Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/nnw4eHBJiegnhVYw39sAux5MlR4.roa
File: nnw4eHBJiegnhVYw39sAux5MlR4.roa (raw, json)
Hash identifier: gEtYqbYMVVZU2OAueH4zuA6P8MTMQdxkpqhsd3ln9fo=
Subject key identifier: 9E:7C:38:78:70:49:89:E8:27:85:56:30:DF:DB:00:BB:1E:4C:95:1E
Certificate issuer: /CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Certificate serial: 018617D04427B7A36191D36D66795A67CAD3
Authority key identifier: B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/nnw4eHBJiegnhVYw39sAux5MlR4.roa
Signing time: Fri 03 Feb 2023 15:06:10 +0000
ROA not before: Fri 03 Feb 2023 15:06:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31180
IP address blocks: 217.144.112.0/24 maxlen: 24
217.144.113.0/24 maxlen: 24
217.144.118.0/24 maxlen: 24
217.144.116.0/24 maxlen: 24
217.144.117.0/24 maxlen: 24
217.144.114.0/24 maxlen: 24
217.144.115.0/24 maxlen: 24
217.144.119.0/24 maxlen: 24
217.144.120.0/24 maxlen: 24
217.144.125.0/24 maxlen: 24
217.144.123.0/24 maxlen: 24
217.144.124.0/24 maxlen: 24
217.144.121.0/24 maxlen: 24
217.144.122.0/24 maxlen: 24
217.144.126.0/24 maxlen: 24
217.144.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:d0:44:27:b7:a3:61:91:d3:6d:66:79:5a:67:ca:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d2e681ff23dddf3d517858e1c64a1dad298729
Validity
Not Before: Feb 3 15:06:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e7c3878704989e827855630dfdb00bb1e4c951e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d3:33:c5:a9:7e:c0:f2:54:df:36:ee:c6:78:
e8:12:90:00:a4:2b:40:c1:0d:94:3d:11:a7:43:a7:
73:0d:bd:92:45:e0:63:cb:09:f5:9a:08:1f:d2:90:
ec:10:38:fb:d0:ed:20:2e:bd:23:26:6e:9e:7d:d6:
dd:83:16:51:de:ce:66:d9:89:ae:81:df:a5:3c:31:
f4:57:78:cc:1c:2c:f0:f1:39:ca:16:df:d3:82:51:
e3:17:4d:c2:2e:a7:cb:44:3f:d7:ef:b9:21:15:4e:
7e:71:e7:e5:f7:f1:95:3f:56:d7:51:9b:d0:e7:3f:
a9:f0:e5:b0:9d:f1:71:b5:02:97:4b:2f:51:99:d3:
e8:3b:8e:db:91:17:7b:77:7b:af:04:ee:bd:98:17:
30:1a:32:80:9b:0c:2b:0c:79:36:88:1a:4e:34:2b:
d3:b8:fa:b0:3b:58:92:bf:45:63:c7:16:9a:1f:a7:
bc:66:f4:54:c3:a7:c1:b8:bb:c4:80:a3:f1:43:e0:
f2:cb:d3:95:d8:a2:c8:20:d5:8e:e8:d4:54:a8:e7:
2d:bb:6f:e9:3f:c3:ec:04:2a:b4:e1:fe:91:bf:ac:
85:91:3a:78:ad:0b:27:fc:1f:48:43:30:6b:33:f2:
cf:9a:6f:94:27:25:f4:e9:e4:e9:43:2b:1c:df:28:
c9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:7C:38:78:70:49:89:E8:27:85:56:30:DF:DB:00:BB:1E:4C:95:1E
X509v3 Authority Key Identifier:
