Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/NZ6rQE8n5W9sU9VHnp821VpZakE.roa
File: NZ6rQE8n5W9sU9VHnp821VpZakE.roa (raw, json)
Hash identifier: GlxjIHZzgTTnhS9AbP2BiZYJP/3nE0KscxPt3XrOp0g=
Subject key identifier: 35:9E:AB:40:4F:27:E5:6F:6C:53:D5:47:9E:9F:36:D5:5A:59:6A:41
Certificate issuer: /CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Certificate serial: 01856C9CAB632DBFF223E75433F9372F3450
Authority key identifier: B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/NZ6rQE8n5W9sU9VHnp821VpZakE.roa
Signing time: Sun 01 Jan 2023 09:14:44 +0000
ROA not before: Sun 01 Jan 2023 09:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201260
IP address blocks: 46.17.240.0/22 maxlen: 22
185.80.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:ab:63:2d:bf:f2:23:e7:54:33:f9:37:2f:34:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2e448b4a08f0e4c58a283d80735a8a803e10d4e
Validity
Not Before: Jan 1 09:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359eab404f27e56f6c53d5479e9f36d55a596a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:15:7b:7b:1c:ec:54:ac:7e:5f:1b:1a:64:
e0:79:d2:b5:16:02:15:12:9e:a2:03:40:59:f3:bd:
df:6d:31:00:fa:ea:86:4c:93:81:92:58:33:56:36:
3a:13:89:83:51:68:f5:ce:3b:68:78:51:a8:a7:70:
52:27:7d:ad:aa:9b:9c:d7:e2:e8:d4:c3:90:30:1f:
9c:45:14:c2:44:cd:cf:dc:86:98:99:95:ba:8f:a9:
76:a3:77:a4:56:0a:21:a1:4d:db:cb:f5:32:72:31:
c9:72:a1:04:87:69:bc:38:76:64:bd:7f:de:0a:46:
74:3c:30:76:8a:b3:92:dd:5b:6f:6d:d2:f5:c0:32:
11:7a:11:c4:c9:18:2f:a3:52:82:6c:f2:07:d8:6f:
89:31:2b:7c:32:08:87:98:7e:5b:7b:be:a9:12:f5:
80:63:51:3d:ef:f4:f8:de:3d:c8:aa:25:de:10:ab:
9d:cd:52:df:25:9d:03:ef:05:2c:3c:c2:3b:43:cb:
b1:12:0e:e9:a4:91:7e:08:d8:e3:08:9a:9e:f8:6d:
f7:80:c6:cb:55:c4:6a:40:ed:e5:9e:9c:e1:a9:b9:
b7:59:3f:e4:e6:0d:91:61:0a:a5:6b:5c:64:9b:03:
a9:74:e3:fc:b0:b5:b8:93:6d:fe:26:c7:78:a0:cd:
e4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9E:AB:40:4F:27:E5:6F:6C:53:D5:47:9E:9F:36:D5:5A:59:6A:41
X509v3 Authority Key Identifier:
keyid:B2:E4:48:B4:A0:8F:0E:4C:58:A2:83:D8:07:35:A8:A8:03:E1:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suRItKCPDkxYooPYBzWoqAPhDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/NZ6rQE8n5W9sU9VHnp821VpZakE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a7068a-92ba-42ea-9966-2054d4e903bc/1/suRItKCPDkxYooPYBzWoqAPhDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.240.0/22
185.80.152.0/22
