Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/NKRIVBM8zDyzcAAILxDCZV4aDy8.roa
File: NKRIVBM8zDyzcAAILxDCZV4aDy8.roa (raw, json)
Hash identifier: r7tA6YeMqURCrJBiBKcc7OQJOcl9ZRL6w9cAd5ByKAY=
Subject key identifier: 34:A4:48:54:13:3C:CC:3C:B3:70:00:08:2F:10:C2:65:5E:1A:0F:2F
Certificate issuer: /CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Certificate serial: 01856FA6D6220B59B54C4C07A098C193A59E
Authority key identifier: A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/NKRIVBM8zDyzcAAILxDCZV4aDy8.roa
Signing time: Sun 01 Jan 2023 23:24:42 +0000
ROA not before: Sun 01 Jan 2023 23:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203201
IP address blocks: 147.78.184.0/22 maxlen: 22
2a09:840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:d6:22:0b:59:b5:4c:4c:07:a0:98:c1:93:a5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Validity
Not Before: Jan 1 23:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34a44854133ccc3cb37000082f10c2655e1a0f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e7:ba:ad:40:70:b4:2c:0f:3f:7a:ca:78:86:
58:bc:a6:7b:b0:a4:ac:7c:39:c4:83:06:ec:4f:8a:
6b:0a:00:46:91:71:d8:4e:da:ea:fb:3b:04:a4:4e:
12:30:e1:a3:9c:54:5a:71:39:30:d6:74:a1:b3:0d:
de:38:e7:f9:81:d2:32:71:99:7d:5d:e0:f0:18:c3:
80:41:ed:f7:d9:9b:a3:a0:e6:45:c6:66:8b:db:50:
5e:b7:79:ad:a0:7f:9a:63:9c:02:5e:7d:65:33:ca:
57:e8:9f:2b:f8:46:e4:b5:f7:e4:85:34:72:57:77:
fb:cd:f8:53:11:94:ce:2f:88:c5:1f:95:1c:99:a8:
bc:ac:8e:f6:97:31:c9:ce:a9:8e:60:0d:04:9f:d0:
a5:11:fb:a4:ea:21:25:39:b1:54:5d:f7:d3:c6:25:
65:0b:82:c5:53:4a:ef:03:74:0d:57:d2:6d:36:1d:
a9:20:63:12:05:db:a3:7c:f4:3d:65:2d:27:08:89:
7f:01:79:a4:6e:e3:19:2f:b6:81:4a:6d:0d:ce:d5:
02:d0:c2:84:fe:13:38:f0:c9:c3:b3:8c:e9:1c:56:
18:0a:26:3b:d0:71:a1:65:2c:84:13:de:a3:eb:7c:
d4:21:04:6b:c4:a1:59:55:3c:00:66:d8:72:bc:cb:
be:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A4:48:54:13:3C:CC:3C:B3:70:00:08:2F:10:C2:65:5E:1A:0F:2F
X509v3 Authority Key Identifier:
keyid:A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/NKRIVBM8zDyzcAAILxDCZV4aDy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/pCzz6j9GGa3XsfheXbx2jNPRdC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.184.0/22
IPv6:
2a09:840::/32
Signature Algorithm: sha256WithRSAEncryption
c7:e9:b6:91:b8:bd:f3:9f:a8:d4:9f:c0:01:d5:e7:4a:79:0a:
01:e2:e4:fd:37:f4:48:f9:c0:3a:f6:83:7a:a9:74:4f:91:a6:
