Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/NJJ-kSvTDck6h0HGYVF9YQ0cp6w.roa
File: NJJ-kSvTDck6h0HGYVF9YQ0cp6w.roa (raw, json)
Hash identifier: 1H9FvpgfB3aO9tZ/n4ZGdxBoPMh8Tl+ZykNfwt7p4yM=
Subject key identifier: 34:92:7E:91:2B:D3:0D:C9:3A:87:41:C6:61:51:7D:61:0D:1C:A7:AC
Certificate issuer: /CN=4ad17171aea8576c431c637418691c9c1f557516
Certificate serial: 0185713094F7D01E05B5FAF2D368424A64CD
Authority key identifier: 4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/NJJ-kSvTDck6h0HGYVF9YQ0cp6w.roa
Signing time: Mon 02 Jan 2023 06:34:47 +0000
ROA not before: Mon 02 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212409
IP address blocks: 213.232.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:94:f7:d0:1e:05:b5:fa:f2:d3:68:42:4a:64:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad17171aea8576c431c637418691c9c1f557516
Validity
Not Before: Jan 2 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34927e912bd30dc93a8741c661517d610d1ca7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fa:a2:fc:66:90:75:73:56:96:15:93:92:89:
d5:04:a1:d8:36:18:10:ba:f6:69:91:56:96:89:23:
49:a3:f6:52:db:4c:32:2c:1c:13:41:4b:41:72:0f:
a5:a5:08:39:3f:a9:fd:ef:6d:ad:69:13:67:52:2d:
3d:91:d8:09:26:4a:84:e9:86:80:01:35:a4:c9:bc:
be:27:22:46:ba:18:da:45:08:51:99:f5:42:50:cf:
1b:0e:da:ff:35:fa:8f:95:05:d9:84:54:60:f3:91:
42:22:02:82:0d:fd:40:c4:0f:9e:e4:c1:2a:0a:92:
ad:68:d0:e2:cf:b3:8b:03:1c:b9:cc:34:a1:dc:d6:
62:79:18:95:70:93:db:6e:a2:78:0c:fb:47:ea:0a:
36:bf:4f:11:5e:7c:96:dd:e8:38:53:c7:b0:33:ef:
c3:ed:a1:2b:71:a0:6e:45:a9:6c:f8:b1:89:a4:fb:
81:cc:72:78:1a:d7:88:6f:66:90:c3:6c:ec:c2:27:
d3:70:56:9f:80:72:6b:a5:39:9d:b2:a0:02:52:29:
a7:a4:76:3c:e9:01:07:77:cc:da:a0:2f:71:32:19:
2e:b5:56:34:18:85:39:fb:df:5f:10:92:54:26:37:
48:05:4f:9e:34:52:08:ac:91:3a:a3:73:c9:ad:c7:
c8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:92:7E:91:2B:D3:0D:C9:3A:87:41:C6:61:51:7D:61:0D:1C:A7:AC
X509v3 Authority Key Identifier:
keyid:4A:D1:71:71:AE:A8:57:6C:43:1C:63:74:18:69:1C:9C:1F:55:75:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StFxca6oV2xDHGN0GGkcnB9VdRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/NJJ-kSvTDck6h0HGYVF9YQ0cp6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5a3cd1-8109-4c66-8324-4828d65104e1/1/StFxca6oV2xDHGN0GGkcnB9VdRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.200.0/24
