Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/NhMtqYZL3MrFKG231qzBlVyZu_c.roa
File: NhMtqYZL3MrFKG231qzBlVyZu_c.roa (raw, json)
Hash identifier: 1dqnDJdYKPKf2RMphqERmzWkjQBtYQodUp+a96EHVE8=
Subject key identifier: 36:13:2D:A9:86:4B:DC:CA:C5:28:6D:B7:D6:AC:C1:95:5C:99:BB:F7
Certificate issuer: /CN=aa53cd2c584a3dc16208ba93b0db74773b3f23be
Certificate serial: 09A1FD94
Authority key identifier: AA:53:CD:2C:58:4A:3D:C1:62:08:BA:93:B0:DB:74:77:3B:3F:23:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlPNLFhKPcFiCLqTsNt0dzs_I74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/NhMtqYZL3MrFKG231qzBlVyZu_c.roa
Signing time: Sat 01 Jan 2022 11:56:04 +0000
ROA not before: Sat 01 Jan 2022 11:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20625
IP address blocks: 2a02:ae8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161611156 (0x9a1fd94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa53cd2c584a3dc16208ba93b0db74773b3f23be
Validity
Not Before: Jan 1 11:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36132da9864bdccac5286db7d6acc1955c99bbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:86:97:38:ac:96:ee:69:50:a2:3b:12:dd:00:
72:86:cb:cd:15:b9:33:a5:4a:9e:31:e8:83:1b:26:
80:b6:1a:4d:27:9c:ba:5e:d5:bd:ab:5d:c1:39:f7:
d6:f5:6f:68:f2:25:60:59:f7:de:db:8f:e6:2c:05:
db:05:80:de:f5:20:9b:ac:64:d0:a3:c9:c2:39:cf:
b8:62:f7:8f:d6:7a:76:8c:28:31:c5:87:d3:a9:2b:
bf:24:e2:13:68:ba:8b:53:e6:98:39:24:1a:8e:37:
60:fd:6a:7b:5b:37:74:d9:07:80:5b:3a:4f:8f:90:
1c:94:bb:9a:c4:e6:35:cd:14:94:3c:de:f3:9a:95:
01:fd:52:a3:40:d5:3f:c8:c4:a7:54:9c:1a:13:c9:
92:06:05:0d:a2:72:a0:f8:87:cf:34:7d:eb:bf:bf:
b6:05:d5:45:65:b5:c4:6c:81:c9:40:c9:be:29:00:
a0:b1:63:ec:3c:d2:29:70:14:15:a3:6c:57:6c:82:
e7:ac:a2:41:3f:2d:88:70:65:40:6d:b8:10:e5:f0:
24:ea:63:3f:68:6c:74:58:47:fa:68:06:9e:94:b2:
67:2d:f9:ec:ee:d5:83:01:e4:32:71:55:0b:0a:65:
10:80:4c:4f:4d:ca:cd:23:9e:f7:77:31:c1:2a:7f:
14:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:13:2D:A9:86:4B:DC:CA:C5:28:6D:B7:D6:AC:C1:95:5C:99:BB:F7
X509v3 Authority Key Identifier:
keyid:AA:53:CD:2C:58:4A:3D:C1:62:08:BA:93:B0:DB:74:77:3B:3F:23:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlPNLFhKPcFiCLqTsNt0dzs_I74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/NhMtqYZL3MrFKG231qzBlVyZu_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e670a7-ad78-457e-ad80-007978bdb052/1/qlPNLFhKPcFiCLqTsNt0dzs_I74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:ae8::/29
Signature Algorithm: sha256WithRSAEncryption
