Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/NMJUcaIevpo8fqBjHqGhb0A6tP8.roa
File: NMJUcaIevpo8fqBjHqGhb0A6tP8.roa (raw, json)
Hash identifier: NJwqOmkNb+c65fZ1B1MM2WJs1pLIpC42hTrh3nwdDSY=
Subject key identifier: 34:C2:54:71:A2:1E:BE:9A:3C:7E:A0:63:1E:A1:A1:6F:40:3A:B4:FF
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 0662FD98
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/NMJUcaIevpo8fqBjHqGhb0A6tP8.roa
Signing time: Sat 01 Jan 2022 07:00:11 +0000
ROA not before: Sat 01 Jan 2022 07:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208171
IP address blocks: 45.156.98.0/24 maxlen: 24
45.156.96.0/24 maxlen: 24
45.156.97.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/31 maxlen: 31
2a0f:1c84::/31 maxlen: 31
2a0f:1c82::/31 maxlen: 31
2a0f:1c86::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107150744 (0x662fd98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Jan 1 07:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34c25471a21ebe9a3c7ea0631ea1a16f403ab4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c4:1e:e8:b4:c0:91:26:93:d6:43:73:0e:20:
97:b0:33:f8:42:50:1e:eb:39:e6:d7:81:61:29:4f:
da:16:a5:18:16:1c:f9:71:d4:83:b1:d5:31:73:a7:
59:11:9d:67:df:31:02:c7:4f:d4:de:42:a6:34:7d:
71:6d:2c:f9:13:54:68:fa:fa:47:e6:7c:b6:3f:ac:
b4:e8:3c:3b:87:9d:16:be:4f:81:c4:0e:39:13:49:
3b:a7:c5:4c:9c:ca:bc:f6:30:51:bc:9d:52:18:82:
9b:be:e8:a6:1e:7c:9b:a7:7a:2b:80:cb:58:23:b3:
fd:c5:d9:cc:0f:1c:a8:0c:c5:15:fc:48:56:ba:ba:
06:93:20:57:bb:bd:d2:1f:61:91:8f:e0:c7:9b:59:
1c:13:80:f4:11:34:d7:60:2f:37:cb:52:2a:28:ea:
ee:94:55:a1:4c:ce:4c:54:ea:75:08:10:d2:c3:02:
1e:f8:31:ba:c7:98:81:fc:49:f7:de:02:41:9b:b1:
a2:fa:29:0f:ca:b4:b7:39:aa:84:00:c4:ff:47:a6:
84:e4:f9:78:e9:83:a9:6b:4f:f5:50:27:82:41:30:
94:f1:89:db:01:d2:f3:88:78:8f:9a:a1:4d:a4:22:
0d:8d:db:8b:d0:64:39:5f:57:58:33:62:d7:c5:be:
48:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C2:54:71:A2:1E:BE:9A:3C:7E:A0:63:1E:A1:A1:6F:40:3A:B4:FF
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/NMJUcaIevpo8fqBjHqGhb0A6tP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
df:69:29:9c:14:18:2c:5e:80:91:46:15:b4:fd:5b:14:eb:de:
9b:3f:ea:45:c0:b5:80:7e:9c:45:4e:da:58:4e:d7:a5:46:ef:
62:bd:d4:41:42:73:a6:b3:c6:50:15:ff:52:5c:31:ec:5d:30:
d6:ae:99:b7:8a:11:4e:ce:61:af:9c:a3:0b:86:a2:00:7d:4e:
12:e9:10:99:55:08:4e:b7:da:21:ed:fc:18:68:38:a8:8f:42:
36:3b:ae:e4:56:53:49:a3:0d:f4:62:cd:92:f4:51:a7:36:df:
1d:25:e8:a7:db:17:98:93:b8:d2:2a:5e:5e:29:60:4a:2c:12:
7a:dc:5c:00:b2:c3:58:be:e0:46:b7:df:e5:42:1c:a2:ec:09:
7e:dd:97:45:41:63:18:af:ee:a3:0d:0a:c4:51:f7:30:47:76:
5f:01:79:aa:6f:5c:23:55:94:b0:90:10:0b:7e:76:d3:9c:50:
20:f1:43:fe:32:b4:7a:fa:6c:cc:29:05:38:d4:c6:35:3d:ba:
d9:d6:74:44:cf:22:52:c0:6b:db:31:ab:00:16:11:2f:d9:27:
46:33:37:44:50:af:1b:02:aa:7e:44:b3:c8:31:00:62:f1:5b:
74:1d:62:c9:26:32:df:5f:4e:46:8c:ad:04:52:89:1f:d7:78:
3e:35:35:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBmL9mDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWEwZDk4MjUxMDNkOWRhNDc2MWVmYTkxYTYwZWEyY2E3NThkMDAzMB4XDTIyMDEw
MTA3MDAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRjMjU0NzFhMjFl
YmU5YTNjN2VhMDYzMWVhMWExNmY0MDNhYjRmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvEHui0wJEmk9ZDcw4gl7Az+EJQHus55teBYSlP2halGBYc
+XHUg7HVMXOnWRGdZ98xAsdP1N5CpjR9cW0s+RNUaPr6R+Z8tj+stOg8O4edFr5P
gcQOORNJO6fFTJzKvPYwUbydUhiCm77oph58m6d6K4DLWCOz/cXZzA8cqAzFFfxI
Vrq6BpMgV7u90h9hkY/gx5tZHBOA9BE012AvN8tSKijq7pRVoUzOTFTqdQgQ0sMC
HvgxuseYgfxJ994CQZuxovopD8q0tzmqhADE/0emhOT5eOmDqWtP9VAngkEwlPGJ
2wHS84h4j5qhTaQiDY3bi9BkOV9XWDNi18W+SJcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ0wlRxoh6+mjx+oGMeoaFvQDq0/zAfBgNVHSMEGDAWgBRRoNmCUQPZ2kdh
76kaYOosp1jQAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VhRFpnbEVEMmRwSFllLXBHbURxTEtkWTBBTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvYjRmNDliLTc1ZTUtNDg2NC05MDhlLTZhM2RmMDFhMzIzNi8x
L05NSlVjYUlldnBvOGZxQmpIcUdoYjBBNnRQOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
YjRmNDliLTc1ZTUtNDg2NC05MDhlLTZhM2RmMDFhMzIzNi8xL1VhRFpnbEVEMmRw
SFllLXBHbURxTEtkWTBBTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2cYDANBAIAAjAHAwUDKg8cgDAN
BgkqhkiG9w0BAQsFAAOCAQEA32kpnBQYLF6AkUYVtP1bFOvemz/qRcC1gH6cRU7a
WE7XpUbvYr3UQUJzprPGUBX/Ulwx7F0w1q6Zt4oRTs5hr5yjC4aiAH1OEukQmVUI
TrfaIe38GGg4qI9CNjuu5FZTSaMN9GLNkvRRpzbfHSXop9sXmJO40ipeXilgSiwS
etxcALLDWL7gRrff5UIcouwJft2XRUFjGK/uow0KxFH3MEd2XwF5qm9cI1WUsJAQ
C35205xQIPFD/jK0evpszCkFONTGNT262dZ0RM8iUsBr2zGrABYRL9knRjM3RFCv
GwKqfkSzyDEAYvFbdB1iySYy319ORoytBFKJH9d4PjU16g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:31 2024 by rpki-client on console-ams.rpki-client.org