Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/NafJyCQKQJH4hFL96FGPyV4wo3o.roa
File: NafJyCQKQJH4hFL96FGPyV4wo3o.roa (raw, json)
Hash identifier: a6C7ODowdSCt7cKvadePWC/Se3kLyhLef8GwDHwQbd0=
Subject key identifier: 35:A7:C9:C8:24:0A:40:91:F8:84:52:FD:E8:51:8F:C9:5E:30:A3:7A
Certificate issuer: /CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Certificate serial: 01869D387882E9071D3E5466366FFC036259
Authority key identifier: CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/NafJyCQKQJH4hFL96FGPyV4wo3o.roa
Signing time: Wed 01 Mar 2023 12:49:29 +0000
ROA not before: Wed 01 Mar 2023 12:49:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60051
IP address blocks: 185.71.205.0/24 maxlen: 24
185.71.206.0/24 maxlen: 24
185.71.204.0/24 maxlen: 24
185.71.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:38:78:82:e9:07:1d:3e:54:66:36:6f:fc:03:62:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc72e633df5635a9f98d2f68a6d2adcb44155cdc
Validity
Not Before: Mar 1 12:49:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35a7c9c8240a4091f88452fde8518fc95e30a37a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:25:66:75:25:ba:7b:cd:ad:f0:70:37:10:6c:
9d:62:b4:93:e3:00:b7:9c:69:c7:0c:f3:9b:7a:17:
a2:40:60:3f:57:5c:7b:c8:43:40:a8:5b:85:55:da:
60:4b:82:99:7b:7b:4b:f2:81:73:82:31:4e:76:9a:
79:f8:de:bc:73:98:cf:9c:36:ba:0b:13:99:75:0f:
e9:50:f6:29:5e:1f:68:b6:05:87:2a:87:73:6c:e5:
b7:66:f7:70:fa:f2:5c:d1:30:fb:3f:8d:45:09:c7:
96:a7:c7:5e:e1:d0:00:83:c0:9b:e4:1d:c8:a6:44:
5c:1e:e5:cf:74:9a:a8:c9:49:cd:40:e6:2e:e3:d5:
61:35:d3:df:38:dd:d5:ea:c1:73:80:63:17:fa:b4:
19:0d:14:dc:63:45:d3:39:21:8a:32:99:c6:ff:c6:
cd:67:7b:56:2e:54:e8:e9:c3:9c:d1:0a:49:83:49:
fb:86:84:fc:62:2f:2a:b7:84:9a:c7:a8:4a:bf:b8:
95:ed:eb:51:64:e4:71:12:73:99:d2:78:df:5b:13:
29:e2:07:01:06:58:4b:68:79:8b:c0:b8:dd:1c:f1:
82:ea:7d:2c:69:6b:89:fd:e6:77:25:4e:9b:12:8b:
d9:87:c1:0a:d6:d1:8d:53:51:e5:3b:05:23:de:06:
d0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A7:C9:C8:24:0A:40:91:F8:84:52:FD:E8:51:8F:C9:5E:30:A3:7A
X509v3 Authority Key Identifier:
keyid:CC:72:E6:33:DF:56:35:A9:F9:8D:2F:68:A6:D2:AD:CB:44:15:5C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHLmM99WNan5jS9optKty0QVXNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/NafJyCQKQJH4hFL96FGPyV4wo3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/027036-82b3-4128-b954-d012ca9ec197/1/zHLmM99WNan5jS9optKty0QVXNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.204.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:a9:37:4e:30:e3:0a:00:5d:7e:32:0e:e3:fa:1d:da:bc:0c:
