Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/NNRT8G79OXuLyT6dDqHkMXiAY-s.roa
File: NNRT8G79OXuLyT6dDqHkMXiAY-s.roa (raw, json)
Hash identifier: 1upb6B3iFAGBpVPdSwhHptLHCt1/stnJglKt+F2AztM=
Subject key identifier: 34:D4:53:F0:6E:FD:39:7B:8B:C9:3E:9D:0E:A1:E4:31:78:80:63:EB
Certificate issuer: /CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Certificate serial: 018571D7D6D0EC798F65731C2CA9D60898D2
Authority key identifier: C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/NNRT8G79OXuLyT6dDqHkMXiAY-s.roa
Signing time: Mon 02 Jan 2023 09:37:28 +0000
ROA not before: Mon 02 Jan 2023 09:37:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211660
IP address blocks: 185.1.201.0/24 maxlen: 24
2001:7f8:10d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d6:d0:ec:79:8f:65:73:1c:2c:a9:d6:08:98:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a968edb72c15f5f9567fd34267b87485ef36d1
Validity
Not Before: Jan 2 09:37:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34d453f06efd397b8bc93e9d0ea1e431788063eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:c6:2a:ac:38:61:f2:63:55:cb:fc:84:01:
81:d9:77:d3:91:f6:85:f2:72:0b:33:3f:44:8d:82:
8a:8d:ee:55:56:b6:f0:9f:73:15:97:6a:72:13:50:
c8:c5:6f:15:fa:16:f4:45:e3:52:e4:74:c0:29:86:
c4:74:65:d4:e7:c1:71:dd:b8:4a:0e:19:88:78:4c:
ba:d4:95:bf:ea:43:c9:5e:2d:05:d8:7a:33:29:92:
56:a0:e9:e6:00:6d:99:4a:6e:cb:6a:39:d8:b8:e6:
03:8b:5b:98:20:41:a1:ea:98:ba:b6:c3:1c:5f:45:
58:cc:90:41:4b:0b:7d:fe:91:75:e8:a6:4b:57:02:
24:45:b1:c2:a9:10:1f:d7:c3:4f:b8:47:fc:00:65:
12:2f:31:64:ae:0b:88:1e:79:74:ae:5e:be:bc:1f:
0b:f4:63:50:dd:dc:4b:0c:5f:8e:83:e1:f9:c0:2b:
85:08:bb:89:96:00:0d:3f:c9:76:39:3c:cb:a6:a4:
da:b0:ec:7a:2f:68:92:36:af:e4:2b:fb:44:f3:42:
f2:6a:ff:b6:63:8a:07:a8:d6:28:20:fe:28:95:5c:
41:09:41:7d:5c:c2:8d:8c:ac:de:d6:95:64:c3:35:
bc:e7:5a:08:b6:9e:9f:87:d3:12:51:19:41:b4:22:
eb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D4:53:F0:6E:FD:39:7B:8B:C9:3E:9D:0E:A1:E4:31:78:80:63:EB
X509v3 Authority Key Identifier:
keyid:C5:A9:68:ED:B7:2C:15:F5:F9:56:7F:D3:42:67:B8:74:85:EF:36:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xalo7bcsFfX5Vn_TQme4dIXvNtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/NNRT8G79OXuLyT6dDqHkMXiAY-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0de683-7316-40c2-b89c-b2c0dfa8a0e1/1/xalo7bcsFfX5Vn_TQme4dIXvNtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.201.0/24
IPv6:
2001:7f8:10d::/48
