Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NA_rYxQl_f4BoA625PapcqgJO1Q.roa
File: NA_rYxQl_f4BoA625PapcqgJO1Q.roa (raw, json)
Hash identifier: 5BRntP8fcZ/quwl5IuqcHpOpGn9js/UepjBsVptuV/Q=
Subject key identifier: 34:0F:EB:63:14:25:FD:FE:01:A0:0E:B6:E4:F6:A9:72:A8:09:3B:54
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 01891C4DD6C3026F8E403B081B0EE7222910
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NA_rYxQl_f4BoA625PapcqgJO1Q.roa
Signing time: Mon 03 Jul 2023 15:10:10 +0000
ROA not before: Mon 03 Jul 2023 15:10:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:85c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:4d:d6:c3:02:6f:8e:40:3b:08:1b:0e:e7:22:29:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jul 3 15:10:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=340feb631425fdfe01a00eb6e4f6a972a8093b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:14:b3:0c:db:29:91:cf:f6:70:d3:ce:d3:ea:
b4:9c:f2:4a:43:40:2f:47:30:0e:0d:44:08:86:06:
c0:2c:8a:f2:b7:e1:43:c6:d7:5e:83:98:e2:ca:87:
aa:49:cb:89:20:89:be:3f:1e:2b:0f:db:00:cd:25:
4c:b8:75:47:05:0d:66:15:a8:34:80:d4:15:5d:91:
85:99:63:9f:ff:32:21:89:d3:62:5b:d3:1d:bb:02:
24:c1:f9:d5:46:30:5c:b6:ff:47:6e:da:2e:40:ce:
13:7e:f7:bb:ad:bd:30:b2:24:c2:2c:1c:a2:16:a6:
d2:12:14:f7:6f:8b:97:64:b0:3f:ef:8e:89:7d:a3:
f9:d8:18:a1:85:9e:33:92:03:8b:d4:8d:30:84:46:
05:3b:74:a3:5c:98:e6:62:23:97:3d:49:e5:f0:13:
93:15:fc:39:76:7a:78:5c:0d:fd:c5:2c:c1:22:98:
6d:57:b8:cc:3c:c3:e6:8e:dc:94:34:ff:ae:ee:64:
c4:7c:7a:7f:f7:08:db:5c:f9:19:26:f4:93:81:15:
c2:25:d7:46:12:7a:69:6c:84:bc:4b:08:25:ca:0d:
52:6f:cf:c4:8a:29:24:9b:84:dd:c7:df:94:f1:d1:
0e:a4:08:36:ac:ef:73:8b:3e:32:09:6d:20:44:4f:
4d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0F:EB:63:14:25:FD:FE:01:A0:0E:B6:E4:F6:A9:72:A8:09:3B:54
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/NA_rYxQl_f4BoA625PapcqgJO1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:85c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
79:da:f7:b3:49:10:5c:a9:4f:9a:e5:dd:7e:be:d6:14:32:65:
05:1b:4b:b3:43:11:91:95:77:d3:eb:a8:7b:76:c6:35:3e:41:
83:f9:cf:4b:9a:4d:66:13:a2:5e:98:ca:a5:cf:04:81:6c:70:
c7:04:ec:d9:e2:80:8a:83:08:b2:0d:d3:dd:28:e6:46:a7:c7:
b8:84:2e:69:a0:f4:99:31:95:58:fe:fc:0f:d9:57:2c:6b:63:
b4:85:d8:e0:9a:79:2a:07:67:13:f8:3e:99:ba:f9:15:99:53:
21:e0:dd:47:aa:5b:9a:07:9e:67:a9:99:13:23:e0:65:37:f1:
50:b8:ec:ce:6c:75:91:00:6d:c8:4e:62:d7:0f:9b:f0:91:62:
21:a0:43:5b:7f:8d:2d:72:ba:e4:2f:ec:2f:3b:0a:6f:79:37:
26:46:65:17:7a:80:de:b3:df:a9:04:ce:38:68:63:60:2b:94:
8f:a5:bf:a6:e5:ce:34:b2:f3:af:e5:a9:ed:4b:15:2c:dc:c8:
19:f7:5b:96:49:f3:85:65:fe:ef:38:f4:ce:3c:f8:ed:30:f6:
89:e2:cd:98:5d:c9:47:90:0a:70:7f:89:bc:4c:84:59:df:ff:
56:03:79:d3:c0:ad:22:6a:65:e2:43:b3:8b:3a:2c:74:a1:67:
a2:33:cf:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYkcTdbDAm+OQDsIGw7nIikQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjMwNzAzMTUxMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBmZWI2MzE0MjVmZGZlMDFhMDBlYjZlNGY2YTk3MmE4MDkzYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxSzDNspkc/2cNPO0+q0nPJKQ0Av
RzAODUQIhgbALIryt+FDxtdeg5jiyoeqScuJIIm+Px4rD9sAzSVMuHVHBQ1mFag0
gNQVXZGFmWOf/zIhidNiW9MduwIkwfnVRjBctv9HbtouQM4Tfve7rb0wsiTCLByi
FqbSEhT3b4uXZLA/746JfaP52BihhZ4zkgOL1I0whEYFO3SjXJjmYiOXPUnl8BOT
Ffw5dnp4XA39xSzBIphtV7jMPMPmjtyUNP+u7mTEfHp/9wjbXPkZJvSTgRXCJddG
EnppbIS8Swglyg1Sb8/Eiikkm4Tdx9+U8dEOpAg2rO9ziz4yCW0gRE9NKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDQP62MUJf3+AaAOtuT2qXKoCTtUMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEvTkFfcll4UWxfZjRCb0E2MjVQYXBjcWdKTzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhOFwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQB52vezSRBcqU+a5d1+vtYUMmUFG0uzQxGRlXfT
66h7dsY1PkGD+c9Lmk1mE6JemMqlzwSBbHDHBOzZ4oCKgwiyDdPdKOZGp8e4hC5p
oPSZMZVY/vwP2Vcsa2O0hdjgmnkqB2cT+D6ZuvkVmVMh4N1HqluaB55nqZkTI+Bl
N/FQuOzObHWRAG3ITmLXD5vwkWIhoENbf40tcrrkL+wvOwpveTcmRmUXeoDes9+p
BM44aGNgK5SPpb+m5c40svOv5antSxUs3MgZ91uWSfOFZf7vOPTOPPjtMPaJ4s2Y
XclHkApwf4m8TIRZ3/9WA3nTwK0iamXiQ7OLOix0oWeiM8+7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:05 2025 by rpki-client