:B8:7E:83:33:8B:76:AD:6B:EA:D9:31:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSgtd8Zi5ou4foMzi3ata-rZMYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/NTpGxSlyXq6t68snWZPUuvIYNDQ.roa
Signing time: Sun 01 Jan 2023 14:34:58 +0000
ROA not before: Sun 01 Jan 2023 14:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29208
IP address blocks: 185.176.137.0/24 maxlen: 32
185.176.136.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:d6:e0:4e:1f:39:9d:5c:63:24:89:d9:93:25:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99282d77c662e68bb87e83338b76ad6bead93185
Validity
Not Before: Jan 1 14:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=353a46c529725eaeadebcb275993d4baf2183434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7c:00:63:46:47:d5:7a:37:33:4d:91:29:7d:
1e:f8:95:52:a6:31:d7:9f:e3:bb:05:59:b8:20:77:
07:f1:80:83:6b:44:a1:18:7f:90:a2:b4:d4:bf:86:
b1:43:09:82:e9:a5:68:3f:07:30:0a:01:38:9e:07:
33:4c:db:4c:c8:91:6c:2a:b0:0d:26:65:5b:1a:0a:
90:bd:70:ce:24:ce:3d:c7:a7:24:81:56:9d:3d:98:
ca:c3:ce:26:40:40:e9:f8:fe:2b:c2:a0:20:99:a5:
2b:a8:1e:f0:1a:f7:e9:cd:9d:91:68:e2:e8:ea:83:
2c:24:83:11:a2:de:35:6a:0f:cd:5d:88:c5:28:72:
65:4f:b9:df:f4:40:98:6e:08:66:61:af:5a:b1:0d:
a5:43:c9:94:b0:fc:48:7a:3e:5d:d1:6c:16:b7:eb:
77:c5:a9:35:5b:82:eb:0d:7c:b8:93:94:49:97:26:
99:ad:ef:b8:36:79:fb:3d:e7:cc:29:a6:8b:6a:54:
9a:4e:0b:b8:05:e5:cd:1e:28:26:09:4d:70:3d:94:
3f:9e:c8:78:52:9e:8c:00:00:27:4f:0d:ea:29:5a:
8f:34:57:46:0f:01:01:a9:31:97:da:52:00:e3:b3:
3b:28:43:bd:aa:74:bb:de:7c:46:20:97:2a:83:0d:
1e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3A:46:C5:29:72:5E:AE:AD:EB:CB:27:59:93:D4:BA:F2:18:34:34
X509v3 Authority Key Identifier:
keyid:99:28:2D:77:C6:62:E6:8B:B8:7E:83:33:8B:76:AD:6B:EA:D9:31:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSgtd8Zi5ou4foMzi3ata-rZMYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/NTpGxSlyXq6t68snWZPUuvIYNDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/61c61d-5ed8-4766-9b4b-056b9c231f34/1/mSgtd8Zi5ou4foMzi3ata-rZMYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.136.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:a6:70:bb:8d:e4:e0:34:81:cc:3e:c1:33:16:50:0d:23:25:
46:a4:9e:be:cd:cc:47:63:67:06:ae:52:ba:c5:4f:da:b8:65:
01:d5:b9:32:86:95:6e:39:61:7d:03:c6:75:12:26:c1:77:c2:
31:bb:10:08:73:fa:2d:59:29:7c:85:dd:b2:1a:b0:37:4e:c1:
ba:ac:91:87:89:07:73:55:60:0d:b6:87:20:8f:6b:ea:69:64:
cb:92:0a:f6:33:15:5f:2b:ca:bd:ab:18:dc:ab:15:96:bd:fd:
0b:e3:c7:22:70:8f:9d:f7:e5:88:00:80:8d:05:cc:6b:ba:37:
98:96:c2:70:25:07:c5:58:4c:33:8a:87:d1:c8:d5:31:78:bc:
77:ff:13:c9:94:9f:4b:79:ae:77:1a:0b:83:93:ec:c9:d8:ef:
a6:56:d6:6e:59:32:1f:dd:0f:e5:af:22:90:35:27:8d:3c:8c:
d7:ee:9e:e9:9b:31:e8:f6:fd:95:94:fe:64:b9:8b:7d:06:92:
a9:fa:31:a6:ac:d6:46:97:58:37:c2:b5:f6:50:b1:fd:84:b4:
b8:3b:c7:c2:89:0e:22:65:81:c8:2a:79:dc:54:a6:b9:3b:6b:
7c:bb:f4:fa:c1:67:91:47:12:2d:f3:5c:3a:73:d5:f3:c9:5d:
32:96:92:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwdbgTh85nVxjJInZkyXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MjgyZDc3YzY2MmU2OGJiODdlODMzMzhiNzZhZDZiZWFk
OTMxODUwHhcNMjMwMTAxMTQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTNhNDZjNTI5NzI1ZWFlYWRlYmNiMjc1OTkzZDRiYWYyMTgzNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXwAY0ZH1Xo3M02RKX0e+JVSpjHX
n+O7BVm4IHcH8YCDa0ShGH+QorTUv4axQwmC6aVoPwcwCgE4ngczTNtMyJFsKrAN
JmVbGgqQvXDOJM49x6ckgVadPZjKw84mQEDp+P4rwqAgmaUrqB7wGvfpzZ2RaOLo
6oMsJIMRot41ag/NXYjFKHJlT7nf9ECYbghmYa9asQ2lQ8mUsPxIej5d0WwWt+t3
xak1W4LrDXy4k5RJlyaZre+4Nnn7PefMKaaLalSaTgu4BeXNHigmCU1wPZQ/nsh4
Up6MAAAnTw3qKVqPNFdGDwEBqTGX2lIA47M7KEO9qnS73nxGIJcqgw0eiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDU6RsUpcl6urevLJ1mT1LryGDQ0MB8GA1UdIwQY
MBaAFJkoLXfGYuaLuH6DM4t2rWvq2TGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVNndGQ4Wmk1b3U0Zm9NemkzYXRhLXJaTVlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MWM2MWQtNWVkOC00NzY2LTliNGIt
MDU2YjljMjMxZjM0LzEvTlRwR3hTbHlYcTZ0NjhzbldaUFV1dklZTkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82MWM2MWQtNWVkOC00NzY2LTliNGItMDU2YjljMjMxZjM0
LzEvbVNndGQ4Wmk1b3U0Zm9NemkzYXRhLXJaTVlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBubCIMA0G
CSqGSIb3DQEBCwUAA4IBAQAspnC7jeTgNIHMPsEzFlANIyVGpJ6+zcxHY2cGrlK6
xU/auGUB1bkyhpVuOWF9A8Z1EibBd8IxuxAIc/otWSl8hd2yGrA3TsG6rJGHiQdz
VWANtocgj2vqaWTLkgr2MxVfK8q9qxjcqxWWvf0L48cicI+d9+WIAICNBcxrujeY
lsJwJQfFWEwziofRyNUxeLx3/xPJlJ9Lea53GguDk+zJ2O+mVtZuWTIf3Q/lryKQ
NSeNPIzX7p7pmzHo9v2VlP5kuYt9BpKp+jGmrNZGl1g3wrX2ULH9hLS4O8fCiQ4i
ZYHIKnncVKa5O2t8u/T6wWeRRxIt81w6c9XzyV0ylpIw
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:49 2025 by rpki-client