Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/nsLZXRh8oX4i2p4aXVU2kYTAoyI.roa
File: nsLZXRh8oX4i2p4aXVU2kYTAoyI.roa (raw, json)
Hash identifier: q51ehQVP/fyPoQsq+rF1FJ1i36Zb9mFKXuLatJD7t+4=
Subject key identifier: 9E:C2:D9:5D:18:7C:A1:7E:22:DA:9E:1A:5D:55:36:91:84:C0:A3:22
Certificate issuer: /CN=ddb71471373bb0603c356eeded4b918292b5beee
Certificate serial: 018570F0AC4F0D3357DF26FBA2A3E0345761
Authority key identifier: DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/nsLZXRh8oX4i2p4aXVU2kYTAoyI.roa
Signing time: Mon 02 Jan 2023 05:24:58 +0000
ROA not before: Mon 02 Jan 2023 05:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 145.8.178.0/24 maxlen: 24
145.8.177.0/24 maxlen: 24
145.8.176.0/24 maxlen: 24
145.8.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ac:4f:0d:33:57:df:26:fb:a2:a3:e0:34:57:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddb71471373bb0603c356eeded4b918292b5beee
Validity
Not Before: Jan 2 05:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ec2d95d187ca17e22da9e1a5d55369184c0a322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c2:f2:48:04:3d:27:19:57:a0:5f:7b:26:e1:
8e:97:42:4d:b7:17:aa:0b:99:d8:a9:ca:9b:cf:b9:
71:f5:a8:32:36:79:1b:68:32:8a:38:5b:9f:ba:67:
9f:61:1b:89:c5:0e:47:d0:e2:00:78:40:f5:0d:02:
f4:b0:df:04:e6:c7:af:2e:9d:23:78:d1:85:48:77:
75:9c:61:03:a8:3f:d9:ac:de:f0:03:7a:7b:c9:2d:
ea:f7:d2:e9:74:5a:be:02:76:d7:60:b7:cc:06:7b:
8b:ad:88:5f:2c:38:c8:30:17:18:4b:39:9d:ff:0f:
3c:14:07:37:b1:f7:31:2e:93:e8:d4:58:61:92:f2:
d0:20:13:53:cb:b8:b1:a0:dd:c7:f8:e4:7e:47:84:
0b:48:59:0f:1a:85:e7:09:e5:e9:d5:b8:82:90:c4:
07:55:fc:2b:fc:80:16:8e:e8:2e:4f:74:08:a8:26:
b2:43:f7:5a:ef:42:87:88:e1:e4:74:99:26:82:46:
39:a5:79:c7:cb:36:44:2d:cf:f0:de:10:e8:b0:3f:
29:34:8a:29:fe:2d:48:a3:1e:cd:56:1a:41:6b:74:
4e:31:de:43:01:4c:90:bf:e8:8a:f0:97:c3:d9:19:
6d:b1:0f:da:42:21:2f:4b:c7:4a:04:90:83:fc:f3:
ea:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C2:D9:5D:18:7C:A1:7E:22:DA:9E:1A:5D:55:36:91:84:C0:A3:22
X509v3 Authority Key Identifier:
keyid:DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/nsLZXRh8oX4i2p4aXVU2kYTAoyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.8.176.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:64:0d:3c:b0:16:fb:d5:22:d3:42:dc:ec:a5:6b:ff:c7:b3:
ad:0f:da:27:06:2d:1c:73:c9:0f:ae:0f:0c:6f:c3:e2:54:92:
1b:f6:9e:e7:c5:9a:7f:3d:cf:ad:4b:69:10:fa:b9:22:d0:54:
80:be:cf:2b:5e:a9:6e:c4:33:9b:81:5a:51:af:43:38:ef:cf:
69:8e:1e:1a:49:ff:3c:6f:c3:d1:ca:11:94:79:2d:e0:cb:9d:
dd:1b:c3:1e:55:56:a6:e8:f5:6f:b6:22:6f:42:00:93:64:1f:
97:2b:ce:69:58:83:74:e6:a9:a4:c4:b6:40:73:29:06:97:ab:
07:a4:be:fe:33:80:58:04:94:23:20:e6:94:65:40:ba:29:cb:
ed:d3:81:44:49:e8:90:d2:fe:b2:b4:35:2b:0b:f3:e9:6a:28:
75:cf:aa:03:c5:74:59:64:89:67:6b:a2:77:2b:4c:1d:06:27:
92:5c:74:4e:74:dc:0b:f6:05:0f:64:19:17:4f:08:1a:0f:43:
f9:68:4a:2a:8f:bc:7f:98:5f:21:91:41:3f:94:83:cb:9f:bd:
27:7e:4e:b8:5d:02:8c:5a:89:6a:a3:75:e9:ed:17:85:93:98:
6b:00:f9:96:54:c3:32:22:be:be:c4:86:3f:8d:49:9b:31:34:
af:55:ec:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KxPDTNX3yb7oqPgNFdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYjcxNDcxMzczYmIwNjAzYzM1NmVlZGVkNGI5MTgyOTJi
NWJlZWUwHhcNMjMwMTAyMDUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWMyZDk1ZDE4N2NhMTdlMjJkYTllMWE1ZDU1MzY5MTg0YzBhMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcLySAQ9JxlXoF97JuGOl0JNtxeq
C5nYqcqbz7lx9agyNnkbaDKKOFufumefYRuJxQ5H0OIAeED1DQL0sN8E5sevLp0j
eNGFSHd1nGEDqD/ZrN7wA3p7yS3q99LpdFq+AnbXYLfMBnuLrYhfLDjIMBcYSzmd
/w88FAc3sfcxLpPo1FhhkvLQIBNTy7ixoN3H+OR+R4QLSFkPGoXnCeXp1biCkMQH
Vfwr/IAWjuguT3QIqCayQ/da70KHiOHkdJkmgkY5pXnHyzZELc/w3hDosD8pNIop
/i1Iox7NVhpBa3ROMd5DAUyQv+iK8JfD2RltsQ/aQiEvS8dKBJCD/PPqYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7C2V0YfKF+ItqeGl1VNpGEwKMiMB8GA1UdIwQY
MBaAFN23FHE3O7BgPDVu7e1LkYKStb7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgt
NjIxMmFjNDljYTNiLzEvbnNMWlhSaDhvWDRpMnA0YVhWVTJrWVRBb3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgtNjIxMmFjNDljYTNi
LzEvM2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkQiwMA0G
CSqGSIb3DQEBCwUAA4IBAQDIZA08sBb71SLTQtzspWv/x7OtD9onBi0cc8kPrg8M
b8PiVJIb9p7nxZp/Pc+tS2kQ+rki0FSAvs8rXqluxDObgVpRr0M4789pjh4aSf88
b8PRyhGUeS3gy53dG8MeVVam6PVvtiJvQgCTZB+XK85pWIN05qmkxLZAcykGl6sH
pL7+M4BYBJQjIOaUZUC6Kcvt04FESeiQ0v6ytDUrC/Ppaih1z6oDxXRZZIlna6J3
K0wdBieSXHROdNwL9gUPZBkXTwgaD0P5aEoqj7x/mF8hkUE/lIPLn70nfk64XQKM
Wolqo3Xp7ReFk5hrAPmWVMMyIr6+xIY/jUmbMTSvVexe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:15 2025 by rpki-client