Signature Algorithm: sha256WithRSAEncryption
69:35:67:70:df:ea:18:a4:de:4a:be:b8:08:c9:24:65:6e:cd:
4e:ea:6d:15:d1:60:2c:dd:be:ac:01:7b:4a:04:ad:97:15:a1:
5c:53:d7:c8:f1:17:c2:21:c6:74:fc:05:79:cf:45:e4:ec:23:
c8:dc:5e:ed:f9:be:02:14:14:74:b8:81:0e:e1:69:21:2b:7f:
7d:08:45:d8:3f:95:9d:72:77:28:a0:a0:5f:fe:2f:35:55:56:
4a:6e:3d:90:a6:46:ef:67:12:f8:ea:a4:29:e8:ba:98:6c:16:
21:10:27:94:16:2d:69:3a:94:13:d0:9e:ba:49:2f:c7:c0:9a:
c0:d7:9b:35:59:fb:00:13:88:ad:f4:cb:42:9b:6c:05:d0:b0:
14:d3:15:de:48:c9:df:58:e4:12:2b:85:8f:34:e5:87:ac:71:
5c:da:d6:35:b4:b6:e8:08:36:a9:9b:a9:cf:4a:fa:de:79:e9:
56:4a:a7:5f:90:c2:29:5b:13:5a:ea:eb:76:6a:35:45:e6:fd:
83:24:d8:68:19:e3:36:9e:01:fc:2a:67:d4:cf:78:30:7d:d9:
d3:1b:23:e2:e8:de:77:f3:73:13:07:cc:a5:95:6e:93:bc:be:
ec:5a:57:4d:16:34:78:42:ec:ee:4c:ba:a2:01:a0:66:81:56:
8c:51:af:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsnKtjLb/yI+dUM/k3LzRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZTQ0OGI0YTA4ZjBlNGM1OGEyODNkODA3MzVhOGE4MDNl
MTBkNGUwHhcNMjMwMTAxMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTllYWI0MDRmMjdlNTZmNmM1M2Q1NDc5ZTlmMzZkNTVhNTk2YTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovMVe3sc7FSsfl8bGmTgedK1FgIV
Ep6iA0BZ873fbTEA+uqGTJOBklgzVjY6E4mDUWj1zjtoeFGop3BSJ32tqpuc1+Lo
1MOQMB+cRRTCRM3P3IaYmZW6j6l2o3ekVgohoU3by/UycjHJcqEEh2m8OHZkvX/e
CkZ0PDB2irOS3VtvbdL1wDIRehHEyRgvo1KCbPIH2G+JMSt8MgiHmH5be76pEvWA
Y1E97/T43j3IqiXeEKudzVLfJZ0D7wUsPMI7Q8uxEg7ppJF+CNjjCJqe+G33gMbL
VcRqQO3lnpzhqbm3WT/k5g2RYQqla1xkmwOpdOP8sLW4k23+Jsd4oM3knwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWeq0BPJ+VvbFPVR56fNtVaWWpBMB8GA1UdIwQY
MBaAFLLkSLSgjw5MWKKD2Ac1qKgD4Q1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYt
MjA1NGQ0ZTkwM2JjLzEvTlo2clFFOG41VzlzVTlWSG5wODIxVnBaYWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hNzA2OGEtOTJiYS00MmVhLTk5NjYtMjA1NGQ0ZTkwM2Jj
LzEvc3VSSXRLQ1BEa3hZb29QWUJ6V29xQVBoRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhHwAwQC
uVCYMA0GCSqGSIb3DQEBCwUAA4IBAQBpNWdw3+oYpN5KvrgIySRlbs1O6m0V0WAs
3b6sAXtKBK2XFaFcU9fI8RfCIcZ0/AV5z0Xk7CPI3F7t+b4CFBR0uIEO4WkhK399
CEXYP5WdcncooKBf/i81VVZKbj2QpkbvZxL46qQp6LqYbBYhECeUFi1pOpQT0J66
SS/HwJrA15s1WfsAE4it9MtCm2wF0LAU0xXeSMnfWOQSK4WPNOWHrHFc2tY1tLbo
CDapm6nPSvreeelWSqdfkMIpWxNa6ut2ajVF5v2DJNhoGeM2ngH8KmfUz3gwfdnT
GyPi6N5383MTB8yllW6TvL7sWldNFjR4QuzuTLqiAaBmgVaMUa8r
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:22:03 2025 by rpki-client