Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/nuiFFa4NxUMg0HVwRaKc9jAxdNg.roa
File: nuiFFa4NxUMg0HVwRaKc9jAxdNg.roa (raw, json)
Hash identifier: jRDVLsHQF0GemRAYd7Cea+WgKKvRN0SvScZ4u36GQlQ=
Subject key identifier: 9E:E8:85:15:AE:0D:C5:43:20:D0:75:70:45:A2:9C:F6:30:31:74:D8
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018596D636EA653EF34E7663E27543D63D92
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/nuiFFa4NxUMg0HVwRaKc9jAxdNg.roa
Signing time: Mon 09 Jan 2023 14:01:39 +0000
ROA not before: Mon 09 Jan 2023 14:01:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209186
IP address blocks: 2a0c:b641:910::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:d6:36:ea:65:3e:f3:4e:76:63:e2:75:43:d6:3d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 9 14:01:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ee88515ae0dc54320d0757045a29cf6303174d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5e:e1:4e:72:91:a0:88:65:4a:97:6c:fd:2a:
85:e7:bf:ad:70:a6:a3:bd:b9:83:c1:c0:2d:70:02:
f1:26:f5:26:41:e7:f6:f0:77:2e:a7:6f:69:b9:4d:
d3:44:42:1e:d6:a1:a8:85:bc:df:24:e1:af:51:94:
d4:65:31:49:22:35:95:9f:07:97:da:4e:b2:2a:1a:
35:5d:33:a7:34:01:29:f8:53:53:79:72:68:00:e0:
80:36:59:1c:d5:cd:b2:b9:30:cc:35:3d:25:e0:be:
1d:04:8d:d5:8e:2e:d4:48:9e:0e:ac:75:6f:aa:b7:
54:16:81:36:cb:77:9e:79:ca:0e:14:c9:2e:47:42:
41:f1:8d:8a:d8:08:93:e5:4c:4a:3b:fc:71:a3:ce:
d7:cf:35:28:68:7e:91:d8:5a:86:90:52:d5:a5:70:
11:ae:26:cf:d6:7f:57:b9:8b:14:e1:05:3e:26:cf:
15:98:b4:4c:3c:fb:18:33:96:bf:06:e9:e8:20:b7:
60:df:9e:2f:54:60:31:aa:0f:c1:67:22:dd:6a:ec:
83:72:10:2c:76:65:9f:00:2d:b2:6f:79:eb:4d:96:
58:21:f7:17:c1:a6:e9:27:ba:cf:0a:f7:cd:11:cb:
81:80:14:61:cd:43:90:45:19:cc:32:78:c0:99:9f:
f7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E8:85:15:AE:0D:C5:43:20:D0:75:70:45:A2:9C:F6:30:31:74:D8
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/nuiFFa4NxUMg0HVwRaKc9jAxdNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:910::/44
Signature Algorithm: sha256WithRSAEncryption
37:7f:72:0c:34:c7:d6:c3:42:35:d3:cb:a5:33:46:0e:66:e2:
e8:7b:05:e4:49:23:35:bf:47:d4:82:72:5b:b3:de:80:5d:88:
52:91:6d:2a:08:33:2e:48:52:90:43:62:cf:33:d8:68:7e:7c:
cf:7d:70:01:0d:3e:18:91:10:5f:1b:ee:af:52:be:08:cf:9e:
22:3c:82:c5:92:b2:49:2a:be:09:a9:fe:2b:9d:7b:67:ed:6e:
16:0a:c2:b1:2a:07:7b:59:fa:88:7d:e6:7b:6a:4b:4a:84:f2:
f1:4c:af:bb:4e:c4:4e:59:df:40:51:58:d0:44:c3:9c:6f:ea:
c3:52:f5:31:18:b5:cf:05:81:65:b8:d8:1a:71:6f:5e:f5:5d:
7b:32:e5:a5:f3:4a:98:dd:b6:46:e5:c7:6b:40:a9:59:81:0a:
a4:3d:7d:8d:83:ad:93:0c:d5:dd:3e:ba:b3:d4:60:56:f4:a8:
83:40:a5:52:d7:ee:8c:44:8e:d3:8c:1a:dc:49:1a:3a:2e:4e:
e1:d3:f2:d9:e1:1b:bf:ad:36:ee:32:f9:a5:76:2d:0b:90:6d:
d9:aa:bf:7d:47:8a:fb:3c:0b:ac:da:db:17:70:e9:3e:b5:30:
90:f8:06:a5:27:1d:f3:9f:f1:0d:c9:83:d0:06:c2:43:85:6b:
a0:48:69:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYWW1jbqZT7zTnZj4nVD1j2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTA5MTQwMTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWU4ODUxNWFlMGRjNTQzMjBkMDc1NzA0NWEyOWNmNjMwMzE3NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF7hTnKRoIhlSpds/SqF57+tcKaj
vbmDwcAtcALxJvUmQef28Hcup29puU3TREIe1qGohbzfJOGvUZTUZTFJIjWVnweX
2k6yKho1XTOnNAEp+FNTeXJoAOCANlkc1c2yuTDMNT0l4L4dBI3Vji7USJ4OrHVv
qrdUFoE2y3eeecoOFMkuR0JB8Y2K2AiT5UxKO/xxo87XzzUoaH6R2FqGkFLVpXAR
ribP1n9XuYsU4QU+Js8VmLRMPPsYM5a/BunoILdg354vVGAxqg/BZyLdauyDchAs
dmWfAC2yb3nrTZZYIfcXwabpJ7rPCvfNEcuBgBRhzUOQRRnMMnjAmZ/3ZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ7ohRWuDcVDINB1cEWinPYwMXTYMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvbnVpRkZhNE54VU1nMEhWd1JhS2M5akF4ZE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA3f3IMNMfWw0I108ulM0YOZuLoewXkSSM1v0fU
gnJbs96AXYhSkW0qCDMuSFKQQ2LPM9hofnzPfXABDT4YkRBfG+6vUr4Iz54iPILF
krJJKr4Jqf4rnXtn7W4WCsKxKgd7WfqIfeZ7aktKhPLxTK+7TsROWd9AUVjQRMOc
b+rDUvUxGLXPBYFluNgacW9e9V17MuWl80qY3bZG5cdrQKlZgQqkPX2Ng62TDNXd
Prqz1GBW9KiDQKVS1+6MRI7TjBrcSRo6Lk7h0/LZ4Ru/rTbuMvmldi0LkG3Zqr99
R4r7PAus2tsXcOk+tTCQ+AalJx3zn/ENyYPQBsJDhWugSGkO
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:45 2025 by rpki-client