Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/NqtizqZR49ZTY1SjBZzENEXI9ys.roa
File: NqtizqZR49ZTY1SjBZzENEXI9ys.roa (raw, json)
Hash identifier: GpxdbqaI/OODeTr5H3IOKlNE2KPQXXhF3FSwSOek/5M=
Subject key identifier: 36:AB:62:CE:A6:51:E3:D6:53:63:54:A3:05:9C:C4:34:45:C8:F7:2B
Certificate issuer: /CN=a5ab79857e68c0205cce2f11a5387a6afa1f8895
Certificate serial: 018570707032C0906572E70C0943F6B6B0DF
Authority key identifier: A5:AB:79:85:7E:68:C0:20:5C:CE:2F:11:A5:38:7A:6A:FA:1F:88:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pat5hX5owCBczi8RpTh6avofiJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/NqtizqZR49ZTY1SjBZzENEXI9ys.roa
Signing time: Mon 02 Jan 2023 03:04:54 +0000
ROA not before: Mon 02 Jan 2023 03:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206642
IP address blocks: 185.179.143.0/24 maxlen: 24
185.179.140.0/24 maxlen: 24
185.179.141.0/24 maxlen: 24
185.179.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:70:32:c0:90:65:72:e7:0c:09:43:f6:b6:b0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ab79857e68c0205cce2f11a5387a6afa1f8895
Validity
Not Before: Jan 2 03:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36ab62cea651e3d6536354a3059cc43445c8f72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8b:ac:e0:48:14:ed:31:4a:c1:f0:43:97:fa:
bd:8c:cc:7c:30:ec:55:51:ad:ee:b7:b8:99:33:65:
20:51:38:89:92:90:a6:da:a3:9f:e5:86:69:f1:fc:
3a:e8:88:2d:68:26:a0:4a:92:d8:24:03:5a:55:32:
67:2f:51:c3:f0:bb:5b:52:c0:1b:51:97:5f:f2:30:
ed:8e:16:82:4d:2b:7c:9a:cf:f6:3f:ab:d7:fb:11:
bb:0b:93:f2:a1:95:a5:7a:ca:85:01:24:04:c9:13:
19:f6:80:6f:c7:17:64:22:c8:55:2f:e2:7f:56:be:
16:af:87:da:94:02:42:12:a4:fa:d0:ce:6a:9d:d7:
a2:d2:bc:36:8d:23:a1:09:d4:be:87:4a:4e:98:d3:
69:4c:06:06:26:c7:c4:75:4c:f1:4b:ed:2e:ff:de:
e8:3c:20:a5:19:e3:3d:5c:a0:d4:69:85:ad:33:bd:
22:c0:4a:65:7b:7f:9a:8f:af:e4:df:b8:7b:6a:13:
29:16:e6:d9:f9:89:8f:a3:f3:1e:d6:c5:e9:c4:e3:
9b:66:98:49:91:a7:4f:59:9d:99:28:d8:6b:f9:8c:
80:f5:e7:a1:a0:ac:43:2a:dd:66:03:6e:5d:a8:24:
7c:a0:50:38:64:65:4b:08:89:06:e9:d0:54:55:d5:
ca:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AB:62:CE:A6:51:E3:D6:53:63:54:A3:05:9C:C4:34:45:C8:F7:2B
X509v3 Authority Key Identifier:
keyid:A5:AB:79:85:7E:68:C0:20:5C:CE:2F:11:A5:38:7A:6A:FA:1F:88:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pat5hX5owCBczi8RpTh6avofiJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/NqtizqZR49ZTY1SjBZzENEXI9ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e2a55c-b5e6-499a-b729-1e58ac87924a/1/pat5hX5owCBczi8RpTh6avofiJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.140.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:f8:42:30:19:9a:66:a0:db:58:90:86:23:2f:6b:5c:0e:cd:
07:d3:d4:6a:8f:d1:96:98:c7:f4:b8:15:ac:0c:62:c0:5e:1c:
fb:c9:e2:11:6d:67:8a:5e:e9:ee:da:98:28:f0:f4:5a:79:c1:
a9:b3:c9:33:6e:47:a3:ad:05:ac:4f:0c:89:c2:f8:d2:e9:8d:
fc:73:0e:f9:d2:1b:d3:88:6f:44:54:f4:53:46:3c:b9:f1:15:
7b:69:89:f3:0f:e1:02:dc:86:7f:9a:57:c1:68:9d:03:1e:0f:
01:5f:9c:3d:64:52:29:5a:d3:ac:a8:ec:82:de:26:f6:dc:4d:
71:08:5b:77:4b:70:a2:a1:40:04:f4:59:44:22:5d:90:76:bc:
85:cc:82:cf:f0:ef:12:fe:e3:d8:56:21:31:8c:06:d7:f4:c3:
7d:c0:ab:6c:3e:f0:f8:31:9a:00:98:14:44:fd:98:bd:9c:5e:
8c:42:54:36:2e:08:5b:69:34:e2:52:07:0d:98:bb:c4:6e:ac:
02:1d:e3:5c:d5:b2:45:4c:41:6e:9e:67:cf:c4:e6:39:5e:ec:
7c:3c:5b:55:1a:b5:ee:c1:a3:00:5f:ac:e0:9a:37:2a:bc:00:
83:da:bf:e3:72:bd:b7:7b:53:b4:c6:df:6c:32:d9:02:fd:24:
a0:a8:0c:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHAywJBlcucMCUP2trDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YWI3OTg1N2U2OGMwMjA1Y2NlMmYxMWE1Mzg3YTZhZmEx
Zjg4OTUwHhcNMjMwMTAyMDMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFiNjJjZWE2NTFlM2Q2NTM2MzU0YTMwNTljYzQzNDQ1YzhmNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4us4EgU7TFKwfBDl/q9jMx8MOxV
Ua3ut7iZM2UgUTiJkpCm2qOf5YZp8fw66IgtaCagSpLYJANaVTJnL1HD8LtbUsAb
UZdf8jDtjhaCTSt8ms/2P6vX+xG7C5PyoZWlesqFASQEyRMZ9oBvxxdkIshVL+J/
Vr4Wr4falAJCEqT60M5qndei0rw2jSOhCdS+h0pOmNNpTAYGJsfEdUzxS+0u/97o
PCClGeM9XKDUaYWtM70iwEple3+aj6/k37h7ahMpFubZ+YmPo/Me1sXpxOObZphJ
kadPWZ2ZKNhr+YyA9eehoKxDKt1mA25dqCR8oFA4ZGVLCIkG6dBUVdXKeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDarYs6mUePWU2NUowWcxDRFyPcrMB8GA1UdIwQY
MBaAFKWreYV+aMAgXM4vEaU4emr6H4iVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGF0NWhYNW93Q0Jjemk4UnBUaDZhdm9maUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lMmE1NWMtYjVlNi00OTlhLWI3Mjkt
MWU1OGFjODc5MjRhLzEvTnF0aXpxWlI0OVpUWTFTakJaekVORVhJOXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lMmE1NWMtYjVlNi00OTlhLWI3MjktMWU1OGFjODc5MjRh
LzEvcGF0NWhYNW93Q0Jjemk4UnBUaDZhdm9maUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubOMMA0G
CSqGSIb3DQEBCwUAA4IBAQBr+EIwGZpmoNtYkIYjL2tcDs0H09Rqj9GWmMf0uBWs
DGLAXhz7yeIRbWeKXunu2pgo8PRaecGps8kzbkejrQWsTwyJwvjS6Y38cw750hvT
iG9EVPRTRjy58RV7aYnzD+EC3IZ/mlfBaJ0DHg8BX5w9ZFIpWtOsqOyC3ib23E1x
CFt3S3CioUAE9FlEIl2QdryFzILP8O8S/uPYViExjAbX9MN9wKtsPvD4MZoAmBRE
/Zi9nF6MQlQ2LghbaTTiUgcNmLvEbqwCHeNc1bJFTEFunmfPxOY5Xux8PFtVGrXu
waMAX6zgmjcqvACD2r/jcr23e1O0xt9sMtkC/SSgqAyM
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:28 2025 by rpki-client