Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/NrkKkfuKp-oCZskSQ4surM6hKTs.roa
File: NrkKkfuKp-oCZskSQ4surM6hKTs.roa (raw, json)
Hash identifier: 1rgV7m7AvxCeELnBixmNvvtU0MEZaaHqkIG1KIXlL4s=
Subject key identifier: 36:B9:0A:91:FB:8A:A7:EA:02:66:C9:12:43:8B:2E:AC:CE:A1:29:3B
Certificate issuer: /CN=37915673b28bdfadb2c2019ac68d0464fd21b71a
Certificate serial: 06F98F74
Authority key identifier: 37:91:56:73:B2:8B:DF:AD:B2:C2:01:9A:C6:8D:04:64:FD:21:B7:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5FWc7KL362ywgGaxo0EZP0htxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/NrkKkfuKp-oCZskSQ4surM6hKTs.roa
Signing time: Sat 01 Jan 2022 15:04:02 +0000
ROA not before: Sat 01 Jan 2022 15:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34108
IP address blocks: 145.32.66.0/24 maxlen: 24
145.32.86.0/23 maxlen: 24
145.32.0.0/24 maxlen: 24
145.32.0.0/17 maxlen: 17
145.32.10.0/23 maxlen: 23
145.32.0.0/16 maxlen: 16
145.32.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117018484 (0x6f98f74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37915673b28bdfadb2c2019ac68d0464fd21b71a
Validity
Not Before: Jan 1 15:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36b90a91fb8aa7ea0266c912438b2eaccea1293b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:64:2b:ca:66:da:8f:50:49:8a:43:d2:a5:d8:
c4:c6:14:24:a7:f4:6c:02:54:aa:9a:9d:7e:3a:03:
ee:ca:ac:89:7d:eb:09:ab:dd:69:b2:1e:16:b0:0e:
f3:ab:d1:14:bd:dd:dc:c3:f4:18:af:d0:7f:dd:8e:
f3:9c:9d:a9:d1:ae:a6:20:ef:56:1f:ce:15:ac:a0:
19:21:eb:de:67:f7:3c:3d:65:96:42:b5:3b:ff:33:
1f:3d:9a:37:7d:46:92:e8:d3:34:04:e4:8a:57:a7:
49:05:f8:6f:42:45:2b:da:08:62:8c:64:0d:b6:ca:
1a:96:bb:f9:bc:3c:99:51:15:90:5d:ed:c0:d8:0d:
91:87:54:2f:60:c0:86:5c:57:7b:b3:03:38:ae:79:
a9:d7:82:a6:46:45:81:77:05:0d:c8:1d:7e:08:09:
47:50:67:b0:a2:b8:15:38:9c:1d:2d:f8:e1:c0:1c:
00:62:cc:35:81:56:e8:ae:60:22:c0:29:39:ec:a4:
73:5a:1f:dd:42:e0:3c:89:97:8e:14:a7:11:f5:96:
f9:09:70:06:d7:cd:38:ff:eb:17:36:df:b2:c4:7e:
3e:ed:ac:06:6b:e9:87:1c:dd:ea:6e:95:63:f1:de:
30:80:52:9b:98:d5:56:a9:99:01:1e:5b:89:da:56:
ce:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B9:0A:91:FB:8A:A7:EA:02:66:C9:12:43:8B:2E:AC:CE:A1:29:3B
X509v3 Authority Key Identifier:
keyid:37:91:56:73:B2:8B:DF:AD:B2:C2:01:9A:C6:8D:04:64:FD:21:B7:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5FWc7KL362ywgGaxo0EZP0htxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/NrkKkfuKp-oCZskSQ4surM6hKTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4ea4f7-d70e-42a2-afd7-3e3a188f49de/1/N5FWc7KL362ywgGaxo0EZP0htxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:b1:9e:69:d7:28:71:6c:b3:bc:df:2b:f4:c3:38:d4:6d:2f:
