Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/9a60cf-9d94-4585-a25b-5e7f95811562/1/nGsNeml9jtI9vjl0nonZT7cM4zs.roa
File: nGsNeml9jtI9vjl0nonZT7cM4zs.roa (raw, json)
Hash identifier: dC0ge7LuzBLcpnOyNwyQVL5RxCwpgGwUYbdL2AnUzTo=
Subject key identifier: 9C:6B:0D:7A:69:7D:8E:D2:3D:BE:39:74:9E:89:D9:4F:B7:0C:E3:3B
Certificate issuer: /CN=2e73ad45f8a3ebe667abb196a289d6719bebb82d
Certificate serial: 09AAE9FF
Authority key identifier: 2E:73:AD:45:F8:A3:EB:E6:67:AB:B1:96:A2:89:D6:71:9B:EB:B8:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LnOtRfij6-Znq7GWoonWcZvruC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/9a60cf-9d94-4585-a25b-5e7f95811562/1/nGsNeml9jtI9vjl0nonZT7cM4zs.roa
Signing time: Sat 01 Jan 2022 09:04:25 +0000
ROA not before: Sat 01 Jan 2022 09:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205055
IP address blocks: 185.231.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162195967 (0x9aae9ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e73ad45f8a3ebe667abb196a289d6719bebb82d
Validity
Not Before: Jan 1 09:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c6b0d7a697d8ed23dbe39749e89d94fb70ce33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cc:c5:fa:67:63:58:d1:30:05:76:a3:87:74:
31:a2:92:f6:69:4a:4e:86:f6:38:99:97:48:1d:43:
13:5f:ce:c2:dd:c6:c3:0d:d9:70:6d:2a:d4:24:0f:
ff:02:dd:72:2f:28:28:f3:e0:18:cd:f0:ca:ab:91:
df:c2:34:57:2d:8a:a2:74:40:54:bf:63:d1:a1:97:
7c:c3:29:7f:45:55:42:59:85:b1:49:22:eb:ac:c5:
88:94:49:76:21:5b:24:a3:e8:53:ba:e1:1a:50:1b:
5b:c5:8a:8a:d6:a4:e9:d1:4b:1a:73:b9:02:c7:b5:
8c:be:6c:59:50:64:ba:5d:f1:c6:c4:a4:bf:c7:21:
39:fe:d9:2b:0d:62:3c:70:56:4e:7c:80:40:0f:02:
c0:71:7d:fb:1d:a9:87:7a:ef:28:49:ed:79:33:f4:
ac:6c:5e:5b:50:6f:65:f5:b8:67:5e:32:22:6c:f8:
f3:95:44:31:7e:20:c0:01:3d:c6:22:21:b1:9f:fa:
31:50:d9:71:0b:a7:2d:6e:f2:17:27:c3:5f:71:ab:
e7:5d:b0:8e:ca:2f:18:75:e8:82:2c:21:42:20:c2:
79:0e:34:d3:d6:9b:3f:64:4b:a5:16:9b:be:46:d9:
ef:a0:de:0d:bc:80:91:27:3e:39:04:e7:e7:37:79:
7c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6B:0D:7A:69:7D:8E:D2:3D:BE:39:74:9E:89:D9:4F:B7:0C:E3:3B
X509v3 Authority Key Identifier:
keyid:2E:73:AD:45:F8:A3:EB:E6:67:AB:B1:96:A2:89:D6:71:9B:EB:B8:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LnOtRfij6-Znq7GWoonWcZvruC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/9a60cf-9d94-4585-a25b-5e7f95811562/1/nGsNeml9jtI9vjl0nonZT7cM4zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/9a60cf-9d94-4585-a25b-5e7f95811562/1/LnOtRfij6-Znq7GWoonWcZvruC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.176.0/22
