Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/NeDOZtCkdjAtgyvJc2o6rcJmQqs.roa
File: NeDOZtCkdjAtgyvJc2o6rcJmQqs.roa (raw, json)
Hash identifier: tpGn+VFeD9zAjohva2MyfCtsgPyf7pI7p9tuamofm5k=
Subject key identifier: 35:E0:CE:66:D0:A4:76:30:2D:83:2B:C9:73:6A:3A:AD:C2:66:42:AB
Certificate issuer: /CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Certificate serial: 0184234F00F912CCA8A9DBA5C64A5BD86959
Authority key identifier: 0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/NeDOZtCkdjAtgyvJc2o6rcJmQqs.roa
Signing time: Sat 29 Oct 2022 10:34:50 +0000
ROA not before: Sat 29 Oct 2022 10:34:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 2a0e:48c0::/32 maxlen: 48
2a0e:48c1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:23:4f:00:f9:12:cc:a8:a9:db:a5:c6:4a:5b:d8:69:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bb3e73aa8b7f0af3bd8400572dae72b0d46f55c
Validity
Not Before: Oct 29 10:34:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35e0ce66d0a476302d832bc9736a3aadc26642ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:21:86:a4:62:07:a0:4f:f9:fc:41:75:4d:
2c:a5:b1:45:8a:e6:e8:98:e0:58:e8:28:98:74:e2:
da:70:57:23:88:2d:24:b9:c3:20:38:d8:3c:4a:80:
a4:05:94:c5:b3:9c:02:71:1d:72:8e:87:b8:ff:9d:
cd:f2:a5:18:9a:7b:80:d1:5d:9d:ee:6a:4a:05:8c:
13:bc:06:98:59:8b:a2:a8:b8:e6:f0:60:40:6f:38:
e0:f6:9d:91:a6:53:0f:98:1c:e4:00:19:5d:bc:86:
43:26:ed:d0:1d:48:2b:39:9f:d9:36:dc:b3:15:a9:
3e:05:df:e0:a4:b1:25:6a:2b:2b:c1:6d:ac:f5:2e:
d9:52:26:d2:23:75:0f:4b:d1:f5:61:42:a8:6a:89:
e0:85:b5:26:7b:06:ae:d9:e4:8b:59:26:a1:28:f8:
43:32:15:69:76:1e:b9:3b:91:a2:51:e5:01:c6:95:
b3:bd:f6:22:e6:58:e3:d0:f5:b3:f5:51:39:11:69:
32:85:c9:7d:ce:1a:88:0a:7a:8f:60:6d:c9:66:0b:
f5:d0:ce:0b:7e:74:b5:82:69:2a:fc:25:74:e1:05:
05:03:70:e2:21:06:67:dd:ad:4b:fe:df:c5:89:42:
0c:fa:06:8a:85:72:ed:9e:86:7d:85:d3:32:ef:72:
2e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E0:CE:66:D0:A4:76:30:2D:83:2B:C9:73:6A:3A:AD:C2:66:42:AB
X509v3 Authority Key Identifier:
keyid:0B:B3:E7:3A:A8:B7:F0:AF:3B:D8:40:05:72:DA:E7:2B:0D:46:F5:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C7PnOqi38K872EAFctrnKw1G9Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/NeDOZtCkdjAtgyvJc2o6rcJmQqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/eff67f-40a9-4775-a9c2-ad28fa966b51/1/C7PnOqi38K872EAFctrnKw1G9Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:48c0::/31
