Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NF0nV-Poo1kfdheSeops1Am6CjM.roa
File: NF0nV-Poo1kfdheSeops1Am6CjM.roa (raw, json)
Hash identifier: BnVMv9+LVwJf6sKr4HbsphY8MBKOqka7sQ8Nh4+P0ao=
Subject key identifier: 34:5D:27:57:E3:E8:A3:59:1F:76:17:92:7A:8A:6C:D4:09:BA:0A:33
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEBC09D39F3297D9A9ADBD66A20D9
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NF0nV-Poo1kfdheSeops1Am6CjM.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51035
IP address blocks: 2a02:2698:8800::/38 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:eb:c0:9d:39:f3:29:7d:9a:9a:db:d6:6a:20:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=345d2757e3e8a3591f7617927a8a6cd409ba0a33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9e:72:a3:0c:b3:63:1f:8f:d8:bf:35:f8:6a:
33:6b:3b:08:1b:6d:be:26:b2:48:a4:3d:11:bb:d8:
1e:c2:9b:e2:10:74:d0:10:ae:22:c0:40:6d:ab:08:
49:2d:af:fb:9e:bc:13:bb:f8:fd:58:d2:45:ab:b4:
fa:4c:cc:05:f0:c0:93:31:24:3c:fe:4b:c6:74:5a:
4c:06:6e:4a:52:fd:36:a7:80:f4:03:db:a7:a8:34:
b4:a9:53:2f:bf:24:dd:b9:61:4a:a7:51:9d:5f:49:
25:3e:1a:02:16:61:3a:38:96:41:5a:30:73:47:71:
97:96:c0:8f:72:35:b5:2b:a3:41:51:30:ea:45:de:
65:b6:65:f5:99:6f:fe:80:0b:09:ea:25:ef:18:23:
87:7a:38:dd:cb:1e:e4:a4:33:dd:9a:d2:a8:aa:15:
4f:23:57:a4:31:33:48:17:99:6b:07:54:81:39:ae:
1b:e9:0a:df:fa:48:55:67:65:d8:19:19:2c:25:22:
99:5e:a2:24:e1:c0:b3:70:2b:2e:ea:6c:e7:d1:bf:
2a:04:6c:dc:b0:6e:d1:4a:1a:c4:3f:c2:19:95:df:
53:fd:ed:cc:c4:7a:38:d9:9a:c2:63:f2:d2:32:e2:
e4:25:56:dd:54:79:9a:67:0d:d3:f0:26:d9:e4:85:
52:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5D:27:57:E3:E8:A3:59:1F:76:17:92:7A:8A:6C:D4:09:BA:0A:33
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NF0nV-Poo1kfdheSeops1Am6CjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8800::/38
Signature Algorithm: sha256WithRSAEncryption
25:44:39:04:8b:81:cc:3d:e0:e6:cc:0c:c7:33:76:55:0c:e9:
6f:2e:37:00:e1:36:84:32:82:47:17:50:0b:bf:f2:56:31:56:
f8:e8:5a:90:44:2c:71:ba:22:4c:ee:13:34:be:f4:78:61:34:
0e:91:38:e1:cb:fa:2f:c0:17:6b:0f:d4:90:6a:46:02:b1:c5:
d3:4f:4e:f1:67:08:26:8e:7c:76:9c:da:b3:2e:18:9d:28:35:
6c:9c:6c:7b:71:55:e4:94:74:c3:4e:25:1b:44:0e:ed:6c:3e:
4a:40:69:01:e6:39:07:d1:f1:76:a2:09:2d:8b:0b:ff:4c:e0:
70:95:48:36:94:37:3a:f4:ad:56:0d:6d:6b:e4:ac:24:59:ae:
70:3f:12:3e:aa:2f:36:01:e9:a7:56:0b:77:fb:fa:64:92:17:
a9:0d:de:b7:9a:31:5d:34:5d:c8:e4:d4:a4:60:1c:aa:f2:4b:
7c:1a:60:05:b6:40:e3:7f:42:29:59:46:f4:0c:f8:21:bc:e8:
bc:87:ed:c1:3c:08:76:96:c0:09:32:7f:96:52:83:71:54:7d:
08:bc:ea:48:e4:bd:80:b5:70:50:68:21:4a:3b:af:40:07:2e:
0e:fd:f6:1a:7a:53:fd:97:f1:8c:62:09:9d:74:95:dd:ec:91:
9d:b5:54:b6
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuvAnTnzKX2amtvWaiDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVkMjc1N2UzZThhMzU5MWY3NjE3OTI3YThhNmNkNDA5YmEwYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZ5yowyzYx+P2L81+GozazsIG22+
JrJIpD0Ru9gewpviEHTQEK4iwEBtqwhJLa/7nrwTu/j9WNJFq7T6TMwF8MCTMSQ8
/kvGdFpMBm5KUv02p4D0A9unqDS0qVMvvyTduWFKp1GdX0klPhoCFmE6OJZBWjBz
R3GXlsCPcjW1K6NBUTDqRd5ltmX1mW/+gAsJ6iXvGCOHejjdyx7kpDPdmtKoqhVP
I1ekMTNIF5lrB1SBOa4b6Qrf+khVZ2XYGRksJSKZXqIk4cCzcCsu6mzn0b8qBGzc
sG7RShrEP8IZld9T/e3MxHo42ZrCY/LSMuLkJVbdVHmaZw3T8CbZ5IVS8wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDRdJ1fj6KNZH3YXknqKbNQJugozMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvTkYwblYtUG9vMWtmZGhlU2VvcHMxQW02Q2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmIgw
DQYJKoZIhvcNAQELBQADggEBACVEOQSLgcw94ObMDMczdlUM6W8uNwDhNoQygkcX
UAu/8lYxVvjoWpBELHG6IkzuEzS+9HhhNA6ROOHL+i/AF2sP1JBqRgKxxdNPTvFn
CCaOfHac2rMuGJ0oNWycbHtxVeSUdMNOJRtEDu1sPkpAaQHmOQfR8XaiCS2LC/9M
4HCVSDaUNzr0rVYNbWvkrCRZrnA/Ej6qLzYB6adWC3f7+mSSF6kN3reaMV00Xcjk
1KRgHKryS3waYAW2QON/QilZRvQM+CG86LyH7cE8CHaWwAkyf5ZSg3FUfQi86kjk
vYC1cFBoIUo7r0AHLg799hp6U/2X8YxiCZ10ld3skZ21VLY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:03 2025 by rpki-client