Signature Algorithm: sha256WithRSAEncryption
af:33:54:1e:b0:f9:7c:30:00:00:78:33:b9:a5:b7:92:9e:7c:
6b:77:32:60:6a:74:a0:c0:24:1b:61:b3:17:f9:aa:f2:64:38:
90:22:f9:18:22:1c:68:fb:19:7f:b7:96:81:e0:cb:51:af:ed:
30:fe:f7:bb:19:8c:e6:5f:df:d0:c9:f8:84:c7:a7:86:b9:36:
cf:fd:09:f9:89:a8:e9:c5:a7:aa:6f:69:73:b5:3a:fb:70:c4:
a4:99:19:c4:e7:94:1f:eb:80:97:a9:d2:9b:8c:5b:ff:57:66:
fd:e7:d9:c5:3c:e7:73:cb:cb:7b:0d:9d:eb:76:2a:10:8d:25:
7d:e9:be:09:49:3b:7d:d8:4a:9d:55:1f:5c:ac:c4:75:8d:4d:
19:e1:e9:8f:fb:10:a7:c7:55:3c:90:13:8c:e7:9d:eb:48:62:
68:2b:ef:ef:59:d9:2e:5c:51:17:90:93:da:dc:1d:cf:98:07:
09:7c:aa:1a:d9:c5:de:40:a3:49:61:a3:29:1f:0c:79:d8:09:
ac:b4:88:5c:f1:71:38:be:d7:4d:14:5f:d0:fc:51:81:de:97:
ab:68:48:9b:f0:8d:9f:d1:b2:05:9e:c6:a8:f1:c5:12:a3:fe:
51:46:d4:53:53:1a:61:06:b2:80:be:db:10:e1:9a:9f:98:be:
49:1e:1a:2d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECarp/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZTczYWQ0NWY4YTNlYmU2NjdhYmIxOTZhMjg5ZDY3MTliZWJiODJkMB4XDTIyMDEw
MTA5MDQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWM2YjBkN2E2OTdk
OGVkMjNkYmUzOTc0OWU4OWQ5NGZiNzBjZTMzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANLMxfpnY1jRMAV2o4d0MaKS9mlKTob2OJmXSB1DE1/Owt3G
ww3ZcG0q1CQP/wLdci8oKPPgGM3wyquR38I0Vy2KonRAVL9j0aGXfMMpf0VVQlmF
sUki66zFiJRJdiFbJKPoU7rhGlAbW8WKitak6dFLGnO5Ase1jL5sWVBkul3xxsSk
v8chOf7ZKw1iPHBWTnyAQA8CwHF9+x2ph3rvKEnteTP0rGxeW1BvZfW4Z14yImz4
85VEMX4gwAE9xiIhsZ/6MVDZcQunLW7yFyfDX3Gr512wjsovGHXogiwhQiDCeQ40
09abP2RLpRabvkbZ76DeDbyAkSc+OQTn5zd5fPsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBScaw16aX2O0j2+OXSeidlPtwzjOzAfBgNVHSMEGDAWgBQuc61F+KPr5mer
sZaiidZxm+u4LTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xuT3RSZmlqNi1abnE3R1dvb25XY1p2cnVDMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvOWE2MGNmLTlkOTQtNDU4NS1hMjViLTVlN2Y5NTgxMTU2Mi8x
L25Hc05lbWw5anRJOXZqbDBub25aVDdjTTR6cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
OWE2MGNmLTlkOTQtNDU4NS1hMjViLTVlN2Y5NTgxMTU2Mi8xL0xuT3RSZmlqNi1a
bnE3R1dvb25XY1p2cnVDMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnnsDANBgkqhkiG9w0BAQsFAAOC
AQEArzNUHrD5fDAAAHgzuaW3kp58a3cyYGp0oMAkG2GzF/mq8mQ4kCL5GCIcaPsZ
f7eWgeDLUa/tMP73uxmM5l/f0Mn4hMenhrk2z/0J+Ymo6cWnqm9pc7U6+3DEpJkZ
xOeUH+uAl6nSm4xb/1dm/efZxTznc8vLew2d63YqEI0lfem+CUk7fdhKnVUfXKzE
dY1NGeHpj/sQp8dVPJATjOed60hiaCvv71nZLlxRF5CT2twdz5gHCXyqGtnF3kCj
SWGjKR8MedgJrLSIXPFxOL7XTRRf0PxRgd6Xq2hIm/CNn9GyBZ7GqPHFEqP+UUbU
U1MaYQaygL7bEOGan5i+SR4aLQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:46 2025 by rpki-client