Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/naMQ7a3JhstXQY5Lf-7TU2g3-yE.roa
File: naMQ7a3JhstXQY5Lf-7TU2g3-yE.roa (raw, json)
Hash identifier: pkI9PLIEecHfLJfWVtaab5UPwRzPP6FFu3NEmGBV4eY=
Subject key identifier: 9D:A3:10:ED:AD:C9:86:CB:57:41:8E:4B:7F:EE:D3:53:68:37:FB:21
Certificate issuer: /CN=8af7847737e74942b2be74b93fd02d900d309b20
Certificate serial: 01857030547D1109B213A3F39C4935BB8EBC
Authority key identifier: 8A:F7:84:77:37:E7:49:42:B2:BE:74:B9:3F:D0:2D:90:0D:30:9B:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/naMQ7a3JhstXQY5Lf-7TU2g3-yE.roa
Signing time: Mon 02 Jan 2023 01:54:53 +0000
ROA not before: Mon 02 Jan 2023 01:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 139.17.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:54:7d:11:09:b2:13:a3:f3:9c:49:35:bb:8e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8af7847737e74942b2be74b93fd02d900d309b20
Validity
Not Before: Jan 2 01:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9da310edadc986cb57418e4b7feed3536837fb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:22:f9:34:02:fc:ca:51:cd:6c:37:a8:6b:9d:
81:d6:16:57:43:80:0f:7e:4e:26:c8:8b:7d:d1:c3:
e7:25:da:5a:19:44:b6:6d:53:89:de:9f:11:8c:4c:
c8:23:ee:93:15:51:ed:b6:11:d1:f9:3b:07:77:fb:
c6:c4:d7:0f:91:60:f8:d4:db:36:84:11:d0:72:18:
c4:3c:de:81:f9:5f:09:86:37:14:11:22:04:a9:81:
3c:7a:3e:64:64:6f:59:82:9f:bf:95:5e:76:98:50:
e5:89:19:54:3c:64:63:1e:b9:9a:2d:22:11:26:2c:
40:a9:dc:96:bf:5d:7b:c6:24:a1:4d:36:4e:05:fc:
64:13:31:95:88:38:b3:64:95:1d:c6:06:8a:32:2d:
f5:76:e8:74:76:5e:73:52:33:d8:c8:92:ee:ab:57:
30:96:61:9e:4f:b0:01:c8:42:da:fd:64:fe:b2:50:
9d:fd:7e:6b:42:95:af:be:c1:cc:ce:6f:b9:a3:bd:
e1:71:50:32:0f:6b:1c:a9:e3:a3:9d:e0:25:dc:68:
6e:a8:64:3c:5e:59:5e:2b:69:0c:64:84:65:dd:91:
f9:c2:77:7c:57:a8:0d:3e:f8:89:6a:40:35:6c:65:
5b:a1:9d:1b:63:80:78:37:a9:e8:e0:28:6c:8c:f6:
49:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A3:10:ED:AD:C9:86:CB:57:41:8E:4B:7F:EE:D3:53:68:37:FB:21
X509v3 Authority Key Identifier:
keyid:8A:F7:84:77:37:E7:49:42:B2:BE:74:B9:3F:D0:2D:90:0D:30:9B:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/naMQ7a3JhstXQY5Lf-7TU2g3-yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:85:f0:a4:40:1d:52:62:cd:a6:c4:07:02:d3:fa:dc:53:c1:
77:e0:7b:8d:98:a0:d5:8a:12:7f:dd:9a:aa:f2:45:bb:58:93:
91:08:4d:bf:54:f0:39:2a:56:99:c7:16:cf:6a:59:ec:b5:d0:
2b:9d:09:b8:ec:b1:8b:eb:0b:fd:4e:ba:90:67:da:67:e2:97:
87:12:26:ba:e0:94:25:04:e0:6d:07:76:9d:f0:1b:7f:66:20:
f3:b7:02:0b:c1:3e:e7:74:10:aa:fe:9a:07:f9:a2:70:a2:6c:
1c:a3:d4:fd:0f:f0:e6:5c:0e:48:e2:db:44:19:69:50:fb:c1:
aa:83:4e:ab:7f:92:89:46:e7:21:90:1b:93:7a:f9:68:a3:75:
f1:cf:e7:96:31:a6:c6:cc:74:37:27:59:19:21:58:5c:f0:b8:
11:01:2d:d7:d0:1e:ff:54:3a:27:b1:67:71:de:d9:b3:64:7b:
5a:35:92:64:d4:39:6d:ca:69:73:81:98:34:7f:99:91:c9:6a:
fd:da:4e:ff:83:32:fa:7f:5d:c5:cb:b1:0e:19:35:7e:e0:10:
7f:6a:38:7a:37:e8:b1:0b:91:ed:26:d1:c0:98:db:5b:45:25:
42:12:7d:bd:53:45:45:2d:99:fa:85:b9:59:6c:1c:8d:e2:05:
63:78:fb:2e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVwMFR9EQmyE6PznEk1u468MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZjc4NDc3MzdlNzQ5NDJiMmJlNzRiOTNmZDAyZDkwMGQz
MDliMjAwHhcNMjMwMTAyMDE1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGEzMTBlZGFkYzk4NmNiNTc0MThlNGI3ZmVlZDM1MzY4MzdmYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCL5NAL8ylHNbDeoa52B1hZXQ4AP
fk4myIt90cPnJdpaGUS2bVOJ3p8RjEzII+6TFVHtthHR+TsHd/vGxNcPkWD41Ns2
hBHQchjEPN6B+V8JhjcUESIEqYE8ej5kZG9Zgp+/lV52mFDliRlUPGRjHrmaLSIR
JixAqdyWv117xiShTTZOBfxkEzGViDizZJUdxgaKMi31duh0dl5zUjPYyJLuq1cw
lmGeT7AByELa/WT+slCd/X5rQpWvvsHMzm+5o73hcVAyD2scqeOjneAl3GhuqGQ8
XlleK2kMZIRl3ZH5wnd8V6gNPviJakA1bGVboZ0bY4B4N6no4ChsjPZJsQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJ2jEO2tyYbLV0GOS3/u01NoN/shMB8GA1UdIwQY
MBaAFIr3hHc350lCsr50uT/QLZANMJsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MjM4NGItZTdhNC00MjY5LWEwY2Mt
N2VmYzI4MDhkMTI1LzEvbmFNUTdhM0poc3RYUVk1TGYtN1RVMmczLXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81MjM4NGItZTdhNC00MjY5LWEwY2MtN2VmYzI4MDhkMTI1
LzEvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAixEwDQYJ
KoZIhvcNAQELBQADggEBAISF8KRAHVJizabEBwLT+txTwXfge42YoNWKEn/dmqry
RbtYk5EITb9U8DkqVpnHFs9qWey10CudCbjssYvrC/1OupBn2mfil4cSJrrglCUE
4G0Hdp3wG39mIPO3AgvBPud0EKr+mgf5onCibByj1P0P8OZcDkji20QZaVD7waqD
Tqt/kolG5yGQG5N6+WijdfHP55YxpsbMdDcnWRkhWFzwuBEBLdfQHv9UOiexZ3He
2bNke1o1kmTUOW3KaXOBmDR/mZHJav3aTv+DMvp/XcXLsQ4ZNX7gEH9qOHo36LEL
ke0m0cCY21tFJUISfb1TRUUtmfqFuVlsHI3iBWN4+y4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:44 2025 by rpki-client