Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/NyLquCk53hK8mVURGlDhBRWIF00.roa
File: NyLquCk53hK8mVURGlDhBRWIF00.roa (raw, json)
Hash identifier: jro3kFXYSbKlxKTCqArupzzJwQa7AIK+YV7utM/0QyU=
Subject key identifier: 37:22:EA:B8:29:39:DE:12:BC:99:55:11:1A:50:E1:05:15:88:17:4D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184AD6B7168C79A27ACA12D0DFDA2555E5D
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/NyLquCk53hK8mVURGlDhBRWIF00.roa
Signing time: Fri 25 Nov 2022 06:13:30 +0000
ROA not before: Fri 25 Nov 2022 06:13:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57428
IP address blocks: 164.215.101.0/24 maxlen: 24
109.205.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:6b:71:68:c7:9a:27:ac:a1:2d:0d:fd:a2:55:5e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 25 06:13:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3722eab82939de12bc9955111a50e1051588174d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4e:66:6a:8e:e5:ea:0c:9b:3b:6e:c3:8d:30:
52:fa:b1:1d:e3:c1:08:b1:e6:20:26:d7:89:73:d2:
52:12:7e:18:68:83:b9:69:64:4d:f3:4d:a2:ad:3f:
33:2f:2b:ac:36:91:11:b9:a1:b6:2c:9e:60:53:f9:
26:59:46:58:dd:22:d1:14:73:9c:08:cd:7e:26:45:
53:c9:91:28:2a:e6:4e:c9:d1:e7:65:3d:a0:f4:4a:
96:75:92:ca:ad:db:ae:e7:22:7e:5d:d8:78:79:6e:
2a:67:57:3d:31:35:bb:bc:ab:28:2e:06:28:ca:ee:
99:17:b8:f6:a5:74:91:e6:8f:a4:2e:27:20:46:d0:
35:19:93:f0:97:39:3f:a2:b3:25:e4:61:1b:f7:b9:
11:b1:bf:8e:c4:de:d0:cd:7f:24:17:b9:62:bf:4d:
df:2f:6b:bb:1e:3c:2a:06:e7:70:5e:f3:5e:73:68:
b8:7a:e8:cd:df:b5:09:eb:26:ea:58:6d:80:0a:db:
fd:b2:4d:1a:53:8e:ec:83:cb:a7:c6:dc:da:39:3a:
9b:a6:d7:2e:13:d4:64:94:f6:10:0d:fa:d2:87:56:
2f:d8:a3:d6:2b:67:51:7c:57:d9:7a:c0:fd:36:f3:
89:f0:c9:fa:07:a4:17:29:f3:4f:ec:d0:91:bc:e7:
8a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:22:EA:B8:29:39:DE:12:BC:99:55:11:1A:50:E1:05:15:88:17:4D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/NyLquCk53hK8mVURGlDhBRWIF00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.215.0/24
164.215.101.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:03:cd:ae:b0:59:a3:1a:28:00:79:87:6a:3c:b1:02:6e:d8:
e2:4e:45:88:c7:06:12:27:00:e3:ba:42:a6:3e:ee:c8:ad:5d:
72:95:ec:c6:3e:aa:3c:34:d8:91:da:3b:6b:68:d4:32:25:cc:
a4:b6:f0:ac:ba:3a:b1:bd:b2:09:a7:9b:64:38:df:b2:f3:fc:
fe:06:0a:02:9f:e9:49:db:93:95:e2:d0:6e:5f:41:d8:06:a1:
0e:40:cd:53:7e:67:06:c1:34:ab:1f:1b:61:cb:54:9a:23:86:
55:76:be:ab:55:f5:3b:95:94:a9:b1:80:9c:52:08:80:6f:1a:
cc:f9:90:35:3c:4a:b2:3e:58:bc:44:f9:b9:e0:a4:d1:c4:41:
8e:5e:e3:63:f9:32:b1:1d:06:d0:4b:3c:78:b7:26:e6:78:90:
9e:bc:cf:24:71:13:77:e4:3f:27:e2:93:85:69:23:95:40:34:
5d:70:97:97:d1:18:8d:9a:c5:a5:18:ae:d7:81:5b:a1:9c:1d:
0b:f0:fd:84:80:ac:8d:03:47:bd:29:43:6f:a7:68:c8:77:ee:
ba:b2:8c:5f:39:2c:e5:8f:52:58:ff:58:79:26:6a:c2:1b:1b:
17:bd:19:24:91:b3:6d:e5:e3:31:2c:94:1a:fc:f4:58:30:fe:
cb:e1:1b:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSta3Fox5onrKEtDf2iVV5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTI1MDYxMzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIyZWFiODI5MzlkZTEyYmM5OTU1MTExYTUwZTEwNTE1ODgxNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj05mao7l6gybO27DjTBS+rEd48EI
seYgJteJc9JSEn4YaIO5aWRN802irT8zLyusNpERuaG2LJ5gU/kmWUZY3SLRFHOc
CM1+JkVTyZEoKuZOydHnZT2g9EqWdZLKrduu5yJ+Xdh4eW4qZ1c9MTW7vKsoLgYo
yu6ZF7j2pXSR5o+kLicgRtA1GZPwlzk/orMl5GEb97kRsb+OxN7QzX8kF7liv03f
L2u7HjwqBudwXvNec2i4eujN37UJ6ybqWG2ACtv9sk0aU47sg8unxtzaOTqbptcu
E9RklPYQDfrSh1Yv2KPWK2dRfFfZesD9NvOJ8Mn6B6QXKfNP7NCRvOeKMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDci6rgpOd4SvJlVERpQ4QUViBdNMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvTnlMcXVDazUzaEs4bVZVUkdsRGhCUldJRjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbc3XAwQA
pNdlMA0GCSqGSIb3DQEBCwUAA4IBAQCKA82usFmjGigAeYdqPLECbtjiTkWIxwYS
JwDjukKmPu7IrV1ylezGPqo8NNiR2jtraNQyJcyktvCsujqxvbIJp5tkON+y8/z+
BgoCn+lJ25OV4tBuX0HYBqEOQM1TfmcGwTSrHxthy1SaI4ZVdr6rVfU7lZSpsYCc
UgiAbxrM+ZA1PEqyPli8RPm54KTRxEGOXuNj+TKxHQbQSzx4tybmeJCevM8kcRN3
5D8n4pOFaSOVQDRdcJeX0RiNmsWlGK7XgVuhnB0L8P2EgKyNA0e9KUNvp2jId+66
soxfOSzlj1JY/1h5JmrCGxsXvRkkkbNt5eMxLJQa/PRYMP7L4Rvk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:01 2025 by rpki-client