Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/NmN7KQVfVxsMfrX8YcdLPpRcQ0s.roa
File: NmN7KQVfVxsMfrX8YcdLPpRcQ0s.roa (raw, json)
Hash identifier: nOTp8Es4GtrQRequFrA15WyRC7RV3kbrPHvP8iiJdEk=
Subject key identifier: 36:63:7B:29:05:5F:57:1B:0C:7E:B5:FC:61:C7:4B:3E:94:5C:43:4B
Certificate issuer: /CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Certificate serial: 01856FCBB8F25545DD6495D97E5059F12D71
Authority key identifier: D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/NmN7KQVfVxsMfrX8YcdLPpRcQ0s.roa
Signing time: Mon 02 Jan 2023 00:05:00 +0000
ROA not before: Mon 02 Jan 2023 00:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201194
IP address blocks: 178.20.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b8:f2:55:45:dd:64:95:d9:7e:50:59:f1:2d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Validity
Not Before: Jan 2 00:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36637b29055f571b0c7eb5fc61c74b3e945c434b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:2b:64:2d:01:0a:0e:99:e3:ba:be:cc:b3:
e7:99:9b:3e:50:f4:d6:9c:f7:a6:f0:a4:69:92:cf:
6c:e6:7b:f0:af:f2:5c:3d:86:17:84:04:8b:00:61:
08:35:2b:8f:72:bf:d1:3b:2e:80:f2:ce:e6:30:a8:
ea:0d:9c:cf:41:be:1c:a4:24:87:9c:94:87:2f:49:
d4:58:cd:fc:06:1c:78:d3:30:99:a1:f6:fc:84:90:
a3:0e:80:6e:45:99:68:26:72:ac:4e:90:4c:15:c6:
60:11:d8:47:78:c6:31:27:37:64:ea:d0:04:95:5e:
89:5f:40:8e:a4:a5:bd:ae:20:98:bd:ba:f9:f4:5b:
17:1b:e4:2b:d0:59:1c:e4:4e:c2:7b:d2:f4:1f:3d:
77:ee:0e:24:f4:d2:8c:b5:d0:cb:a3:94:81:dd:fe:
83:4d:60:bb:21:b9:97:ea:31:4e:57:e7:83:0f:de:
c3:54:88:ac:14:77:4a:0d:cc:63:00:d6:54:8e:5e:
0a:87:7c:38:8a:34:5d:11:23:9e:e7:a5:3d:6f:c3:
ea:75:13:1b:80:45:b8:4c:e0:68:c2:fd:f3:01:91:
d3:eb:e3:c2:cb:bd:76:d5:25:77:1d:84:3c:bc:a9:
07:00:13:9b:40:ef:8c:72:fb:77:12:6e:d8:e5:5d:
a1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:63:7B:29:05:5F:57:1B:0C:7E:B5:FC:61:C7:4B:3E:94:5C:43:4B
X509v3 Authority Key Identifier:
keyid:D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/NmN7KQVfVxsMfrX8YcdLPpRcQ0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/2TpU8C9J9FrV1z5VUdCWGBvOP24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.208.0/24
Signature Algorithm: sha256WithRSAEncryption
11:2d:8f:f4:07:82:73:5b:ff:ca:c5:28:aa:1a:fe:7b:79:5c:
ff:b1:9e:d4:72:1b:ea:b9:9a:b5:d4:f3:9c:03:53:ea:c3:bb:
a7:89:50:e0:18:8b:c6:49:6f:33:ec:de:05:49:2d:79:c6:1f:
4e:8f:e7:cf:00:f7:57:64:1c:32:d9:43:42:c3:30:84:06:55:
88:b7:9c:ec:48:9b:0e:bc:2d:80:51:01:e3:b0:2d:ba:1e:65:
50:d7:fc:8d:da:31:43:c0:d2:0d:77:0b:41:71:84:69:fc:09:
56:08:e1:88:a6:b3:27:3f:07:ea:1a:cf:a4:3d:a7:c2:32:7c:
05:fd:97:b2:ae:1b:35:c9:ed:d7:54:1c:99:13:ca:7b:05:1b:
21:e3:1f:49:c5:09:84:38:66:c0:a5:dc:ba:b4:be:24:e5:20:
37:77:e7:0e:a3:24:0d:fe:ae:d4:c3:31:c9:39:a1:69:23:48:
2f:5d:a7:46:a9:77:37:19:db:72:dc:0a:0c:ae:12:70:dc:3c:
d0:cd:48:6a:6e:f1:d2:33:a7:db:a2:90:89:76:75:64:8c:5c:
dc:5a:89:79:e2:4e:9b:c4:07:aa:15:4d:97:62:db:7f:08:f6:
25:f3:77:31:1f:43:dd:be:03:a6:6b:1c:2b:33:66:6e:c7:7a:
17:75:fb:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7jyVUXdZJXZflBZ8S1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2E1NGYwMmY0OWY0NWFkNWQ3M2U1NTUxZDA5NjE4MWJj
ZTNmNmUwHhcNMjMwMTAyMDAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjYzN2IyOTA1NWY1NzFiMGM3ZWI1ZmM2MWM3NGIzZTk0NWM0MzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG0rZC0BCg6Z47q+zLPnmZs+UPTW
nPem8KRpks9s5nvwr/JcPYYXhASLAGEINSuPcr/ROy6A8s7mMKjqDZzPQb4cpCSH
nJSHL0nUWM38Bhx40zCZofb8hJCjDoBuRZloJnKsTpBMFcZgEdhHeMYxJzdk6tAE
lV6JX0COpKW9riCYvbr59FsXG+Qr0Fkc5E7Ce9L0Hz137g4k9NKMtdDLo5SB3f6D
TWC7IbmX6jFOV+eDD97DVIisFHdKDcxjANZUjl4Kh3w4ijRdESOe56U9b8PqdRMb
gEW4TOBowv3zAZHT6+PCy7121SV3HYQ8vKkHABObQO+Mcvt3Em7Y5V2hdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZjeykFX1cbDH61/GHHSz6UXENLMB8GA1UdIwQY
MBaAFNk6VPAvSfRa1dc+VVHQlhgbzj9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMt
MDVkNThmMGNiODhjLzEvTm1ON0tRVmZWeHNNZnJYOFljZExQcFJjUTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMtMDVkNThmMGNiODhj
LzEvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAshTQMA0G
CSqGSIb3DQEBCwUAA4IBAQARLY/0B4JzW//KxSiqGv57eVz/sZ7UchvquZq11POc
A1Pqw7uniVDgGIvGSW8z7N4FSS15xh9Oj+fPAPdXZBwy2UNCwzCEBlWIt5zsSJsO
vC2AUQHjsC26HmVQ1/yN2jFDwNINdwtBcYRp/AlWCOGIprMnPwfqGs+kPafCMnwF
/Zeyrhs1ye3XVByZE8p7BRsh4x9JxQmEOGbApdy6tL4k5SA3d+cOoyQN/q7UwzHJ
OaFpI0gvXadGqXc3Gdty3AoMrhJw3DzQzUhqbvHSM6fbopCJdnVkjFzcWol54k6b
xAeqFU2XYtt/CPYl83cxH0PdvgOmaxwrM2Zux3oXdfsa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:57 2025 by rpki-client