Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/XnTKx1UOn2QM-UKi51074F2raeY.roa
File: XnTKx1UOn2QM-UKi51074F2raeY.roa (raw, json)
Hash identifier: AVFy/qG87B08IB6aKG7Q5AwlrMvy/sYqtXr7wyHoazE=
Subject key identifier: 5E:74:CA:C7:55:0E:9F:64:0C:F9:42:A2:E7:5D:3B:E0:5D:AB:69:E6
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 15648D1A
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/XnTKx1UOn2QM-UKi51074F2raeY.roa
Signing time: Sat 01 Jan 2022 08:04:53 +0000
ROA not before: Sat 01 Jan 2022 08:04:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64404
IP address blocks: 2a05:2d01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358911258 (0x15648d1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 08:04:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e74cac7550e9f640cf942a2e75d3be05dab69e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:26:ad:60:66:bc:e9:c1:0b:77:19:ce:31:2d:
6f:0a:95:8a:37:a1:1e:86:28:fb:e3:e4:1c:04:dd:
bf:cc:72:c6:cf:2e:20:19:34:e3:c4:91:61:5b:ff:
b0:bb:d1:57:36:26:6d:a9:7f:f1:43:c8:2e:3c:3b:
03:4b:9e:34:56:9c:ea:32:16:06:52:47:60:28:30:
17:98:06:46:32:71:7e:94:5a:0c:23:de:e1:ee:9f:
27:5a:85:41:20:84:77:0a:08:c8:86:81:4d:4b:1f:
31:fa:29:7c:75:39:02:3e:e9:f0:34:57:3b:76:22:
6a:15:5c:97:69:1c:f3:92:0e:00:67:7c:20:24:72:
69:27:a3:96:77:d3:a5:f8:3e:75:bb:bb:c2:a2:22:
62:67:97:d7:f6:f3:2d:36:74:6a:ab:57:28:dc:cd:
34:0d:3b:c4:a1:f0:38:de:55:5c:d9:d4:06:26:4a:
1f:0e:13:50:81:a2:28:e9:4f:0f:63:4f:b2:72:bf:
bc:13:e7:1f:3d:9f:7a:b3:3f:3d:40:f0:18:19:81:
18:65:01:ea:a8:09:36:8a:ca:e0:31:44:91:01:e4:
fa:ba:05:73:55:77:0a:bc:94:77:78:f1:e1:7c:ff:
fc:6c:83:f7:54:c7:b2:89:97:f0:4b:59:be:b4:4b:
ae:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:74:CA:C7:55:0E:9F:64:0C:F9:42:A2:E7:5D:3B:E0:5D:AB:69:E6
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/XnTKx1UOn2QM-UKi51074F2raeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:2d01::/32
Signature Algorithm: sha256WithRSAEncryption
15:cc:f0:96:92:c4:cf:70:5a:9a:39:38:67:63:b8:52:82:9a:
75:31:f5:42:d1:c1:b5:c0:e6:0d:c6:0e:25:41:97:31:07:2a:
ac:b7:96:c7:07:c2:3b:18:e2:2a:bd:b1:f8:7e:86:5c:5a:9c:
f9:9f:b1:33:e3:44:de:7b:5f:49:d0:7d:80:e5:81:a3:4b:d3:
5f:98:83:f8:dc:fd:94:15:8a:5d:71:0d:00:4f:2e:79:2a:44:
7a:14:95:d0:2c:80:d0:21:e4:71:67:a4:f0:1a:8d:85:be:7f:
92:91:fd:6b:cb:fc:6a:81:73:34:e9:60:9a:7e:c8:24:66:7c:
6a:c4:fb:01:fc:9b:a7:7d:5e:1d:ea:4a:ce:4b:48:6e:54:ce:
99:71:bc:1b:3b:bb:1f:9f:20:ec:fa:44:45:03:fc:3c:ab:98:
65:8a:b0:4d:16:2f:fe:bb:cf:df:84:0a:31:bf:54:8d:52:87:
ef:2f:0f:b8:02:e1:26:4f:bf:0a:79:ef:99:d7:fb:9a:ff:c9:
00:91:4e:ca:15:3f:c4:75:b8:28:38:68:16:c7:47:3d:f4:53:
b6:e7:b4:f3:06:3c:d3:30:67:3e:c6:6e:79:08:41:c3:e5:23:
75:ea:e4:0d:c8:c1:fd:2d:58:ea:37:54:4e:68:76:27:c2:dd:
a4:f6:08:6f
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEFWSNGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjA3NDM0OTZjN2ZmM2VmZmI4NzA2MDExMzljYWQ5ZDJmMjcxZTEwMB4XDTIyMDEw
MTA4MDQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU3NGNhYzc1NTBl
OWY2NDBjZjk0MmEyZTc1ZDNiZTA1ZGFiNjllNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEmrWBmvOnBC3cZzjEtbwqVijehHoYo++PkHATdv8xyxs8u
IBk048SRYVv/sLvRVzYmbal/8UPILjw7A0ueNFac6jIWBlJHYCgwF5gGRjJxfpRa
DCPe4e6fJ1qFQSCEdwoIyIaBTUsfMfopfHU5Aj7p8DRXO3YiahVcl2kc85IOAGd8
ICRyaSejlnfTpfg+dbu7wqIiYmeX1/bzLTZ0aqtXKNzNNA07xKHwON5VXNnUBiZK
Hw4TUIGiKOlPD2NPsnK/vBPnHz2ferM/PUDwGBmBGGUB6qgJNorK4DFEkQHk+roF
c1V3CryUd3jx4Xz//GyD91THsomX8EtZvrRLrgECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBRedMrHVQ6fZAz5QqLnXTvgXatp5jAfBgNVHSMEGDAWgBSfB0NJbH/z7/uH
BgETnK2dLyceEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L253ZERTV3hfOC1fN2h3WUJFNXl0blM4bkhoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvMjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8x
L1huVEt4MVVPbjJRTS1VS2k1MTA3NEYycmFlWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
MjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8xL253ZERTV3hfOC1f
N2h3WUJFNXl0blM4bkhoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoFLQEwDQYJKoZIhvcNAQELBQAD
ggEBABXM8JaSxM9wWpo5OGdjuFKCmnUx9ULRwbXA5g3GDiVBlzEHKqy3lscHwjsY
4iq9sfh+hlxanPmfsTPjRN57X0nQfYDlgaNL01+Yg/jc/ZQVil1xDQBPLnkqRHoU
ldAsgNAh5HFnpPAajYW+f5KR/WvL/GqBczTpYJp+yCRmfGrE+wH8m6d9Xh3qSs5L
SG5UzplxvBs7ux+fIOz6REUD/DyrmGWKsE0WL/67z9+ECjG/VI1Sh+8vD7gC4SZP
vwp575nX+5r/yQCRTsoVP8R1uCg4aBbHRz30U7bntPMGPNMwZz7GbnkIQcPlI3Xq
5A3Iwf0tWOo3VE5odifC3aT2CG8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:26 2023 by rpki-client on console-fra.rpki-client.org