keyid:B1:D2:E6:81:FF:23:DD:DF:3D:51:78:58:E1:C6:4A:1D:AD:29:87:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdLmgf8j3d89UXhY4cZKHa0phyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/nnw4eHBJiegnhVYw39sAux5MlR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/d568ed-1780-4d60-a6f7-5a8360dea3a3/1/sdLmgf8j3d89UXhY4cZKHa0phyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.112.0/20
Signature Algorithm: sha256WithRSAEncryption
36:3d:eb:25:19:d6:87:5d:72:4d:93:14:26:40:d7:59:2a:29:
4d:e1:48:5b:5d:28:8f:59:b2:d7:97:38:67:90:ed:6e:59:c7:
16:8e:a6:d0:47:e8:a9:71:23:97:40:71:b9:6f:56:3a:0a:51:
11:a9:5b:36:49:24:aa:d7:88:d2:b7:d9:fc:3f:fe:c2:61:96:
27:33:3d:58:4b:61:b5:d1:65:86:ac:e9:52:de:6d:f2:f9:66:
2a:16:2d:7f:ab:ec:57:8a:62:93:04:e8:6b:ec:69:f6:a8:06:
95:1f:dd:00:3f:75:b0:2b:27:60:78:69:9f:1e:b7:74:9f:93:
82:dd:05:71:c3:49:e5:1d:3a:cc:0c:fc:08:51:33:56:af:80:
04:81:8c:85:25:0e:c4:b8:81:0f:5c:56:1a:ec:6a:0e:65:fe:
b4:3b:14:6e:f4:d1:01:8a:b6:58:88:6a:a0:4a:bf:45:3e:52:
fc:a1:c3:ed:8f:54:17:4c:08:54:f8:f9:02:9d:32:17:c5:57:
4e:e2:5e:df:f7:ce:48:2c:fb:2f:33:72:bb:95:2c:ec:74:4d:
5e:21:71:9c:8e:b9:9f:22:82:d6:af:84:ef:7a:34:43:6d:a9:
16:fd:2c:12:2b:48:c0:3f:e2:14:de:57:e7:56:7e:7a:e1:4a:
07:0d:13:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYX0EQnt6NhkdNtZnlaZ8rTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDJlNjgxZmYyM2RkZGYzZDUxNzg1OGUxYzY0YTFkYWQy
OTg3MjkwHhcNMjMwMjAzMTUwNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTdjMzg3ODcwNDk4OWU4Mjc4NTU2MzBkZmRiMDBiYjFlNGM5NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktMzxal+wPJU3zbuxnjoEpAApCtA
wQ2UPRGnQ6dzDb2SReBjywn1mggf0pDsEDj70O0gLr0jJm6efdbdgxZR3s5m2Ymu
gd+lPDH0V3jMHCzw8TnKFt/TglHjF03CLqfLRD/X77khFU5+cefl9/GVP1bXUZvQ
5z+p8OWwnfFxtQKXSy9RmdPoO47bkRd7d3uvBO69mBcwGjKAmwwrDHk2iBpONCvT
uPqwO1iSv0VjxxaaH6e8ZvRUw6fBuLvEgKPxQ+Dyy9OV2KLIINWO6NRUqOctu2/p
P8PsBCq04f6Rv6yFkTp4rQsn/B9IQzBrM/LPmm+UJyX06eTpQysc3yjJhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ58OHhwSYnoJ4VWMN/bALseTJUeMB8GA1UdIwQY
MBaAFLHS5oH/I93fPVF4WOHGSh2tKYcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2Zjct
NWE4MzYwZGVhM2EzLzEvbm53NGVIQkppZWduaFZZdzM5c0F1eDVNbFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9kNTY4ZWQtMTc4MC00ZDYwLWE2ZjctNWE4MzYwZGVhM2Ez
LzEvc2RMbWdmOGozZDg5VVhoWTRjWktIYTBwaHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZBwMA0G
CSqGSIb3DQEBCwUAA4IBAQA2PeslGdaHXXJNkxQmQNdZKilN4UhbXSiPWbLXlzhn
kO1uWccWjqbQR+ipcSOXQHG5b1Y6ClERqVs2SSSq14jSt9n8P/7CYZYnMz1YS2G1
0WWGrOlS3m3y+WYqFi1/q+xXimKTBOhr7Gn2qAaVH90AP3WwKydgeGmfHrd0n5OC
3QVxw0nlHTrMDPwIUTNWr4AEgYyFJQ7EuIEPXFYa7GoOZf60OxRu9NEBirZYiGqg
Sr9FPlL8ocPtj1QXTAhU+PkCnTIXxVdO4l7f985ILPsvM3K7lSzsdE1eIXGcjrmf
IoLWr4TvejRDbakW/SwSK0jAP+IU3lfnVn564UoHDRN7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:59 2025 by rpki-client