Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/nXpEEX-klHCMVAg6YpcJK2GgeIA.roa
File: nXpEEX-klHCMVAg6YpcJK2GgeIA.roa (raw, json)
Hash identifier: 9vDKw8H7qJDCcM1mTNJmiSWhOrZESdKy2go5n/uVA1E=
Subject key identifier: 9D:7A:44:11:7F:A4:94:70:8C:54:08:3A:62:97:09:2B:61:A0:78:80
Certificate issuer: /CN=661691ca9c58d0859b6b870230b0f581be66a58a
Certificate serial: 018C1793DEA242989E4CAE9A8937653A5F68
Authority key identifier: 66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/nXpEEX-klHCMVAg6YpcJK2GgeIA.roa
Signing time: Tue 28 Nov 2023 20:16:55 +0000
ROA not before: Tue 28 Nov 2023 20:16:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46873
IP address blocks: 45.153.109.0/24 maxlen: 24
45.153.110.0/24 maxlen: 24
45.153.111.0/24 maxlen: 24
45.153.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:93:de:a2:42:98:9e:4c:ae:9a:89:37:65:3a:5f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661691ca9c58d0859b6b870230b0f581be66a58a
Validity
Not Before: Nov 28 20:16:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d7a44117fa494708c54083a6297092b61a07880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:aa:1c:5e:69:2c:f5:d8:79:59:52:ec:b8:75:
44:c0:2e:9a:83:9c:e1:c1:49:01:27:18:6e:71:67:
47:b1:98:f1:0a:78:9f:94:a8:21:07:3e:e4:7e:3d:
d6:cf:7f:1e:3a:22:c9:6c:98:68:ad:fd:bb:0b:f6:
82:09:e7:c5:ec:da:b7:fa:6f:2c:fa:78:ef:cd:05:
f5:8c:6f:03:af:02:a4:16:8b:b5:1c:9e:24:56:0f:
22:78:9f:04:0a:d9:cd:e1:d3:c9:e4:80:76:21:5d:
43:14:e8:34:92:0d:2e:a5:18:67:a9:2b:33:05:5e:
08:ef:23:92:f5:20:ec:e7:4f:4a:25:7e:c8:ac:cf:
a5:fe:27:d6:19:a4:be:fa:76:d2:4f:a2:86:ce:9e:
f7:49:f3:70:d9:84:90:b5:af:1c:b3:16:0a:a2:39:
69:2b:e1:0d:88:8f:ae:2d:9b:92:34:12:6a:22:ea:
2c:cf:05:8e:e6:80:4f:18:b0:57:8f:ce:d5:c4:d1:
0c:26:9c:02:df:e1:ac:8a:6a:f2:3f:9c:09:a3:4d:
5e:12:25:33:80:31:ce:b5:d8:ac:ce:0e:04:f5:1e:
b4:94:b5:b5:d4:db:9f:30:91:69:9b:f0:8f:28:6c:
a5:d2:b9:f2:5a:df:aa:24:71:48:4c:0e:54:92:59:
26:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7A:44:11:7F:A4:94:70:8C:54:08:3A:62:97:09:2B:61:A0:78:80
X509v3 Authority Key Identifier:
keyid:66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/nXpEEX-klHCMVAg6YpcJK2GgeIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.108.0/22
Signature Algorithm: sha256WithRSAEncryption
29:c3:90:68:59:c3:5b:cb:c4:c3:df:f7:77:cb:7c:af:65:58:
27:df:c6:60:25:15:b0:34:6f:c0:32:07:66:4f:14:b2:76:e1:
a2:14:26:e2:4e:38:90:77:57:80:da:19:46:fa:7e:fb:97:8c:
4f:80:b6:f7:a2:06:73:d4:a9:06:c5:82:e5:88:61:85:32:b5:
8c:b9:70:17:56:2c:73:a3:0f:75:78:05:f3:33:8c:f8:08:da:
73:cb:6e:4b:4b:25:42:c3:4d:59:95:22:a4:0a:62:43:a0:af:
0c:2e:39:6e:ea:15:bb:18:54:6f:5c:0e:5e:07:8f:ee:2c:db:
11:be:c9:de:f0:99:53:14:ec:06:6c:0c:e6:f3:80:e5:42:d0:
7a:97:75:06:8c:fa:29:6f:27:ec:ab:73:91:bc:0e:4d:50:aa:
58:93:79:13:1e:d5:54:58:b6:9c:54:ad:7d:8e:c1:25:0b:09:
e7:04:d6:bc:3f:ce:5f:15:98:98:9f:91:b3:de:cc:6d:bd:4e:
c3:f8:40:41:6a:47:56:08:3b:3a:5c:e0:f3:c1:03:6b:a7:b5:
ba:b0:15:29:0f:6c:ac:e6:7f:8c:c4:61:bb:79:a8:39:2a:fc:
ea:02:14:46:44:c9:92:5e:23:76:34:f3:d2:5d:ad:46:11:59:
8a:0a:0d:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwXk96iQpieTK6aiTdlOl9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTY5MWNhOWM1OGQwODU5YjZiODcwMjMwYjBmNTgxYmU2
NmE1OGEwHhcNMjMxMTI4MjAxNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdhNDQxMTdmYTQ5NDcwOGM1NDA4M2E2Mjk3MDkyYjYxYTA3ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6ocXmks9dh5WVLsuHVEwC6ag5zh
wUkBJxhucWdHsZjxCniflKghBz7kfj3Wz38eOiLJbJhorf27C/aCCefF7Nq3+m8s
+njvzQX1jG8DrwKkFou1HJ4kVg8ieJ8ECtnN4dPJ5IB2IV1DFOg0kg0upRhnqSsz
BV4I7yOS9SDs509KJX7IrM+l/ifWGaS++nbST6KGzp73SfNw2YSQta8csxYKojlp
K+ENiI+uLZuSNBJqIuoszwWO5oBPGLBXj87VxNEMJpwC3+GsimryP5wJo01eEiUz
gDHOtdiszg4E9R60lLW11NufMJFpm/CPKGyl0rnyWt+qJHFITA5UklkmlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ16RBF/pJRwjFQIOmKXCSthoHiAMB8GA1UdIwQY
MBaAFGYWkcqcWNCFm2uHAjCw9YG+ZqWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQt
MWE4MGRhZmZkNzk2LzEvblhwRUVYLWtsSENNVkFnNllwY0pLMkdnZUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQtMWE4MGRhZmZkNzk2
LzEvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZlsMA0G
CSqGSIb3DQEBCwUAA4IBAQApw5BoWcNby8TD3/d3y3yvZVgn38ZgJRWwNG/AMgdm
TxSyduGiFCbiTjiQd1eA2hlG+n77l4xPgLb3ogZz1KkGxYLliGGFMrWMuXAXVixz
ow91eAXzM4z4CNpzy25LSyVCw01ZlSKkCmJDoK8MLjlu6hW7GFRvXA5eB4/uLNsR
vsne8JlTFOwGbAzm84DlQtB6l3UGjPopbyfsq3ORvA5NUKpYk3kTHtVUWLacVK19
jsElCwnnBNa8P85fFZiYn5Gz3sxtvU7D+EBBakdWCDs6XODzwQNrp7W6sBUpD2ys
5n+MxGG7eag5KvzqAhRGRMmSXiN2NPPSXa1GEVmKCg3N
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:45:01 2025 by rpki-client