Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Njh3aofbUhK-2SWWs_i7B79Y3KM.roa
File: Njh3aofbUhK-2SWWs_i7B79Y3KM.roa (raw, json)
Hash identifier: owV8B3SQg4848hx6Netj9DI3OEZ9MXNMDfddOdmcb3Q=
Subject key identifier: 36:38:77:6A:87:DB:52:12:BE:D9:25:96:B3:F8:BB:07:BF:58:DC:A3
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 01876EF1F211C6AF451BC44037A832C7E8C2
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Njh3aofbUhK-2SWWs_i7B79Y3KM.roa
Signing time: Tue 11 Apr 2023 06:12:42 +0000
ROA not before: Tue 11 Apr 2023 06:12:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.156.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:f1:f2:11:c6:af:45:1b:c4:40:37:a8:32:c7:e8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Apr 11 06:12:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3638776a87db5212bed92596b3f8bb07bf58dca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:80:ea:48:5d:3a:b6:e4:78:34:84:39:34:f1:
1f:03:26:19:09:5b:fc:a7:af:58:96:25:b8:9a:43:
69:a4:5d:a7:50:42:e2:58:ab:e1:9f:07:7b:bb:49:
67:f1:37:a7:f2:b1:e1:2a:e5:14:00:a4:05:ae:d0:
9b:3f:e2:97:e6:68:4a:ee:6e:0b:4b:1a:46:f7:8d:
07:11:9c:8b:db:bb:40:c1:a6:fc:10:a2:a6:d4:32:
59:2f:b0:a6:8e:75:53:11:13:8e:40:a0:e5:c1:7a:
42:65:2a:8c:68:2e:38:a1:68:75:4a:f9:87:fe:e1:
64:4a:df:77:a4:e3:e0:35:1f:57:c6:f7:a9:46:99:
c4:3f:3b:24:64:b1:2f:83:c6:fc:be:8e:99:8a:40:
ef:f3:3a:ee:9e:84:b0:56:a3:7b:75:05:6e:99:80:
cc:bd:03:bb:5b:64:d0:c4:f5:5c:b6:e1:2c:29:54:
77:99:98:57:ae:05:28:c0:f0:44:83:1e:75:06:b4:
29:18:18:3d:0a:4d:74:92:fb:e3:c6:9c:b1:7e:a3:
27:a3:5e:e5:94:49:a1:d4:67:ad:c3:2e:49:91:d4:
76:b6:a4:3c:f1:83:a3:2f:c0:6f:2a:d5:7e:fa:bb:
7e:a4:fc:7c:c5:c6:b5:20:1c:19:f8:7a:9a:5a:ce:
f7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:38:77:6A:87:DB:52:12:BE:D9:25:96:B3:F8:BB:07:BF:58:DC:A3
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Njh3aofbUhK-2SWWs_i7B79Y3KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.145.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a1:20:0a:5f:02:a6:53:cb:de:76:cf:cd:71:3e:2a:bd:eb:
09:c6:07:99:c3:7d:f0:3f:6b:9c:26:48:c2:ee:a7:61:d4:46:
c1:de:b6:32:9c:f1:cf:b9:80:8e:3c:96:88:f8:44:5d:ba:14:
4c:72:45:58:16:ac:a5:81:55:89:fd:bb:2e:e5:fa:1f:42:39:
93:68:e3:77:76:ad:29:ea:70:d7:b8:57:51:b8:bc:10:36:f1:
3c:84:88:7c:75:54:80:94:e7:e6:72:e6:0d:76:fd:da:0f:a3:
29:fb:50:68:16:e6:f1:dd:b6:2a:74:1b:38:74:42:ce:27:85:
71:ed:d9:fb:d8:b2:17:a5:60:eb:9b:6d:67:85:e7:f5:5f:c5:
54:5e:fe:9e:ec:69:26:41:8e:76:7f:27:a3:79:ef:d4:3c:98:
03:e5:7e:53:4a:2c:6b:36:5e:75:de:65:24:4e:e8:19:e7:54:
e0:ea:cd:fd:7e:a5:50:2c:4d:cb:76:db:b3:35:4b:eb:76:10:
2a:c3:b8:29:71:22:67:da:c9:c0:97:01:08:53:64:9c:43:6a:
6c:98:eb:a6:e3:81:3d:04:e7:4c:bf:db:02:37:2d:4e:4b:96:
23:84:18:14:42:f8:79:19:f7:5d:69:cb:3e:5e:23:14:d3:3f:
b5:a1:1f:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdu8fIRxq9FG8RAN6gyx+jCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwNDExMDYxMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM4Nzc2YTg3ZGI1MjEyYmVkOTI1OTZiM2Y4YmIwN2JmNThkY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4DqSF06tuR4NIQ5NPEfAyYZCVv8
p69YliW4mkNppF2nUELiWKvhnwd7u0ln8Ten8rHhKuUUAKQFrtCbP+KX5mhK7m4L
SxpG940HEZyL27tAwab8EKKm1DJZL7CmjnVTEROOQKDlwXpCZSqMaC44oWh1SvmH
/uFkSt93pOPgNR9XxvepRpnEPzskZLEvg8b8vo6ZikDv8zrunoSwVqN7dQVumYDM
vQO7W2TQxPVctuEsKVR3mZhXrgUowPBEgx51BrQpGBg9Ck10kvvjxpyxfqMno17l
lEmh1Getwy5JkdR2tqQ88YOjL8BvKtV++rt+pPx8xca1IBwZ+HqaWs73CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDY4d2qH21ISvtkllrP4uwe/WNyjMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvTmpoM2FvZmJVaEstMlNXV3NfaTdCNzlZM0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyRMA0G
CSqGSIb3DQEBCwUAA4IBAQB1oSAKXwKmU8veds/NcT4qvesJxgeZw33wP2ucJkjC
7qdh1EbB3rYynPHPuYCOPJaI+ERduhRMckVYFqylgVWJ/bsu5fofQjmTaON3dq0p
6nDXuFdRuLwQNvE8hIh8dVSAlOfmcuYNdv3aD6Mp+1BoFubx3bYqdBs4dELOJ4Vx
7dn72LIXpWDrm21nhef1X8VUXv6e7GkmQY52fyejee/UPJgD5X5TSixrNl513mUk
TugZ51Tg6s39fqVQLE3LdtuzNUvrdhAqw7gpcSJn2snAlwEIU2ScQ2psmOum44E9
BOdMv9sCNy1OS5YjhBgUQvh5Gfddacs+XiMU0z+1oR+Y
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:07 2025 by rpki-client