Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/NVG1_YMb0lbYpf4VFbWBf7L6s54.roa
File: NVG1_YMb0lbYpf4VFbWBf7L6s54.roa (raw, json)
Hash identifier: U2zJgvJE948hCrG5J49MFA/UMjdfT2SawNzQSY082d8=
Subject key identifier: 35:51:B5:FD:83:1B:D2:56:D8:A5:FE:15:15:B5:81:7F:B2:FA:B3:9E
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0A05AA2D
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/NVG1_YMb0lbYpf4VFbWBf7L6s54.roa
Signing time: Mon 06 Jun 2022 13:46:20 +0000
ROA not before: Mon 06 Jun 2022 13:46:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48024
IP address blocks: 46.232.56.0/21 maxlen: 24
46.3.96.0/20 maxlen: 24
46.3.0.0/22 maxlen: 24
46.232.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168143405 (0xa05aa2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jun 6 13:46:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3551b5fd831bd256d8a5fe1515b5817fb2fab39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e0:fd:10:3b:85:61:0a:e5:1a:7b:b4:07:9f:
57:6a:85:18:2c:7c:a7:e5:4c:13:fc:63:39:9f:a6:
23:c7:2d:f6:d4:ba:8d:52:fe:90:30:38:e2:86:1f:
a1:1b:5e:c6:37:af:fa:51:82:c8:47:e5:79:45:ed:
29:9d:8a:99:8b:75:59:98:e8:ac:21:e5:df:a9:16:
2a:51:96:e5:a4:7a:0b:83:76:4b:38:ea:e3:1a:e5:
be:53:41:ac:43:98:9f:e4:f0:f9:f3:f9:5a:c1:de:
dd:31:5d:83:86:29:4d:14:0c:5f:04:5d:4a:07:9c:
a6:97:93:90:a1:3e:c7:6b:e8:8c:75:d0:e3:d4:50:
c7:cb:1b:b8:ec:54:30:b6:8d:c7:b8:cc:75:6b:ee:
51:2c:df:af:2a:59:63:3d:7f:fe:52:06:4a:03:4a:
ee:ac:0d:c1:71:a0:33:97:d8:29:bc:ad:1a:dd:ac:
e1:60:33:7d:20:0b:33:82:d4:06:f1:fe:50:d6:bb:
2c:19:c1:94:50:aa:63:3d:0f:4d:f4:77:00:60:87:
48:8d:e1:18:c8:7c:f6:df:a7:35:dc:94:7f:90:7c:
10:0d:8f:cc:84:1d:2a:c9:d5:7a:74:13:56:57:8f:
9c:c8:bc:e1:48:f7:9c:84:92:60:0a:bc:2a:46:c9:
ba:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:51:B5:FD:83:1B:D2:56:D8:A5:FE:15:15:B5:81:7F:B2:FA:B3:9E
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/NVG1_YMb0lbYpf4VFbWBf7L6s54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.0.0/22
46.3.96.0/20
46.232.48.0/20
Signature Algorithm: sha256WithRSAEncryption
81:3c:b5:60:6e:32:c4:85:9c:9a:a5:1d:fc:a5:65:10:4b:a5:
55:6f:97:29:b0:5a:d0:5b:72:87:0c:25:a3:3a:6a:8d:4e:2f:
28:64:b7:58:39:e1:5d:27:5c:a5:fa:f5:09:f8:39:a8:59:a1:
f8:01:6d:9c:fb:d5:ca:bc:bf:5d:77:91:c5:9c:bf:63:60:83:
33:0b:42:6e:6c:ca:bf:5f:67:04:1f:64:be:b8:99:9b:ab:5f:
82:b4:6d:45:30:44:44:56:75:50:26:7c:a2:c1:4a:aa:1c:0f:
73:25:ce:d4:8f:89:12:88:fa:3e:28:14:eb:08:37:37:4e:16:
1f:bc:8e:e2:48:a5:49:cf:4b:95:c1:82:5c:d9:e6:7f:18:e9:
6c:78:1a:79:23:02:b4:49:91:1c:42:3f:b6:38:0c:0e:68:a1:
21:59:7c:f1:50:84:dc:68:eb:93:bd:05:e9:1e:8f:b7:56:29:
71:b6:5c:7c:7a:69:21:67:b0:5a:b1:56:af:c1:44:e0:c3:90:
ff:70:ac:1b:49:f0:da:26:e4:cb:9a:c7:eb:94:63:52:40:1d:
75:c9:da:43:54:c7:45:19:41:fc:0e:d4:46:0e:d4:59:c5:f5:
43:e5:22:ab:2b:d3:6b:4a:82:28:89:51:52:f0:47:55:80:28:
83:34:5c:0f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECgWqLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTg4ZjE5N2Y5N2U4OTAwNzU1NTQ0ZTgxMGNkZGVmOWQ5MGZiYzQxMB4XDTIyMDYw
NjEzNDYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzU1MWI1ZmQ4MzFi
ZDI1NmQ4YTVmZTE1MTViNTgxN2ZiMmZhYjM5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvg/RA7hWEK5Rp7tAefV2qFGCx8p+VME/xjOZ+mI8ct9tS6
jVL+kDA44oYfoRtexjev+lGCyEfleUXtKZ2KmYt1WZjorCHl36kWKlGW5aR6C4N2
Szjq4xrlvlNBrEOYn+Tw+fP5WsHe3TFdg4YpTRQMXwRdSgecppeTkKE+x2vojHXQ
49RQx8sbuOxUMLaNx7jMdWvuUSzfrypZYz1//lIGSgNK7qwNwXGgM5fYKbytGt2s
4WAzfSALM4LUBvH+UNa7LBnBlFCqYz0PTfR3AGCHSI3hGMh89t+nNdyUf5B8EA2P
zIQdKsnVenQTVlePnMi84Uj3nISSYAq8KkbJulkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ1UbX9gxvSVtil/hUVtYF/svqznjAfBgNVHSMEGDAWgBRViPGX+X6JAHVV
ROgQzd752Q+8QTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8x
L05WRzFfWU1iMGxiWXBmNFZGYldCZjdMNnM1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
NjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEwZi8xL1ZZanhsX2wtaVFC
MVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi4DAAMEBC4DYAMEBC7oMDANBgkq
hkiG9w0BAQsFAAOCAQEAgTy1YG4yxIWcmqUd/KVlEEulVW+XKbBa0Ftyhwwlozpq
jU4vKGS3WDnhXSdcpfr1Cfg5qFmh+AFtnPvVyry/XXeRxZy/Y2CDMwtCbmzKv19n
BB9kvriZm6tfgrRtRTBERFZ1UCZ8osFKqhwPcyXO1I+JEoj6PigU6wg3N04WH7yO
4kilSc9LlcGCXNnmfxjpbHgaeSMCtEmRHEI/tjgMDmihIVl88VCE3Gjrk70F6R6P
t1YpcbZcfHppIWewWrFWr8FE4MOQ/3CsG0nw2ibky5rH65RjUkAddcnaQ1THRRlB
/A7URg7UWcX1Q+UiqyvTa0qCKIlRUvBHVYAogzRcDw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:07 2025 by rpki-client