Signature Algorithm: sha256WithRSAEncryption
78:db:f2:06:84:43:d7:fd:3d:02:a2:ce:90:c1:87:e1:11:24:
3f:ba:26:5c:3e:a5:bb:f1:94:5c:2e:2b:2f:70:a4:77:d3:f4:
28:f6:d1:5e:1d:e5:e8:d9:ce:b5:ae:96:1e:0c:3f:7e:b2:03:
81:97:c3:6d:85:87:d3:19:3d:94:53:fb:e8:26:f9:c4:00:f0:
38:4d:da:37:19:25:4d:84:74:2a:4e:c8:c2:3f:20:05:dc:85:
e9:d1:4a:21:32:a9:51:fd:1c:28:bb:63:cd:f2:c7:ee:68:2e:
ff:d6:e5:ac:c7:36:25:3b:8b:c4:1f:dc:27:b7:b6:31:2b:1d:
61:c6:8b:1c:93:2f:ab:23:84:1f:64:c8:1e:50:f2:00:b1:ac:
10:e4:81:b8:6f:88:ad:f5:08:0c:2f:bd:5c:4f:fc:6c:cf:22:
f1:86:9a:48:6f:d6:68:98:87:e7:2a:6d:76:0e:9b:17:61:7d:
02:e4:17:ea:a8:d7:57:38:19:74:ea:cc:62:10:86:31:cc:39:
3e:71:9b:ea:7c:2e:c7:07:b3:dd:c5:62:3d:47:3d:4c:7b:84:
89:e7:f3:39:a6:29:91:52:2b:7e:93:4f:2c:6f:2c:55:d5:bc:
81:3e:99:3d:25:bc:f3:00:97:0c:90:d7:92:1a:74:1c:24:32:
45:8d:f8:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx19bQ7HmPZXMcLKnWCJjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTk2OGVkYjcyYzE1ZjVmOTU2N2ZkMzQyNjdiODc0ODVl
ZjM2ZDEwHhcNMjMwMTAyMDkzNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGQ0NTNmMDZlZmQzOTdiOGJjOTNlOWQwZWExZTQzMTc4ODA2M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp7GKqw4YfJjVcv8hAGB2XfTkfaF
8nILMz9EjYKKje5VVrbwn3MVl2pyE1DIxW8V+hb0ReNS5HTAKYbEdGXU58Fx3bhK
DhmIeEy61JW/6kPJXi0F2HozKZJWoOnmAG2ZSm7LajnYuOYDi1uYIEGh6pi6tsMc
X0VYzJBBSwt9/pF16KZLVwIkRbHCqRAf18NPuEf8AGUSLzFkrguIHnl0rl6+vB8L
9GNQ3dxLDF+Og+H5wCuFCLuJlgANP8l2OTzLpqTasOx6L2iSNq/kK/tE80Lyav+2
Y4oHqNYoIP4olVxBCUF9XMKNjKze1pVkwzW851oItp6fh9MSURlBtCLrCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDTUU/Bu/Tl7i8k+nQ6h5DF4gGPrMB8GA1UdIwQY
MBaAFMWpaO23LBX1+VZ/00JnuHSF7zbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMt
YjJjMGRmYThhMGUxLzEvTk5SVDhHNzlPWHVMeVQ2ZERxSGtNWGlBWS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wZGU2ODMtNzMxNi00MGMyLWI4OWMtYjJjMGRmYThhMGUx
LzEveGFsbzdiY3NGZlg1Vm5fVFFtZTRkSVh2TnRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHJMA8E
AgACMAkDBwAgAQf4AQ0wDQYJKoZIhvcNAQELBQADggEBAHjb8gaEQ9f9PQKizpDB
h+ERJD+6Jlw+pbvxlFwuKy9wpHfT9Cj20V4d5ejZzrWulh4MP36yA4GXw22Fh9MZ
PZRT++gm+cQA8DhN2jcZJU2EdCpOyMI/IAXchenRSiEyqVH9HCi7Y83yx+5oLv/W
5azHNiU7i8Qf3Ce3tjErHWHGixyTL6sjhB9kyB5Q8gCxrBDkgbhviK31CAwvvVxP
/GzPIvGGmkhv1miYh+cqbXYOmxdhfQLkF+qo11c4GXTqzGIQhjHMOT5xm+p8LscH
s93FYj1HPUx7hInn8zmmKZFSK36TTyxvLFXVvIE+mT0lvPMAlwyQ15IadBwkMkWN
+A0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:41 2025 by rpki-client