Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/nm4w4l3UG3T9syDXcXVXCquUkgg.roa
File: nm4w4l3UG3T9syDXcXVXCquUkgg.roa (raw, json)
Hash identifier: 3H8QtF/x+iERzMNcv4pNVjI9uW3X9/QGjAjKRGC754A=
Subject key identifier: 9E:6E:30:E2:5D:D4:1B:74:FD:B3:20:D7:71:75:57:0A:AB:94:92:08
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0184C1DDB3BBD19A8FD70F4B8006DAF5695B
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/nm4w4l3UG3T9syDXcXVXCquUkgg.roa
Signing time: Tue 29 Nov 2022 05:30:42 +0000
ROA not before: Tue 29 Nov 2022 05:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 45.143.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c1:dd:b3:bb:d1:9a:8f:d7:0f:4b:80:06:da:f5:69:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Nov 29 05:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e6e30e25dd41b74fdb320d77175570aab949208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:ec:24:0c:1f:39:d1:ae:fd:f1:1a:6d:ca:
96:17:79:5e:76:71:4a:9d:7a:50:a1:99:d1:15:34:
24:4b:7c:c0:f2:c2:3e:9d:3a:cf:8a:75:81:bb:44:
77:2d:42:1f:4d:64:50:53:48:af:5c:19:bb:52:5f:
14:2a:73:bd:80:2f:62:ca:42:51:a2:72:8b:d3:bf:
25:46:7e:df:89:6c:37:b3:6b:01:4b:46:17:92:e8:
2b:60:d9:4d:4c:9e:18:aa:81:47:5d:91:e7:da:4a:
a4:0b:49:fc:80:be:da:94:9c:35:d4:e0:d8:57:bc:
9c:84:af:49:d4:b3:df:47:53:69:77:1f:e9:98:79:
97:a9:ab:f8:a8:6e:b1:bb:1e:78:f8:7c:1b:62:c0:
f1:dd:37:11:a4:d7:b5:87:f1:73:60:82:a9:2d:84:
94:9f:4f:77:6f:6a:ec:7b:01:c0:36:9f:99:76:9c:
6a:bd:3e:c1:8e:d1:27:68:4c:25:ae:59:b4:7a:d3:
6f:df:ff:de:2b:df:84:5b:4d:f5:b5:41:84:7a:46:
51:d3:0a:33:13:10:96:e7:7d:3c:b3:03:29:3b:3a:
f6:25:5d:a1:9b:a3:8c:76:ec:36:0c:94:fc:a3:78:
27:8c:79:b9:bc:7f:81:94:0b:2f:2a:58:b8:b4:eb:
92:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6E:30:E2:5D:D4:1B:74:FD:B3:20:D7:71:75:57:0A:AB:94:92:08
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/nm4w4l3UG3T9syDXcXVXCquUkgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.161.0/24
Signature Algorithm: sha256WithRSAEncryption
49:24:0f:03:b2:79:98:e1:12:58:90:d1:e4:15:0b:b3:c0:b0:
6b:e7:c4:64:31:bf:64:a7:23:29:a4:ab:c8:9e:95:0d:ca:2f:
ab:21:4e:8e:60:a2:5f:00:ce:2e:4b:24:01:af:dd:1d:e3:bb:
4c:c6:96:f6:78:0d:dd:bc:e3:b0:0e:a6:ab:fd:5d:66:c5:8e:
64:07:22:e7:b2:5c:ad:89:1b:1f:84:97:02:ad:38:7a:a2:e2:
91:6a:3b:3f:fd:5a:e0:cf:f2:31:8e:20:ca:4a:c7:cb:4d:f5:
f5:95:6e:22:7b:17:e4:4f:9d:ad:e8:91:c3:05:95:18:93:fe:
fc:00:09:76:e0:42:2a:7a:dd:c7:43:3b:80:d2:df:66:b1:67:
0d:08:3b:f6:2e:32:64:93:3d:5c:ba:49:42:49:97:24:34:f2:
ec:1f:8d:64:4e:63:de:c8:02:f7:9c:5e:8b:e7:03:1d:e6:10:
e6:75:13:9b:bf:ca:5a:b4:29:a6:34:f9:c8:ee:40:14:8b:33:
cc:cc:18:05:8d:e1:e5:46:c1:9d:b9:9a:9d:ce:c3:e9:e7:9f:
34:16:a8:bd:e9:c7:15:33:fa:ad:15:97:5e:b1:41:bb:ee:ee:
69:16:5a:aa:86:79:ea:43:4d:a9:fc:50:65:0d:42:48:18:2e:
cf:0d:ef:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTB3bO70ZqP1w9LgAba9WlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjIxMTI5MDUzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZlMzBlMjVkZDQxYjc0ZmRiMzIwZDc3MTc1NTcwYWFiOTQ5MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu63sJAwfOdGu/fEabcqWF3lednFK
nXpQoZnRFTQkS3zA8sI+nTrPinWBu0R3LUIfTWRQU0ivXBm7Ul8UKnO9gC9iykJR
onKL078lRn7fiWw3s2sBS0YXkugrYNlNTJ4YqoFHXZHn2kqkC0n8gL7alJw11ODY
V7ychK9J1LPfR1Npdx/pmHmXqav4qG6xux54+HwbYsDx3TcRpNe1h/FzYIKpLYSU
n093b2rsewHANp+ZdpxqvT7BjtEnaEwlrlm0etNv3//eK9+EW031tUGEekZR0woz
ExCW5308swMpOzr2JV2hm6OMduw2DJT8o3gnjHm5vH+BlAsvKli4tOuSswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5uMOJd1Bt0/bMg13F1VwqrlJIIMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvbm00dzRsM1VHM1Q5c3lEWGNYVlhDcXVVa2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+hMA0G
CSqGSIb3DQEBCwUAA4IBAQBJJA8DsnmY4RJYkNHkFQuzwLBr58RkMb9kpyMppKvI
npUNyi+rIU6OYKJfAM4uSyQBr90d47tMxpb2eA3dvOOwDqar/V1mxY5kByLnslyt
iRsfhJcCrTh6ouKRajs//Vrgz/IxjiDKSsfLTfX1lW4iexfkT52t6JHDBZUYk/78
AAl24EIqet3HQzuA0t9msWcNCDv2LjJkkz1cuklCSZckNPLsH41kTmPeyAL3nF6L
5wMd5hDmdRObv8patCmmNPnI7kAUizPMzBgFjeHlRsGduZqdzsPp5580Fqi96ccV
M/qtFZdesUG77u5pFlqqhnnqQ02p/FBlDUJIGC7PDe+1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:53 2023 by rpki-client on console-fra.rpki-client.org