Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/NKFDx1x3_JaUOtsT38Ud6hphMX4.roa
File: NKFDx1x3_JaUOtsT38Ud6hphMX4.roa (raw, json)
Hash identifier: zy7EII20cBpYND0KRYCFN7eLaCdLSRbxsQRAbnvqk18=
Subject key identifier: 34:A1:43:C7:5C:77:FC:96:94:3A:DB:13:DF:C5:1D:EA:1A:61:31:7E
Certificate issuer: /CN=0b8fb1deb09e72425b309a1414917daf893bef59
Certificate serial: 13BEC618
Authority key identifier: 0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/NKFDx1x3_JaUOtsT38Ud6hphMX4.roa
Signing time: Sat 01 Jan 2022 10:02:01 +0000
ROA not before: Sat 01 Jan 2022 10:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44066
IP address blocks: 37.17.224.0/21 maxlen: 21
2a00:5fc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331269656 (0x13bec618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8fb1deb09e72425b309a1414917daf893bef59
Validity
Not Before: Jan 1 10:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a143c75c77fc96943adb13dfc51dea1a61317e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d4:09:e7:7e:47:54:7f:1c:4c:76:84:46:1f:
7a:78:ac:9a:8e:32:c7:95:cd:3e:13:84:eb:42:c7:
36:71:c2:5c:54:70:65:1c:da:ca:5e:4a:43:ac:fa:
88:0f:b7:b0:43:ae:7a:3a:2a:fe:e6:9b:e6:84:2a:
8c:6b:39:77:24:4b:b2:c6:fe:b4:cc:fe:39:d8:34:
4d:85:f8:f6:f7:94:d4:99:f0:c7:f0:07:af:09:d4:
f5:77:63:85:85:d6:c8:0e:f0:7e:a0:59:c6:58:79:
40:6e:5d:ec:3c:71:d5:12:5a:6b:03:36:33:c6:be:
48:53:b2:20:61:5e:96:f6:94:8f:4d:5d:a8:b4:3b:
0e:72:59:af:6d:f1:48:a0:aa:b1:b3:57:fb:48:9f:
44:10:eb:ed:45:a1:bb:1f:f7:d8:d7:9a:e9:ee:e5:
e4:7e:60:30:37:e0:b9:1c:fa:3a:7f:f5:65:43:15:
e2:f0:56:57:8b:86:7e:1f:6e:76:0d:55:4c:00:bb:
80:4c:34:af:92:ef:c8:8c:fc:4b:88:4e:e7:99:5b:
39:c2:d7:3c:27:49:67:4d:6d:b6:7b:e1:a6:0f:cd:
02:e9:42:26:7e:e3:c1:2b:ed:5b:67:c7:78:eb:8c:
47:7a:92:da:53:4d:2a:3f:d6:59:a8:d1:7f:1b:33:
63:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A1:43:C7:5C:77:FC:96:94:3A:DB:13:DF:C5:1D:EA:1A:61:31:7E
X509v3 Authority Key Identifier:
keyid:0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/NKFDx1x3_JaUOtsT38Ud6hphMX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/C4-x3rCeckJbMJoUFJF9r4k771k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.224.0/21
IPv6:
2a00:5fc0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:25:0c:5f:04:c7:cb:a3:ca:cc:11:2a:95:44:52:1d:12:19:
38:b4:29:43:e8:28:4c:76:e2:b3:e3:03:47:61:16:c9:3e:91:
d4:08:67:cc:f2:f2:c2:52:f1:36:15:0d:a5:a6:28:e5:d8:a9:
e9:ed:8b:f3:a4:2f:b7:92:2f:09:f9:fe:c5:f5:65:e2:59:20:
00:0f:5a:14:23:75:88:8d:65:5d:16:4b:80:f8:1b:16:65:0b:
b2:1e:2b:3e:b8:11:43:c8:c5:c4:a9:08:9a:27:b7:37:76:4a:
1c:d3:d8:3f:56:4d:64:e0:95:b0:3c:4f:41:32:4d:45:9f:38:
a9:86:0b:2d:82:61:c6:05:26:98:90:0f:73:51:9e:84:f6:63:
84:17:f3:ef:89:72:8c:b1:fb:39:0b:d7:a6:eb:50:86:7a:75:
91:20:ef:aa:f0:cd:e5:f6:7e:21:2f:40:8f:74:22:57:5e:d9:
75:18:2b:49:8e:30:82:50:d7:79:18:1c:56:a5:58:96:f2:c6:
22:87:3e:eb:b1:e2:b9:3b:10:77:db:8f:8d:06:4d:29:b7:48:
95:7e:5e:0f:ac:4c:c0:8d:d5:3a:69:7b:db:9d:04:84:65:96:
cf:02:b2:da:9d:2c:bf:2d:f1:e1:17:c7:2c:57:12:5e:18:68:
53:61:1e:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE77GGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjhmYjFkZWIwOWU3MjQyNWIzMDlhMTQxNDkxN2RhZjg5M2JlZjU5MB4XDTIyMDEw
MTEwMDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRhMTQzYzc1Yzc3
ZmM5Njk0M2FkYjEzZGZjNTFkZWExYTYxMzE3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPUCed+R1R/HEx2hEYfenismo4yx5XNPhOE60LHNnHCXFRw
ZRzayl5KQ6z6iA+3sEOuejoq/uab5oQqjGs5dyRLssb+tMz+Odg0TYX49veU1Jnw
x/AHrwnU9XdjhYXWyA7wfqBZxlh5QG5d7Dxx1RJaawM2M8a+SFOyIGFelvaUj01d
qLQ7DnJZr23xSKCqsbNX+0ifRBDr7UWhux/32Nea6e7l5H5gMDfguRz6On/1ZUMV
4vBWV4uGfh9udg1VTAC7gEw0r5LvyIz8S4hO55lbOcLXPCdJZ01ttnvhpg/NAulC
Jn7jwSvtW2fHeOuMR3qS2lNNKj/WWajRfxszY0kCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQ0oUPHXHf8lpQ62xPfxR3qGmExfjAfBgNVHSMEGDAWgBQLj7HesJ5yQlsw
mhQUkX2viTvvWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M0LXgzckNlY2tKYk1Kb1VGSkY5cjRrNzcxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvZmM3NjNiLTgzZTYtNGJkMS1iOTNhLWY4Nzg1YTU4MTA2Yy8x
L05LRkR4MXgzX0phVU90c1QzOFVkNmhwaE1YNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
ZmM3NjNiLTgzZTYtNGJkMS1iOTNhLWY4Nzg1YTU4MTA2Yy8xL0M0LXgzckNlY2tK
Yk1Kb1VGSkY5cjRrNzcxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAyUR4DANBAIAAjAHAwUAKgBfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAsiUMXwTHy6PKzBEqlURSHRIZOLQpQ+goTHbis+MD
R2EWyT6R1AhnzPLywlLxNhUNpaYo5dip6e2L86Qvt5IvCfn+xfVl4lkgAA9aFCN1
iI1lXRZLgPgbFmULsh4rPrgRQ8jFxKkImie3N3ZKHNPYP1ZNZOCVsDxPQTJNRZ84
qYYLLYJhxgUmmJAPc1GehPZjhBfz74lyjLH7OQvXputQhnp1kSDvqvDN5fZ+IS9A
j3QiV17ZdRgrSY4wglDXeRgcVqVYlvLGIoc+67HiuTsQd9uPjQZNKbdIlX5eD6xM
wI3VOml7250EhGWWzwKy2p0svy3x4RfHLFcSXhhoU2EeRA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:13:26 2025 by rpki-client