Signature Algorithm: sha256WithRSAEncryption
91:54:55:fe:c3:be:3d:1f:7b:0b:95:2b:13:0e:54:f7:9f:1d:
bf:5f:80:b2:29:ff:f5:42:b9:ed:31:fc:b5:8d:3e:31:fc:3f:
1b:30:77:5f:02:20:79:81:66:ca:97:6d:0b:a7:5f:c5:9e:4e:
47:a7:07:33:d9:35:23:03:50:65:47:ce:8c:ed:be:90:1a:32:
96:00:7b:16:c2:7f:3f:00:42:37:53:c3:71:35:75:78:d9:e0:
71:60:4f:11:e8:ec:74:95:2b:05:98:37:a7:35:fe:1c:05:14:
72:ba:26:b9:97:7b:48:91:fc:86:41:d1:0f:1f:f7:06:59:7b:
34:ad:65:84:6b:b3:ab:9b:c8:89:c7:c2:36:96:03:b6:76:c9:
2a:1c:2c:ca:49:6c:aa:ee:d6:5d:b0:6f:c0:bf:0c:b9:9a:f8:
8a:bd:f8:f3:84:aa:4e:e5:68:33:71:20:9c:1b:31:d9:d6:a7:
71:b8:61:6c:2e:f5:0e:2d:71:7f:ff:61:77:cf:e9:72:33:b0:
5d:f2:a0:f1:57:75:32:d8:95:c0:86:97:ed:23:c2:43:59:ed:
6a:86:92:e5:a8:05:5b:4f:d8:c4:f7:ae:d3:93:19:cf:d1:23:
d1:f8:60:f1:4a:d1:0d:2b:aa:f2:04:64:91:f1:9d:7a:f0:1a:
92:4a:3f:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMJT30B4Ftfry02hCSmTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDE3MTcxYWVhODU3NmM0MzFjNjM3NDE4NjkxYzljMWY1
NTc1MTYwHhcNMjMwMTAyMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDkyN2U5MTJiZDMwZGM5M2E4NzQxYzY2MTUxN2Q2MTBkMWNhN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfqi/GaQdXNWlhWTkonVBKHYNhgQ
uvZpkVaWiSNJo/ZS20wyLBwTQUtBcg+lpQg5P6n9722taRNnUi09kdgJJkqE6YaA
ATWkyby+JyJGuhjaRQhRmfVCUM8bDtr/NfqPlQXZhFRg85FCIgKCDf1AxA+e5MEq
CpKtaNDiz7OLAxy5zDSh3NZieRiVcJPbbqJ4DPtH6go2v08RXnyW3eg4U8ewM+/D
7aErcaBuRals+LGJpPuBzHJ4GteIb2aQw2zswifTcFafgHJrpTmdsqACUimnpHY8
6QEHd8zaoC9xMhkutVY0GIU5+99fEJJUJjdIBU+eNFIIrJE6o3PJrcfIowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSSfpEr0w3JOodBxmFRfWENHKesMB8GA1UdIwQY
MBaAFErRcXGuqFdsQxxjdBhpHJwfVXUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQt
NDgyOGQ2NTEwNGUxLzEvTkpKLWtTdlREY2s2aDBIR1lWRjlZUTBjcDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YTNjZDEtODEwOS00YzY2LTgzMjQtNDgyOGQ2NTEwNGUx
LzEvU3RGeGNhNm9WMnhESEdOMEdHa2NuQjlWZFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ejIMA0G
CSqGSIb3DQEBCwUAA4IBAQCRVFX+w749H3sLlSsTDlT3nx2/X4CyKf/1QrntMfy1
jT4x/D8bMHdfAiB5gWbKl20Lp1/Fnk5Hpwcz2TUjA1BlR86M7b6QGjKWAHsWwn8/
AEI3U8NxNXV42eBxYE8R6Ox0lSsFmDenNf4cBRRyuia5l3tIkfyGQdEPH/cGWXs0
rWWEa7Orm8iJx8I2lgO2dskqHCzKSWyq7tZdsG/Avwy5mviKvfjzhKpO5WgzcSCc
GzHZ1qdxuGFsLvUOLXF//2F3z+lyM7Bd8qDxV3Uy2JXAhpftI8JDWe1qhpLlqAVb
T9jE967TkxnP0SPR+GDxStENK6ryBGSR8Z168BqSSj9K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:31 2025 by rpki-client