36:56:fe:f7:d0:55:ba:e1:83:dc:fe:ea:e2:a2:5c:5f:58:47:
53:78:1b:9b:2d:a0:2a:bc:9b:6b:92:26:fb:fe:3b:36:c7:bd:
f6:5d:22:37:4f:a1:ee:df:09:33:f0:d9:33:71:91:b1:f1:0d:
16:27:23:7e:ad:14:51:b7:86:54:32:1e:79:1e:92:be:a7:1a:
93:70:23:42:fe:c9:e3:7d:3e:d4:c8:cd:d0:c7:d9:29:ce:2d:
db:58:0b:6f:ef:7d:46:11:5c:52:da:20:4c:76:51:ef:89:c8:
e8:bc:e3:38:c9:5f:20:35:94:2e:fe:ed:4d:17:33:14:5e:d9:
7a:80:da:05:c8:6a:30:29:bd:2e:c0:e2:06:6a:3d:57:21:57:
84:50:a6:d4:f3:21:6c:ef:6f:b6:eb:ff:f0:96:52:4f:98:d7:
89:95:d8:b7:1c:2e:88:cf:bc:f7:11:8a:a7:ba:58:17:05:51:
43:f3:3f:b6:58:3e:09:e7:40:c0:b6:bb:b1:b4:42:05:54:e4:
c8:49:0a:5d:fa:99:42:08:9b:0c:05:04:b0:0d:ff:53:11:95:
1e:e1:ec:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvptYiC1m1TEwHoJjBk6WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmNmM2VhM2Y0NjE5YWRkN2IxZjg1ZTVkYmM3NjhjZDNk
MTc0MmQwHhcNMjMwMTAxMjMyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE0NDg1NDEzM2NjYzNjYjM3MDAwMDgyZjEwYzI2NTVlMWEwZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgee6rUBwtCwPP3rKeIZYvKZ7sKSs
fDnEgwbsT4prCgBGkXHYTtrq+zsEpE4SMOGjnFRacTkw1nShsw3eOOf5gdIycZl9
XeDwGMOAQe332ZujoOZFxmaL21Bet3mtoH+aY5wCXn1lM8pX6J8r+EbktffkhTRy
V3f7zfhTEZTOL4jFH5Ucmai8rI72lzHJzqmOYA0En9ClEfuk6iElObFUXffTxiVl
C4LFU0rvA3QNV9JtNh2pIGMSBdujfPQ9ZS0nCIl/AXmkbuMZL7aBSm0NztUC0MKE
/hM48MnDs4zpHFYYCiY70HGhZSyEE96j63zUIQRrxKFZVTwAZthyvMu+uwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDSkSFQTPMw8s3AACC8QwmVeGg8vMB8GA1UdIwQY
MBaAFKQs8+o/Rhmt17H4Xl28dozT0XQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEN6ejZqOUdHYTNYc2ZoZVhieDJqTlBSZEMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81NzI2OWItMGY3MC00NmNmLWJjZTIt
Yzc3NzUxNTlmYzgyLzEvTktSSVZCTTh6RHl6Y0FBSUx4RENaVjRhRHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81NzI2OWItMGY3MC00NmNmLWJjZTItYzc3NzUxNTlmYzgy
LzEvcEN6ejZqOUdHYTNYc2ZoZVhieDJqTlBSZEMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk064MA0E
AgACMAcDBQAqCQhAMA0GCSqGSIb3DQEBCwUAA4IBAQDH6baRuL3zn6jUn8AB1edK
eQoB4uT9N/RI+cA69oN6qXRPkaY2Vv730FW64YPc/uriolxfWEdTeBubLaAqvJtr
kib7/js2x732XSI3T6Hu3wkz8NkzcZGx8Q0WJyN+rRRRt4ZUMh55HpK+pxqTcCNC
/snjfT7UyM3Qx9kpzi3bWAtv731GEVxS2iBMdlHvicjovOM4yV8gNZQu/u1NFzMU
Xtl6gNoFyGowKb0uwOIGaj1XIVeEUKbU8yFs72+26//wllJPmNeJldi3HC6Iz7z3
EYqnulgXBVFD8z+2WD4J50DAtruxtEIFVOTISQpd+plCCJsMBQSwDf9TEZUe4eyg
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:04 2025 by rpki-client