Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/2d8053-3812-4497-9777-9ce798d01f8d/1/NciyW3DxgDjPh4wpNKZHN_JLXTU.roa
File: NciyW3DxgDjPh4wpNKZHN_JLXTU.roa (raw, json)
Hash identifier: 8ZCyHFCHie1BqQ3dpW/QWvU9Y755N8rL9WLGxnjSSY0=
Subject key identifier: 35:C8:B2:5B:70:F1:80:38:CF:87:8C:29:34:A6:47:37:F2:4B:5D:35
Certificate issuer: /CN=ac987fa1f363ed8d8178282c6748081dcc342803
Certificate serial: 0185160CB9931CE8DFAF98677F7FBB08F079
Authority key identifier: AC:98:7F:A1:F3:63:ED:8D:81:78:28:2C:67:48:08:1D:CC:34:28:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJh_ofNj7Y2BeCgsZ0gIHcw0KAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/2d8053-3812-4497-9777-9ce798d01f8d/1/NciyW3DxgDjPh4wpNKZHN_JLXTU.roa
Signing time: Thu 15 Dec 2022 13:50:10 +0000
ROA not before: Thu 15 Dec 2022 13:50:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16019
IP address blocks: 178.211.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:0c:b9:93:1c:e8:df:af:98:67:7f:7f:bb:08:f0:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac987fa1f363ed8d8178282c6748081dcc342803
Validity
Not Before: Dec 15 13:50:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35c8b25b70f18038cf878c2934a64737f24b5d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6c:3b:70:d4:c4:3b:0c:ea:eb:a9:fb:30:8c:
6d:17:82:52:3b:e1:a7:f3:5c:68:6e:0d:4a:a7:d0:
ef:77:56:69:5b:ff:f3:fc:17:ea:22:81:fc:70:31:
c4:5d:bd:66:70:c3:43:77:22:5b:ee:a6:30:4a:8e:
1a:16:29:f0:1e:ce:1e:66:e2:e7:2b:7d:ab:7b:a4:
e3:97:0d:0f:de:dd:17:bc:44:c9:5c:6c:9d:fa:57:
7d:f4:ef:a8:43:31:be:e1:af:33:d2:89:6e:be:ff:
9e:3c:c5:bf:f4:91:fd:ed:89:c5:70:ee:c9:ca:ed:
8c:0c:ff:31:44:fc:b5:a7:50:b1:81:25:ef:4b:40:
18:af:1d:10:71:f5:55:47:52:f9:a6:4c:3c:75:b1:
7d:52:a7:53:ff:54:ea:bc:56:5e:c3:d8:a5:90:c6:
80:b7:36:23:40:24:6f:a6:70:00:78:07:02:5d:76:
43:eb:4b:97:97:1f:51:47:57:04:0d:cd:16:3a:1e:
25:32:21:f7:2e:00:47:f0:60:e5:93:d5:1f:d3:00:
b5:ea:4a:39:46:f3:8e:74:a2:a7:05:bd:29:e1:ca:
65:cd:92:ea:dd:83:53:23:b4:79:de:48:54:c4:70:
09:b4:73:64:fb:e5:db:3b:b0:88:0d:27:9d:78:df:
3a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C8:B2:5B:70:F1:80:38:CF:87:8C:29:34:A6:47:37:F2:4B:5D:35
X509v3 Authority Key Identifier:
keyid:AC:98:7F:A1:F3:63:ED:8D:81:78:28:2C:67:48:08:1D:CC:34:28:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJh_ofNj7Y2BeCgsZ0gIHcw0KAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2d8053-3812-4497-9777-9ce798d01f8d/1/NciyW3DxgDjPh4wpNKZHN_JLXTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/2d8053-3812-4497-9777-9ce798d01f8d/1/rJh_ofNj7Y2BeCgsZ0gIHcw0KAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.147.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:22:a4:85:7d:86:bd:ad:bb:f8:96:c5:99:49:93:9f:26:8e:
0e:6f:b3:a5:80:7e:9e:ca:af:a8:7d:d9:bd:ba:0a:38:b4:90:
23:9c:a3:58:b4:74:d5:24:27:d7:21:a5:e7:bc:0b:92:6e:ba:
9d:78:bb:7a:bf:96:da:5e:8e:75:28:aa:47:25:17:b2:7e:04:
84:9b:a1:20:11:c6:0c:4a:e0:9c:6a:b9:32:38:f2:bf:45:9d:
7b:8b:b0:9b:71:37:90:be:05:31:56:d3:88:96:b2:fb:78:a2:
47:ec:48:7a:2e:c4:5b:1b:b6:96:5d:0a:50:27:2e:41:57:2e:
3b:e5:ee:de:bd:47:3d:cb:68:38:b5:79:05:d2:17:0d:48:78:
eb:a6:67:d7:56:86:59:a0:73:29:63:b8:3e:9f:78:c1:c3:cb:
2a:f2:27:50:df:70:a2:0d:19:09:1b:c6:ef:2d:2a:2a:07:2e:
17:fe:aa:38:12:58:e5:21:8e:20:ab:67:bc:a3:48:07:fc:b0:
28:b2:22:97:a7:fc:dd:ab:5f:c0:c0:3f:10:7e:36:44:9d:98:
ed:05:8b:d0:96:48:a1:60:30:22:b2:c4:a4:20:67:3c:b9:32:
d3:28:48:32:bc:a4:4c:c4:a3:94:aa:56:c5:06:b2:73:0d:d3:
0a:1e:5a:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUWDLmTHOjfr5hnf3+7CPB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTg3ZmExZjM2M2VkOGQ4MTc4MjgyYzY3NDgwODFkY2Mz
NDI4MDMwHhcNMjIxMjE1MTM1MDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWM4YjI1YjcwZjE4MDM4Y2Y4NzhjMjkzNGE2NDczN2YyNGI1ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2w7cNTEOwzq66n7MIxtF4JSO+Gn
81xobg1Kp9Dvd1ZpW//z/BfqIoH8cDHEXb1mcMNDdyJb7qYwSo4aFinwHs4eZuLn
K32re6Tjlw0P3t0XvETJXGyd+ld99O+oQzG+4a8z0oluvv+ePMW/9JH97YnFcO7J
yu2MDP8xRPy1p1CxgSXvS0AYrx0QcfVVR1L5pkw8dbF9UqdT/1TqvFZew9ilkMaA
tzYjQCRvpnAAeAcCXXZD60uXlx9RR1cEDc0WOh4lMiH3LgBH8GDlk9Uf0wC16ko5
RvOOdKKnBb0p4cplzZLq3YNTI7R53khUxHAJtHNk++XbO7CIDSedeN86HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXIsltw8YA4z4eMKTSmRzfyS101MB8GA1UdIwQY
MBaAFKyYf6HzY+2NgXgoLGdICB3MNCgDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpoX29mTmo3WTJCZUNnc1owZ0lIY3cwS0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yZDgwNTMtMzgxMi00NDk3LTk3Nzct
OWNlNzk4ZDAxZjhkLzEvTmNpeVczRHhnRGpQaDR3cE5LWkhOX0pMWFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yZDgwNTMtMzgxMi00NDk3LTk3NzctOWNlNzk4ZDAxZjhk
LzEvckpoX29mTmo3WTJCZUNnc1owZ0lIY3cwS0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOTMA0G
CSqGSIb3DQEBCwUAA4IBAQDGIqSFfYa9rbv4lsWZSZOfJo4Ob7OlgH6eyq+ofdm9
ugo4tJAjnKNYtHTVJCfXIaXnvAuSbrqdeLt6v5baXo51KKpHJReyfgSEm6EgEcYM
SuCcarkyOPK/RZ17i7CbcTeQvgUxVtOIlrL7eKJH7Eh6LsRbG7aWXQpQJy5BVy47
5e7evUc9y2g4tXkF0hcNSHjrpmfXVoZZoHMpY7g+n3jBw8sq8idQ33CiDRkJG8bv
LSoqBy4X/qo4EljlIY4gq2e8o0gH/LAosiKXp/zdq1/AwD8QfjZEnZjtBYvQlkih
YDAissSkIGc8uTLTKEgyvKRMxKOUqlbFBrJzDdMKHlpj
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:54:01 2025 by rpki-client