Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NZ6v-y3eBYkAD56NYYLSC5IpPmk.roa
File: NZ6v-y3eBYkAD56NYYLSC5IpPmk.roa (raw, json)
Hash identifier: yt8Ac7JcRMUdlj8BB0VC0qWiIycVK+kE+tbJKnAmrxM=
Subject key identifier: 35:9E:AF:FB:2D:DE:05:89:00:0F:9E:8D:61:82:D2:0B:92:29:3E:69
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAF3AB320A3ED61A73DE87DA847EFC
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NZ6v-y3eBYkAD56NYYLSC5IpPmk.roa
Signing time: Sun 01 Jan 2023 14:44:55 +0000
ROA not before: Sun 01 Jan 2023 14:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209303
IP address blocks: 5.3.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f3:ab:32:0a:3e:d6:1a:73:de:87:da:84:7e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=359eaffb2dde0589000f9e8d6182d20b92293e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8a:bf:e2:8c:6d:76:72:83:2a:8e:42:ab:d4:
7b:1d:03:df:8e:e0:ba:d4:40:af:cb:dc:bf:d8:85:
ce:38:e9:cd:4a:ec:c2:86:22:f6:73:d8:c8:af:0a:
75:b9:18:eb:0e:2e:91:0c:7e:a8:6d:8b:09:27:05:
61:57:76:59:ba:cd:af:15:49:f2:b0:ff:38:b9:8f:
85:2d:82:4e:5c:ed:48:7c:fe:07:3f:53:51:90:2b:
aa:33:7a:3e:23:49:27:06:6b:4d:ae:a3:0f:23:17:
a3:39:27:7f:5a:63:fc:08:f5:54:91:f8:fb:7a:69:
27:25:78:63:0b:81:53:80:6e:61:14:6d:65:b8:84:
0c:60:34:7d:8e:bc:99:02:42:dc:3e:82:b6:cd:12:
4d:fe:3e:94:59:c2:de:16:b8:d6:1d:e5:50:40:6f:
81:b2:30:b9:c6:71:b3:2d:87:d0:69:60:d9:13:57:
88:2e:b4:19:62:75:69:d7:9b:6e:a4:9a:29:50:0e:
6a:f5:00:c4:75:4a:cd:b4:03:6e:f8:2f:c8:53:f5:
38:85:16:a6:3b:a9:c6:87:ec:fb:55:27:b4:b0:d1:
49:1c:db:a1:70:23:c7:71:a7:61:5e:5f:23:69:ea:
9a:06:db:b8:43:37:c5:5d:b2:f7:ba:5e:12:3e:50:
84:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9E:AF:FB:2D:DE:05:89:00:0F:9E:8D:61:82:D2:0B:92:29:3E:69
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NZ6v-y3eBYkAD56NYYLSC5IpPmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.3.90.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c3:97:e8:b8:18:10:74:b4:0d:b2:8c:e5:c6:6d:1c:6c:87:
e1:49:9d:ac:e5:04:0f:e2:77:a9:9c:ad:aa:ea:c8:35:c2:d3:
6f:5f:08:8a:88:bc:c8:bc:bc:4f:0a:14:ce:3f:5f:db:0a:ef:
ac:be:96:19:f2:6e:ad:7d:c4:13:73:4c:f3:30:e6:f3:1c:8d:
41:7d:88:03:bf:1f:33:23:53:5e:b7:6d:df:9a:7d:f0:91:87:
79:a3:cf:2d:dd:14:d8:da:b3:cb:4e:30:a9:54:90:3a:8d:13:
d3:ad:38:e5:3b:b0:d0:2b:78:c2:7d:39:f1:23:cf:a2:95:65:
09:04:4c:4b:29:a6:4b:6d:fb:3e:3e:33:ab:83:58:f4:06:2b:
b4:12:a9:48:85:e2:b0:b7:2c:7b:16:39:56:3a:67:d9:1f:83:
b4:f9:3a:0e:38:fe:b2:51:50:6b:28:02:8b:0e:e4:54:13:3a:
d0:6a:5e:06:25:df:3a:90:ea:89:b8:9f:35:7e:07:45:8f:44:
1b:51:91:1e:4d:8d:53:92:d5:ba:8a:86:7b:3e:d3:f2:61:18:
2f:80:32:ad:94:45:e8:61:1c:7a:3c:53:f5:1c:9b:63:6b:69:
66:6b:b2:f0:55:98:db:fa:46:e1:38:76:d3:8b:61:87:66:93:
42:cc:c0:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyvOrMgo+1hpz3ofahH78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTllYWZmYjJkZGUwNTg5MDAwZjllOGQ2MTgyZDIwYjkyMjkzZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIq/4oxtdnKDKo5Cq9R7HQPfjuC6
1ECvy9y/2IXOOOnNSuzChiL2c9jIrwp1uRjrDi6RDH6obYsJJwVhV3ZZus2vFUny
sP84uY+FLYJOXO1IfP4HP1NRkCuqM3o+I0knBmtNrqMPIxejOSd/WmP8CPVUkfj7
emknJXhjC4FTgG5hFG1luIQMYDR9jryZAkLcPoK2zRJN/j6UWcLeFrjWHeVQQG+B
sjC5xnGzLYfQaWDZE1eILrQZYnVp15tupJopUA5q9QDEdUrNtANu+C/IU/U4hRam
O6nGh+z7VSe0sNFJHNuhcCPHcadhXl8jaeqaBtu4QzfFXbL3ul4SPlCEAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWer/st3gWJAA+ejWGC0guSKT5pMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvTlo2di15M2VCWWtBRDU2TllZTFNDNUlwUG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQNaMA0G
CSqGSIb3DQEBCwUAA4IBAQAuw5fouBgQdLQNsozlxm0cbIfhSZ2s5QQP4nepnK2q
6sg1wtNvXwiKiLzIvLxPChTOP1/bCu+svpYZ8m6tfcQTc0zzMObzHI1BfYgDvx8z
I1Net23fmn3wkYd5o88t3RTY2rPLTjCpVJA6jRPTrTjlO7DQK3jCfTnxI8+ilWUJ
BExLKaZLbfs+PjOrg1j0Biu0EqlIheKwtyx7FjlWOmfZH4O0+ToOOP6yUVBrKAKL
DuRUEzrQal4GJd86kOqJuJ81fgdFj0QbUZEeTY1TktW6ioZ7PtPyYRgvgDKtlEXo
YRx6PFP1HJtja2lma7LwVZjb+kbhOHbTi2GHZpNCzMAT
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:00 2025 by rpki-client