Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/NkBxILXTRcBmhI_sLEH6lyou6HA.roa
File: NkBxILXTRcBmhI_sLEH6lyou6HA.roa (raw, json)
Hash identifier: SEZKDwMJckTdOYoxcj9X6sdvZFeKFa2H7yCdl3EhN5E=
Subject key identifier: 36:40:71:20:B5:D3:45:C0:66:84:8F:EC:2C:41:FA:97:2A:2E:E8:70
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 36B5165A
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/NkBxILXTRcBmhI_sLEH6lyou6HA.roa
Signing time: Mon 23 May 2022 07:55:29 +0000
ROA not before: Mon 23 May 2022 07:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202676
IP address blocks: 82.159.143.0/24 maxlen: 24
82.159.163.0/24 maxlen: 24
5.40.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917837402 (0x36b5165a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: May 23 07:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36407120b5d345c066848fec2c41fa972a2ee870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:d6:6f:d6:dc:2d:a1:91:85:2b:2b:d3:e2:
62:d5:04:6e:aa:03:21:ae:4b:00:76:1c:8a:4e:2b:
20:17:8b:39:8d:55:ba:f3:d8:af:55:90:75:08:42:
3f:24:93:fd:af:ac:f0:6e:5b:28:79:48:16:42:ff:
87:23:5a:a6:da:45:1c:b5:12:ff:5d:3d:4d:2f:41:
a1:8f:35:4e:23:65:24:31:57:c6:12:55:c7:3e:a8:
d8:6e:fc:2f:da:17:50:29:db:12:dd:31:94:61:af:
f8:d8:4e:2b:04:fe:37:db:38:78:35:f7:f7:eb:45:
ad:26:53:90:57:ec:6b:df:bc:65:be:3f:8a:62:49:
7f:68:83:14:a4:12:5e:47:24:95:4c:db:34:5d:ac:
6c:71:24:8c:32:0b:6a:fd:c5:02:20:03:f0:11:e7:
cc:4f:7a:57:42:06:96:ae:f0:22:43:67:25:e1:03:
cf:16:95:9b:fb:2c:9c:67:d8:40:b3:81:11:da:e0:
92:b1:56:a2:1d:93:be:be:de:c9:07:36:3b:be:3e:
fb:f7:61:71:3e:f1:a1:ce:b8:e9:76:b5:05:dc:42:
b2:fd:ed:3e:99:13:0a:b3:d6:5b:b6:2f:1e:ef:cf:
fd:e9:30:8b:0f:70:0a:f8:74:48:42:27:51:79:1e:
ed:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:40:71:20:B5:D3:45:C0:66:84:8F:EC:2C:41:FA:97:2A:2E:E8:70
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/NkBxILXTRcBmhI_sLEH6lyou6HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.150.0/24
82.159.143.0/24
82.159.163.0/24
Signature Algorithm: sha256WithRSAEncryption
33:ae:eb:d6:4f:d4:cc:56:be:df:ce:3a:f9:51:b4:7e:55:2b:
50:29:9e:c5:2d:56:38:73:d6:70:21:48:c2:e8:93:42:ac:74:
33:9e:57:95:5d:aa:a2:3b:18:f1:c9:f5:fb:38:79:b9:6a:66:
19:28:c9:d7:3d:6e:fb:75:77:ca:e6:d0:a9:bc:b2:08:b5:8b:
d7:cd:80:87:c7:94:05:c8:40:ba:70:ca:c8:a3:e4:f5:f2:ac:
09:5a:56:ba:75:51:cb:4b:04:a4:b0:be:52:72:3f:27:3c:71:
42:48:4b:5f:d6:c0:0d:68:61:e5:1f:9f:9a:37:a9:7e:6d:15:
dc:e8:8c:bb:f7:87:d7:df:4c:54:94:8f:0f:4c:fd:60:b3:b1:
0c:66:d8:3a:65:82:9f:9a:ec:59:18:c4:15:de:f0:8b:fd:0e:
10:71:90:cc:c6:01:0d:42:6d:b4:f3:db:e1:41:f1:fa:c0:42:
fc:e9:cf:82:c3:02:e3:8b:2e:2e:e8:8a:3e:99:ae:d3:83:f1:
77:08:4b:9e:3f:ba:4a:74:8a:34:67:7b:6b:46:54:3b:a4:1d:
70:54:21:b3:be:86:cd:3c:ef:25:0e:e1:3e:76:ed:6e:3c:ac:
ca:44:ef:3e:b0:d1:fc:63:2e:ef:18:89:10:c0:a1:df:31:e2:
2d:8f:15:42
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENrUWWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDUy
MzA3NTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzY0MDcxMjBiNWQz
NDVjMDY2ODQ4ZmVjMmM0MWZhOTcyYTJlZTg3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+x1m/W3C2hkYUrK9PiYtUEbqoDIa5LAHYcik4rIBeLOY1V
uvPYr1WQdQhCPyST/a+s8G5bKHlIFkL/hyNaptpFHLUS/109TS9BoY81TiNlJDFX
xhJVxz6o2G78L9oXUCnbEt0xlGGv+NhOKwT+N9s4eDX39+tFrSZTkFfsa9+8Zb4/
imJJf2iDFKQSXkcklUzbNF2sbHEkjDILav3FAiAD8BHnzE96V0IGlq7wIkNnJeED
zxaVm/ssnGfYQLOBEdrgkrFWoh2Tvr7eyQc2O74++/dhcT7xoc646Xa1BdxCsv3t
PpkTCrPWW7YvHu/P/ekwiw9wCvh0SEInUXke7ZcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ2QHEgtdNFwGaEj+wsQfqXKi7ocDAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L05rQnhJTFhUUmNCbWhJX3NMRUg2bHlvdTZIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAUolgMEAFKfjwMEAFKfozANBgkq
hkiG9w0BAQsFAAOCAQEAM67r1k/UzFa+3846+VG0flUrUCmexS1WOHPWcCFIwuiT
Qqx0M55XlV2qojsY8cn1+zh5uWpmGSjJ1z1u+3V3yubQqbyyCLWL182Ah8eUBchA
unDKyKPk9fKsCVpWunVRy0sEpLC+UnI/JzxxQkhLX9bADWhh5R+fmjepfm0V3OiM
u/eH199MVJSPD0z9YLOxDGbYOmWCn5rsWRjEFd7wi/0OEHGQzMYBDUJttPPb4UHx
+sBC/OnPgsMC44suLuiKPpmu04PxdwhLnj+6SnSKNGd7a0ZUO6QdcFQhs76GzTzv
JQ7hPnbtbjysykTvPrDR/GMu7xiJEMCh3zHiLY8VQg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:32 2025 by rpki-client