81:9b:fe:bd:9e:b6:89:2e:3c:be:56:72:4a:25:94:67:27:57:
16:ca:d8:c0:aa:98:80:e8:60:ff:70:60:24:7e:10:68:6d:17:
a4:93:03:a4:34:b5:8d:a3:9e:f7:94:f4:4c:f0:87:32:24:f9:
b9:2d:03:aa:df:b0:ab:08:6a:79:f3:b8:83:6e:0d:5b:f1:a9:
df:6b:57:9e:c6:05:e7:84:28:2b:5b:f5:8c:eb:b3:05:18:34:
68:01:6d:b4:34:81:9b:dd:4a:e8:f6:03:60:17:8f:7a:37:be:
b9:be:00:cb:13:ab:79:21:af:8a:09:d0:b5:86:5b:2a:ea:5f:
e2:ef:e5:32:bc:38:e2:00:e9:f3:da:10:8e:fd:32:54:7b:a1:
f4:99:bf:c5:42:11:9a:09:59:3c:86:fe:ff:07:71:19:54:e9:
aa:37:4c:84:af:2b:02:2b:2e:93:bc:7a:6a:c9:1d:d1:df:59:
f1:ce:56:9c:b1:7a:ed:41:13:d2:b0:3b:72:a4:cd:e2:88:1d:
f2:58:84:71:36:8b:77:26:6d:d9:5a:09:e8:2b:e7:06:8b:35:
a7:77:79:69:93:d3:0d:3e:7f:ec:b1:7a:4f:15:c7:3b:19:9b:
55:fb:e8:f0:c1:b9:91:c8:dc:00:78:2d:04:13:01:61:c7:96:
1a:80:4c:6d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECaH9lDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTUzY2QyYzU4NGEzZGMxNjIwOGJhOTNiMGRiNzQ3NzNiM2YyM2JlMB4XDTIyMDEw
MTExNTYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzYxMzJkYTk4NjRi
ZGNjYWM1Mjg2ZGI3ZDZhY2MxOTU1Yzk5YmJmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuGlzislu5pUKI7Et0AcobLzRW5M6VKnjHogxsmgLYaTSec
ul7VvatdwTn31vVvaPIlYFn33tuP5iwF2wWA3vUgm6xk0KPJwjnPuGL3j9Z6dowo
McWH06krvyTiE2i6i1PmmDkkGo43YP1qe1s3dNkHgFs6T4+QHJS7msTmNc0UlDze
85qVAf1So0DVP8jEp1ScGhPJkgYFDaJyoPiHzzR967+/tgXVRWW1xGyByUDJvikA
oLFj7DzSKXAUFaNsV2yC56yiQT8tiHBlQG24EOXwJOpjP2hsdFhH+mgGnpSyZy35
7O7VgwHkMnFVCwplEIBMT03KzSOe93cxwSp/FNMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQ2Ey2phkvcysUobbfWrMGVXJm79zAfBgNVHSMEGDAWgBSqU80sWEo9wWII
upOw23R3Oz8jvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FsUE5MRmhLUGNGaUNMcVRzTnQwZHpzX0k3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZTY3MGE3LWFkNzgtNDU3ZS1hZDgwLTAwNzk3OGJkYjA1Mi8x
L05oTXRxWVpMM01yRktHMjMxcXpCbFZ5WnVfYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZTY3MGE3LWFkNzgtNDU3ZS1hZDgwLTAwNzk3OGJkYjA1Mi8xL3FsUE5MRmhLUGNG
aUNMcVRzTnQwZHpzX0k3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoCCugwDQYJKoZIhvcNAQELBQAD
ggEBAIGb/r2etokuPL5WckollGcnVxbK2MCqmIDoYP9wYCR+EGhtF6STA6Q0tY2j
nveU9EzwhzIk+bktA6rfsKsIannzuINuDVvxqd9rV57GBeeEKCtb9YzrswUYNGgB
bbQ0gZvdSuj2A2AXj3o3vrm+AMsTq3khr4oJ0LWGWyrqX+Lv5TK8OOIA6fPaEI79
MlR7ofSZv8VCEZoJWTyG/v8HcRlU6ao3TISvKwIrLpO8emrJHdHfWfHOVpyxeu1B
E9KwO3KkzeKIHfJYhHE2i3cmbdlaCegr5waLNad3eWmT0w0+f+yxek8VxzsZm1X7
6PDBuZHI3AB4LQQTAWHHlhqATG0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:11 2024 by rpki-client on console-fra.rpki-client.org