Signature Algorithm: sha256WithRSAEncryption
63:61:95:10:86:03:52:6a:3c:0e:94:d0:cd:61:f9:92:8d:db:
26:59:f2:8a:4c:81:3e:42:94:ed:f9:e5:ec:db:65:74:4b:06:
ab:bc:e1:9c:15:a5:f8:d4:ec:9b:7e:82:70:14:f4:76:6f:1d:
75:4f:50:76:5b:4b:e7:71:e4:16:38:41:c5:90:a2:5b:e1:67:
ca:6b:eb:71:3d:86:90:14:dc:f7:0a:af:30:ec:76:b6:92:2f:
fe:a1:30:fc:49:be:9f:c3:88:f4:1c:11:a6:b7:8e:31:bd:1b:
83:b8:ca:e7:39:66:ba:d7:e6:e3:84:aa:28:51:b8:1e:03:eb:
88:e2:32:08:c9:b7:03:fd:43:9d:3d:c6:67:51:74:5c:2a:d8:
76:8e:fc:62:0d:e0:a6:60:7b:14:eb:51:2a:36:bb:52:9f:b3:
2b:a3:4f:23:3d:50:c5:74:ef:d6:1b:3c:40:98:5d:a0:71:96:
b8:33:38:53:9f:fc:7b:17:f6:dd:44:7d:e4:31:9c:46:5d:95:
a5:d7:26:ff:51:2f:d7:28:bf:00:c7:34:6a:47:8c:a2:b8:e3:
0f:0e:47:8f:6e:b0:8e:9c:33:1f:46:09:9d:3c:30:9c:7f:37:
b2:66:ea:92:c8:e8:b6:29:85:30:e6:b6:7e:dc:4c:66:64:ac:
33:dc:1a:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYQjTwD5Esyoqdulxkpb2GlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYjNlNzNhYThiN2YwYWYzYmQ4NDAwNTcyZGFlNzJiMGQ0
NmY1NWMwHhcNMjIxMDI5MTAzNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWUwY2U2NmQwYTQ3NjMwMmQ4MzJiYzk3MzZhM2FhZGMyNjY0MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSEhhqRiB6BP+fxBdU0spbFFiubo
mOBY6CiYdOLacFcjiC0kucMgONg8SoCkBZTFs5wCcR1yjoe4/53N8qUYmnuA0V2d
7mpKBYwTvAaYWYuiqLjm8GBAbzjg9p2RplMPmBzkABldvIZDJu3QHUgrOZ/ZNtyz
Fak+Bd/gpLElaisrwW2s9S7ZUibSI3UPS9H1YUKoaonghbUmewau2eSLWSahKPhD
MhVpdh65O5GiUeUBxpWzvfYi5ljj0PWz9VE5EWkyhcl9zhqICnqPYG3JZgv10M4L
fnS1gmkq/CV04QUFA3DiIQZn3a1L/t/FiUIM+gaKhXLtnoZ9hdMy73IuoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDXgzmbQpHYwLYMryXNqOq3CZkKrMB8GA1UdIwQY
MBaAFAuz5zqot/CvO9hABXLa5ysNRvVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzIt
YWQyOGZhOTY2YjUxLzEvTmVET1p0Q2tkakF0Z3l2SmMybzZyY0ptUXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lZmY2N2YtNDBhOS00Nzc1LWE5YzItYWQyOGZhOTY2YjUx
LzEvQzdQbk9xaTM4Szg3MkVBRmN0cm5LdzFHOVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKg5IwDAN
BgkqhkiG9w0BAQsFAAOCAQEAY2GVEIYDUmo8DpTQzWH5ko3bJlnyikyBPkKU7fnl
7NtldEsGq7zhnBWl+NTsm36CcBT0dm8ddU9QdltL53HkFjhBxZCiW+FnymvrcT2G
kBTc9wqvMOx2tpIv/qEw/Em+n8OI9BwRpreOMb0bg7jK5zlmutfm44SqKFG4HgPr
iOIyCMm3A/1DnT3GZ1F0XCrYdo78Yg3gpmB7FOtRKja7Up+zK6NPIz1QxXTv1hs8
QJhdoHGWuDM4U5/8exf23UR95DGcRl2Vpdcm/1Ev1yi/AMc0akeMorjjDw5Hj26w
jpwzH0YJnTwwnH83smbqksjotimFMOa2ftxMZmSsM9wasQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:15 2025 by rpki-client