Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/NauiQNY3BNuCeIcXKAIrcqqtXcM.roa
File: NauiQNY3BNuCeIcXKAIrcqqtXcM.roa (raw, json)
Hash identifier: l7hVr1kqFlWcc1RjZugp3LEG5G3A1pj/uA8agFX6SE0=
Subject key identifier: 35:AB:A2:40:D6:37:04:DB:82:78:87:17:28:02:2B:72:AA:AD:5D:C3
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 03E37D04
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/NauiQNY3BNuCeIcXKAIrcqqtXcM.roa
Signing time: Sat 01 Jan 2022 03:59:21 +0000
ROA not before: Sat 01 Jan 2022 03:59:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207305
IP address blocks: 217.147.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65240324 (0x3e37d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 1 03:59:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35aba240d63704db8278871728022b72aaad5dc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4d:d6:17:24:48:45:34:57:09:32:19:75:de:
2c:eb:8f:63:9e:6c:3c:2a:64:16:06:72:85:d0:f7:
9f:90:3c:30:f8:c3:55:f3:0f:3b:06:b2:24:24:68:
67:b3:92:53:b4:bd:f8:e5:f8:c8:04:69:97:40:05:
d7:75:5f:35:ff:29:18:ac:87:c4:0c:f7:4b:dc:34:
4f:eb:3d:17:ac:fd:3a:e8:d0:03:7d:bb:97:8d:cc:
ad:2e:d4:6d:74:08:7a:17:ec:2a:a4:af:78:1d:cf:
38:ff:87:08:19:78:3d:84:03:63:24:71:02:a2:94:
70:e6:08:b7:46:45:2b:3c:c1:21:47:bf:e0:16:9c:
c7:c0:21:5f:72:62:5d:8c:a5:1f:50:2a:16:9f:15:
66:21:79:d2:f5:da:a2:8a:86:42:07:a3:b6:08:ea:
4b:7a:c8:32:54:6d:c9:6b:82:9a:ef:18:4c:1f:00:
60:7a:cf:71:81:b6:2f:7b:24:5d:b0:e8:62:5b:a2:
ed:e8:b0:69:ca:5c:fd:39:e0:20:31:67:e4:4a:99:
bc:90:57:2b:88:73:5b:a5:8f:c2:79:92:bd:3b:53:
e9:e9:45:8e:0a:4e:d0:9f:91:45:b7:06:43:1c:2b:
e1:53:6b:ea:1a:cb:e8:99:92:b8:1e:98:40:14:8d:
c1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AB:A2:40:D6:37:04:DB:82:78:87:17:28:02:2B:72:AA:AD:5D:C3
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/NauiQNY3BNuCeIcXKAIrcqqtXcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.171.0/24
Signature Algorithm: sha256WithRSAEncryption
28:29:78:a8:fb:38:11:d1:e0:aa:ac:8c:c0:d7:88:7e:c7:e1:
fb:fe:f0:eb:33:5e:fe:76:20:e3:82:43:43:5f:8d:49:a5:24:
c4:34:9f:d4:f5:48:33:c5:7e:1e:70:fd:15:fc:c9:ba:8b:fa:
6c:bf:6c:9e:3b:92:1c:65:54:04:e1:f2:2a:82:f9:ba:da:d6:
2a:6d:59:41:84:68:a4:95:eb:6b:95:0c:df:fd:47:89:ac:f0:
58:d6:c4:61:8f:d1:c2:fd:c7:5b:67:b9:79:1c:25:73:cd:68:
5e:c7:6b:21:72:27:d9:89:18:e1:bc:ce:ea:b3:c4:17:3d:58:
65:a5:78:cd:78:46:89:39:6d:95:08:ee:88:c1:b7:8a:57:d4:
92:a4:c4:c4:8d:56:bc:75:d3:b1:79:1e:63:54:3b:5d:af:36:
9e:65:36:d1:05:8b:13:70:51:4c:9b:62:7e:0e:15:e9:fc:fe:
29:b2:17:ed:a0:17:c3:07:b5:00:c3:f3:0b:a0:e9:9e:1c:d2:
cd:60:13:df:64:17:05:2a:80:27:b2:f7:15:65:67:7f:99:a3:
d4:df:c1:60:48:46:39:b2:89:67:ed:ae:89:82:9b:cc:73:41:
04:b4:e9:a5:6d:05:af:05:f3:02:df:28:c6:f2:2d:0c:72:a1:
92:c1:e5:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+N9BDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmY4YWIyYmEyNDg3OWU0NWM0NDU0ODZmY2ViMjFhZjQ2NjU2ZDVhMB4XDTIyMDEw
MTAzNTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVhYmEyNDBkNjM3
MDRkYjgyNzg4NzE3MjgwMjJiNzJhYWFkNWRjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVN1hckSEU0VwkyGXXeLOuPY55sPCpkFgZyhdD3n5A8MPjD
VfMPOwayJCRoZ7OSU7S9+OX4yARpl0AF13VfNf8pGKyHxAz3S9w0T+s9F6z9OujQ
A327l43MrS7UbXQIehfsKqSveB3POP+HCBl4PYQDYyRxAqKUcOYIt0ZFKzzBIUe/
4Bacx8AhX3JiXYylH1AqFp8VZiF50vXaooqGQgejtgjqS3rIMlRtyWuCmu8YTB8A
YHrPcYG2L3skXbDoYlui7eiwacpc/TngIDFn5EqZvJBXK4hzW6WPwnmSvTtT6elF
jgpO0J+RRbcGQxwr4VNr6hrL6JmSuB6YQBSNwbUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ1q6JA1jcE24J4hxcoAityqq1dwzAfBgNVHSMEGDAWgBRC+Ksrokh55FxE
VIb86yGvRmVtWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1F2aXJLNkpJZWVSY1JGU0dfT3NocjBabGJWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzE3YzVkLTc1NDMtNDQwZi04NzhmLTE3NjlmZWY2YmU5Ni8x
L05hdWlRTlkzQk51Q2VJY1hLQUlyY3FxdFhjTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzE3YzVkLTc1NDMtNDQwZi04NzhmLTE3NjlmZWY2YmU5Ni8xL1F2aXJLNkpJZWVS
Y1JGU0dfT3NocjBabGJWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANmTqzANBgkqhkiG9w0BAQsFAAOC
AQEAKCl4qPs4EdHgqqyMwNeIfsfh+/7w6zNe/nYg44JDQ1+NSaUkxDSf1PVIM8V+
HnD9FfzJuov6bL9snjuSHGVUBOHyKoL5utrWKm1ZQYRopJXra5UM3/1HiazwWNbE
YY/Rwv3HW2e5eRwlc81oXsdrIXIn2YkY4bzO6rPEFz1YZaV4zXhGiTltlQjuiMG3
ilfUkqTExI1WvHXTsXkeY1Q7Xa82nmU20QWLE3BRTJtifg4V6fz+KbIX7aAXwwe1
AMPzC6DpnhzSzWAT32QXBSqAJ7L3FWVnf5mj1N/BYEhGObKJZ+2uiYKbzHNBBLTp
pW0FrwXzAt8oxvItDHKhksHlfg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:37 2025 by rpki-client