Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/Nf3QxgbEUfXP4sbkvOB39gDoG04.roa
File: Nf3QxgbEUfXP4sbkvOB39gDoG04.roa (raw, json)
Hash identifier: w93I4RgSfBD+CE9L8n79jgDMnU2eOdNAT5rSnFNu3no=
Subject key identifier: 35:FD:D0:C6:06:C4:51:F5:CF:E2:C6:E4:BC:E0:77:F6:00:E8:1B:4E
Certificate issuer: /CN=d34403a30b313759af9626afd8d3d23805fcc80e
Certificate serial: 018853DABF6509C0104C15331C72103504EF
Authority key identifier: D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/Nf3QxgbEUfXP4sbkvOB39gDoG04.roa
Signing time: Thu 25 May 2023 17:00:24 +0000
ROA not before: Thu 25 May 2023 17:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57454
IP address blocks: 178.217.235.0/24 maxlen: 24
2a0c:cd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:da:bf:65:09:c0:10:4c:15:33:1c:72:10:35:04:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34403a30b313759af9626afd8d3d23805fcc80e
Validity
Not Before: May 25 17:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35fdd0c606c451f5cfe2c6e4bce077f600e81b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:20:95:2f:da:8f:c8:cc:87:b1:d9:73:23:
f1:ed:7d:ce:a7:0c:da:4c:0a:a7:be:ac:63:a6:64:
a5:2e:e1:a0:92:8e:7f:8b:a3:02:5e:11:8d:c2:7a:
fd:b0:6e:41:94:40:6d:99:7c:09:c2:c3:9e:b3:0c:
36:5c:9b:81:b1:5c:2a:8f:7a:ba:ac:f8:b0:b7:79:
0d:e4:c6:12:b4:98:2e:0e:05:9f:a2:ad:bd:85:b6:
58:8c:2d:eb:d7:c2:ba:10:fb:a4:ae:3c:d3:49:ce:
80:25:a3:76:43:a3:23:71:d0:4c:c6:13:2c:c5:6c:
4c:d8:89:82:9d:b2:e4:00:d2:21:85:24:59:cb:84:
a5:90:ce:05:e2:c5:5c:f5:3c:8a:c1:49:59:97:82:
c2:04:bd:45:d5:7c:07:7e:38:c1:20:5c:5b:f0:66:
c8:97:ea:0f:50:1a:77:41:6b:d0:a3:f9:eb:be:5f:
8a:54:2e:ab:aa:60:0f:6e:30:dc:20:b6:bf:29:88:
bb:22:79:54:63:8a:64:d4:f6:22:e4:7c:9c:2e:5c:
93:90:46:22:47:35:6e:33:14:77:b5:85:99:66:32:
1b:bc:9b:df:ab:8e:67:58:b5:f2:26:33:c5:0d:0a:
41:27:cf:74:fc:5c:cf:5c:a6:40:b8:9a:bb:43:83:
1c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FD:D0:C6:06:C4:51:F5:CF:E2:C6:E4:BC:E0:77:F6:00:E8:1B:4E
X509v3 Authority Key Identifier:
keyid:D3:44:03:A3:0B:31:37:59:AF:96:26:AF:D8:D3:D2:38:05:FC:C8:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00QDowsxN1mvliav2NPSOAX8yA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/Nf3QxgbEUfXP4sbkvOB39gDoG04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/5678cd-d77b-4563-afe3-b40527dd43fc/1/00QDowsxN1mvliav2NPSOAX8yA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.235.0/24
IPv6:
2a0c:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
6c:66:34:39:fc:85:99:c7:e9:c1:09:eb:f3:cc:df:42:26:c3:
06:fd:a8:37:07:7f:bf:4b:dc:f2:eb:79:c1:c4:e2:84:71:11:
9f:49:66:3b:35:b2:5a:11:83:02:dc:ce:d6:69:96:ca:a1:0a:
2b:c4:6e:31:a9:ca:2f:f1:d6:a2:20:32:5f:fc:b1:8e:4c:5c:
4c:4a:34:a0:13:e2:97:a6:ec:1f:de:04:a5:eb:6b:a9:00:0b:
b8:bd:90:a6:ef:86:a4:fc:09:5a:8d:58:33:86:57:20:96:e1:
0c:b8:e4:2a:16:5d:e8:be:7d:21:9d:ae:b7:7f:6e:30:b0:56:
d3:85:97:c7:bf:91:c9:6a:49:88:0e:04:0f:52:67:b8:e9:e1:
21:dd:35:28:cb:98:cb:f8:54:e2:3e:7e:c1:32:10:59:3c:6b:
28:84:ae:39:ac:16:be:b4:a5:fc:30:10:60:00:98:81:eb:ae:
ec:22:ec:23:42:02:e9:ac:70:f6:23:04:d5:a7:59:a4:7b:c6:
37:7c:99:a9:97:aa:8f:e5:51:1a:24:b5:70:89:61:9f:62:36:
d6:3f:8e:d8:cc:f1:af:ed:c3:d9:3c:31:9a:6a:cc:a5:3f:8b:
20:8e:3b:9d:ea:85:43:f2:6a:7e:b2:54:44:0b:ec:eb:55:48:
d5:24:3f:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhT2r9lCcAQTBUzHHIQNQTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNDQwM2EzMGIzMTM3NTlhZjk2MjZhZmQ4ZDNkMjM4MDVm
Y2M4MGUwHhcNMjMwNTI1MTcwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZkZDBjNjA2YzQ1MWY1Y2ZlMmM2ZTRiY2UwNzdmNjAwZTgxYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDkglS/aj8jMh7HZcyPx7X3Opwza
TAqnvqxjpmSlLuGgko5/i6MCXhGNwnr9sG5BlEBtmXwJwsOesww2XJuBsVwqj3q6
rPiwt3kN5MYStJguDgWfoq29hbZYjC3r18K6EPukrjzTSc6AJaN2Q6MjcdBMxhMs
xWxM2ImCnbLkANIhhSRZy4SlkM4F4sVc9TyKwUlZl4LCBL1F1XwHfjjBIFxb8GbI
l+oPUBp3QWvQo/nrvl+KVC6rqmAPbjDcILa/KYi7InlUY4pk1PYi5HycLlyTkEYi
RzVuMxR3tYWZZjIbvJvfq45nWLXyJjPFDQpBJ890/FzPXKZAuJq7Q4McUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDX90MYGxFH1z+LG5Lzgd/YA6BtOMB8GA1UdIwQY
MBaAFNNEA6MLMTdZr5Ymr9jT0jgF/MgOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMt
YjQwNTI3ZGQ0M2ZjLzEvTmYzUXhnYkVVZlhQNHNia3ZPQjM5Z0RvRzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81Njc4Y2QtZDc3Yi00NTYzLWFmZTMtYjQwNTI3ZGQ0M2Zj
LzEvMDBRRG93c3hOMW12bGlhdjJOUFNPQVg4eUE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAstnrMA0E
AgACMAcDBQMqDM1AMA0GCSqGSIb3DQEBCwUAA4IBAQBsZjQ5/IWZx+nBCevzzN9C
JsMG/ag3B3+/S9zy63nBxOKEcRGfSWY7NbJaEYMC3M7WaZbKoQorxG4xqcov8dai
IDJf/LGOTFxMSjSgE+KXpuwf3gSl62upAAu4vZCm74ak/AlajVgzhlcgluEMuOQq
Fl3ovn0hna63f24wsFbThZfHv5HJakmIDgQPUme46eEh3TUoy5jL+FTiPn7BMhBZ
PGsohK45rBa+tKX8MBBgAJiB667sIuwjQgLprHD2IwTVp1mke8Y3fJmpl6qP5VEa
JLVwiWGfYjbWP47YzPGv7cPZPDGaasylP4sgjjud6oVD8mp+slREC+zrVUjVJD8B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:33 2025 by rpki-client