17:c2:ba:88:a6:6c:50:54:33:08:ba:1a:94:6b:ad:2a:be:51:
57:38:0a:86:2f:9f:d8:c2:0f:f6:fd:75:ac:63:26:a2:da:62:
46:02:ad:50:fa:54:99:f4:17:a5:1e:42:85:58:59:74:6f:6e:
ed:eb:fb:98:23:09:32:19:20:64:ab:1f:23:70:6b:a5:61:ab:
ef:f8:41:1a:3d:8f:be:e7:96:33:11:eb:00:07:51:32:61:1b:
06:8d:17:49:70:2e:88:ce:35:59:f8:82:06:87:d6:9b:78:ea:
60:52:e2:af:eb:7a:88:14:e8:ba:12:91:a0:2f:35:23:70:91:
a5:51:9b:bb:23:1d:4b:d4:b7:d1:c6:f8:4d:2f:eb:14:11:21:
a9:6e:33:44:95:56:22:c3:b4:b8:e9:cf:67:00:52:fe:20:d8:
50:13:8e:d3:9d:61:23:e0:a6:6f:83:81:92:0b:6e:bc:9f:a6:
e9:07:3a:88:0b:5c:7a:38:2b:73:6c:e1:50:47:e7:23:c3:02:
bd:6e:c0:37:9e:40:7d:e6:34:13:2c:86:33:01:3e:c2:ee:45:
90:ff:58:c3:46:95:2a:38:6f:80:a4:75:c7:b9:c1:8d:46:5f:
d7:12:e1:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYadOHiC6QcdPlRmNm/8A2JZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzJlNjMzZGY1NjM1YTlmOThkMmY2OGE2ZDJhZGNiNDQx
NTVjZGMwHhcNMjMwMzAxMTI0OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWE3YzljODI0MGE0MDkxZjg4NDUyZmRlODUxOGZjOTVlMzBhMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyVmdSW6e82t8HA3EGydYrST4wC3
nGnHDPObeheiQGA/V1x7yENAqFuFVdpgS4KZe3tL8oFzgjFOdpp5+N68c5jPnDa6
CxOZdQ/pUPYpXh9otgWHKodzbOW3Zvdw+vJc0TD7P41FCceWp8de4dAAg8Cb5B3I
pkRcHuXPdJqoyUnNQOYu49VhNdPfON3V6sFzgGMX+rQZDRTcY0XTOSGKMpnG/8bN
Z3tWLlTo6cOc0QpJg0n7hoT8Yi8qt4Sax6hKv7iV7etRZORxEnOZ0njfWxMp4gcB
BlhLaHmLwLjdHPGC6n0saWuJ/eZ3JU6bEovZh8EK1tGNU1HlOwUj3gbQtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWnycgkCkCR+IRS/ehRj8leMKN6MB8GA1UdIwQY
MBaAFMxy5jPfVjWp+Y0vaKbSrctEFVzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQt
ZDAxMmNhOWVjMTk3LzEvTmFmSnlDUUtRSkg0aEZMOTZGR1B5VjR3bzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wMjcwMzYtODJiMy00MTI4LWI5NTQtZDAxMmNhOWVjMTk3
LzEvekhMbU05OVdOYW41alM5b3B0S3R5MFFWWE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUfMMA0G
CSqGSIb3DQEBCwUAA4IBAQDGqTdOMOMKAF1+Mg7j+h3avAwXwrqIpmxQVDMIuhqU
a60qvlFXOAqGL5/Ywg/2/XWsYyai2mJGAq1Q+lSZ9BelHkKFWFl0b27t6/uYIwky
GSBkqx8jcGulYavv+EEaPY++55YzEesAB1EyYRsGjRdJcC6IzjVZ+IIGh9abeOpg
UuKv63qIFOi6EpGgLzUjcJGlUZu7Ix1L1LfRxvhNL+sUESGpbjNElVYiw7S46c9n
AFL+INhQE47TnWEj4KZvg4GSC268n6bpBzqIC1x6OCtzbOFQR+cjwwK9bsA3nkB9
5jQTLIYzAT7C7kWQ/1jDRpUqOG+ApHXHucGNRl/XEuFw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:57 2025 by rpki-client