95:df:20:48:17:00:17:29:97:55:1e:fd:95:5b:5a:51:fe:ad:
60:d4:8f:23:24:2c:ad:0d:05:8b:a0:8b:7a:47:cc:ef:f7:9d:
f9:e0:a7:57:74:ad:a4:28:54:1e:8f:63:66:67:5c:6a:52:c0:
1e:b9:7c:d7:05:e3:e0:65:01:1b:56:0e:06:ce:d1:2a:52:69:
39:8d:9f:ca:ac:00:ca:ce:8b:9d:3c:f1:8a:00:69:0c:67:c9:
44:e7:84:d0:14:0f:e0:ce:de:a0:7e:d7:70:bd:5b:29:7d:f3:
82:a9:11:fe:06:29:a2:97:86:0b:f7:1c:61:58:83:b3:bc:29:
c7:35:c7:1e:62:5b:2f:6e:6d:90:03:40:c8:df:5a:31:0f:3f:
fa:20:ed:14:ed:e4:c3:7b:34:9a:f6:ac:dc:ee:02:94:7d:87:
08:43:11:8a:d5:53:21:af:26:38:15:8a:2b:87:8c:1f:06:60:
bc:4d:b7:09:50:8e:c0:38:df:c9:e9:1f:88:c3:a1:c5:db:d8:
8a:97:32:e3:c4:4f:29:74:90:68:bf:f0:f6:7c:b5:32:c1:03:
3a:ee:2b:e8:6a:27:27:b9:0e:4b:ff:2a:dc:67:d5:3d:e2:60:
29:f6:cb:22
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEBvmPdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NzkxNTY3M2IyOGJkZmFkYjJjMjAxOWFjNjhkMDQ2NGZkMjFiNzFhMB4XDTIyMDEw
MTE1MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZiOTBhOTFmYjhh
YTdlYTAyNjZjOTEyNDM4YjJlYWNjZWExMjkzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdkK8pm2o9QSYpD0qXYxMYUJKf0bAJUqpqdfjoD7sqsiX3r
CavdabIeFrAO86vRFL3d3MP0GK/Qf92O85ydqdGupiDvVh/OFaygGSHr3mf3PD1l
lkK1O/8zHz2aN31GkujTNATkilenSQX4b0JFK9oIYoxkDbbKGpa7+bw8mVEVkF3t
wNgNkYdUL2DAhlxXe7MDOK55qdeCpkZFgXcFDcgdfggJR1BnsKK4FTicHS344cAc
AGLMNYFW6K5gIsApOeykc1of3ULgPImXjhSnEfWW+QlwBtfNOP/rFzbfssR+Pu2s
Bmvphxzd6m6VY/HeMIBSm5jVVqmZAR5bidpWzvMCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQ2uQqR+4qn6gJmyRJDiy6szqEpOzAfBgNVHSMEGDAWgBQ3kVZzsovfrbLC
AZrGjQRk/SG3GjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L041RldjN0tMMzYyeXdnR2F4bzBFWlAwaHR4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvNGVhNGY3LWQ3MGUtNDJhMi1hZmQ3LTNlM2ExODhmNDlkZS8x
L05ya0trZnVLcC1vQ1pza1NRNHN1ck02aEtUcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
NGVhNGY3LWQ3MGUtNDJhMi1hZmQ3LTNlM2ExODhmNDlkZS8xL041RldjN0tMMzYy
eXdnR2F4bzBFWlAwaHR4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJEgMA0GCSqGSIb3DQEBCwUAA4IB
AQCYsZ5p1yhxbLO83yv0wzjUbS+V3yBIFwAXKZdVHv2VW1pR/q1g1I8jJCytDQWL
oIt6R8zv95354KdXdK2kKFQej2NmZ1xqUsAeuXzXBePgZQEbVg4GztEqUmk5jZ/K
rADKzoudPPGKAGkMZ8lE54TQFA/gzt6gftdwvVspffOCqRH+Bimil4YL9xxhWIOz
vCnHNcceYlsvbm2QA0DI31oxDz/6IO0U7eTDezSa9qzc7gKUfYcIQxGK1VMhryY4
FYorh4wfBmC8TbcJUI7AON/J6R+Iw6HF29iKlzLjxE8pdJBov/D2fLUywQM67ivo
aicnuQ5L/yrcZ9U94mAp9ssi
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:16:03 2025 by rpki-client