Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/NBsQoOH-lxiPKyF8-fFKaLJBdIw.roa
File: NBsQoOH-lxiPKyF8-fFKaLJBdIw.roa (raw, json)
Hash identifier: FzKP/WN85/GvMkyZyGaMg6qVqqRFg4Z7RQOm5yjLugQ=
Subject key identifier: 34:1B:10:A0:E1:FE:97:18:8F:2B:21:7C:F9:F1:4A:68:B2:41:74:8C
Certificate issuer: /CN=d0a1db466cf808206293d07e65f2121feb49a33e
Certificate serial: 01857321F152FD034E6CBCEA2587D7DA5F1F
Authority key identifier: D0:A1:DB:46:6C:F8:08:20:62:93:D0:7E:65:F2:12:1F:EB:49:A3:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/NBsQoOH-lxiPKyF8-fFKaLJBdIw.roa
Signing time: Mon 02 Jan 2023 15:38:02 +0000
ROA not before: Mon 02 Jan 2023 15:38:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212783
IP address blocks: 2001:678:e0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:f1:52:fd:03:4e:6c:bc:ea:25:87:d7:da:5f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a1db466cf808206293d07e65f2121feb49a33e
Validity
Not Before: Jan 2 15:38:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=341b10a0e1fe97188f2b217cf9f14a68b241748c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d5:30:da:d3:6b:7a:69:fe:a4:97:07:58:a4:
4b:6d:a5:cc:c1:8d:22:35:1f:11:27:c6:86:71:5b:
8e:37:f3:8d:40:80:1c:69:12:f4:53:b6:8a:53:6d:
29:e7:6c:fc:f5:e1:e4:ba:d8:69:7a:52:bf:f4:14:
68:1a:f6:08:80:98:ba:0e:b0:c9:37:eb:4d:fc:df:
eb:eb:04:4f:a2:a9:af:30:3f:2b:19:00:a8:1e:00:
45:a0:3e:35:26:1d:21:fe:5a:4e:d5:a1:f5:aa:ec:
1d:72:65:ac:d2:47:69:a4:37:18:4e:6c:54:5d:f9:
3c:1e:da:b1:c4:9a:5b:83:86:32:ad:b9:9c:fe:0c:
a1:d1:df:62:90:dd:7f:cc:f3:b4:34:65:c8:fa:a1:
b5:dd:fe:0d:c1:cf:52:9e:0c:4f:d9:fd:b8:78:67:
a0:72:b4:c5:05:05:44:e8:8f:40:23:83:8d:42:24:
b0:b7:94:ce:d7:7b:e0:ce:03:8c:20:27:78:9d:03:
bc:87:5f:84:63:e7:b1:0f:98:4d:45:1f:1f:ce:96:
76:e5:63:8c:e9:fc:83:49:7f:d6:50:66:31:94:24:
8b:92:72:19:a1:1e:9d:8a:ff:81:54:5e:80:89:6c:
73:df:37:bd:a2:c3:7e:76:b3:8a:5c:46:c8:4b:23:
59:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1B:10:A0:E1:FE:97:18:8F:2B:21:7C:F9:F1:4A:68:B2:41:74:8C
X509v3 Authority Key Identifier:
keyid:D0:A1:DB:46:6C:F8:08:20:62:93:D0:7E:65:F2:12:1F:EB:49:A3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/NBsQoOH-lxiPKyF8-fFKaLJBdIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e0c::/48
Signature Algorithm: sha256WithRSAEncryption
4b:7c:98:78:28:e5:6a:a2:22:d5:ce:a2:e8:35:19:a2:b3:21:
f6:21:0a:b2:4a:52:6b:1a:71:76:c0:67:ac:29:77:27:43:9d:
65:1a:b4:ff:02:6e:03:7a:cb:c9:a5:bd:79:f7:47:88:2e:2d:
65:9b:88:f4:85:06:29:60:32:49:f1:da:46:d6:00:49:37:c5:
b9:75:26:dc:ea:42:a3:d4:59:a0:7b:28:84:1a:9c:a0:5f:fc:
06:5a:8e:6f:ca:40:49:3b:c2:de:86:ab:88:5a:c4:d6:85:5b:
20:73:ff:fd:e9:af:24:7c:04:7c:42:ea:cf:5b:2d:69:41:81:
35:97:a5:13:1c:5e:04:5b:3e:23:b9:e6:ea:e3:d5:76:1c:17:
b9:4d:4f:cb:0a:f6:e1:3d:14:b3:d1:95:22:75:b1:c5:59:c6:
1f:ed:81:37:b5:e4:51:7e:ec:c7:fc:e4:ec:a9:c3:5b:0b:93:
bf:ed:0e:f1:93:01:2b:6a:a1:b1:c1:e3:34:fa:fb:61:f2:87:
20:13:81:10:6b:2f:f1:2b:36:28:57:69:b9:51:27:63:fc:05:
d2:30:d9:8a:01:c2:b0:50:f6:0a:33:69:28:5e:10:14:d7:aa:
7c:7d:81:b2:cc:4c:4d:1d:11:9a:79:ff:e4:58:75:0f:63:04:
a4:10:75:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVzIfFS/QNObLzqJYfX2l8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTFkYjQ2NmNmODA4MjA2MjkzZDA3ZTY1ZjIxMjFmZWI0
OWEzM2UwHhcNMjMwMTAyMTUzODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFiMTBhMGUxZmU5NzE4OGYyYjIxN2NmOWYxNGE2OGIyNDE3NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktUw2tNremn+pJcHWKRLbaXMwY0i
NR8RJ8aGcVuON/ONQIAcaRL0U7aKU20p52z89eHkuthpelK/9BRoGvYIgJi6DrDJ
N+tN/N/r6wRPoqmvMD8rGQCoHgBFoD41Jh0h/lpO1aH1quwdcmWs0kdppDcYTmxU
Xfk8HtqxxJpbg4Yyrbmc/gyh0d9ikN1/zPO0NGXI+qG13f4Nwc9SngxP2f24eGeg
crTFBQVE6I9AI4ONQiSwt5TO13vgzgOMICd4nQO8h1+EY+exD5hNRR8fzpZ25WOM
6fyDSX/WUGYxlCSLknIZoR6div+BVF6AiWxz3ze9osN+drOKXEbISyNZMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDQbEKDh/pcYjyshfPnxSmiyQXSMMB8GA1UdIwQY
MBaAFNCh20Zs+AggYpPQfmXyEh/rSaM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtIYlJtejRDQ0JpazlCLVpmSVNILXRKb3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xMWNkYWMtNjQxMS00NTRkLWI5NzMt
NDc2MmIwMTBlZjFlLzEvTkJzUW9PSC1seGlQS3lGOC1mRkthTEpCZEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xMWNkYWMtNjQxMS00NTRkLWI5NzMtNDc2MmIwMTBlZjFl
LzEvMEtIYlJtejRDQ0JpazlCLVpmSVNILXRKb3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA4M
MA0GCSqGSIb3DQEBCwUAA4IBAQBLfJh4KOVqoiLVzqLoNRmisyH2IQqySlJrGnF2
wGesKXcnQ51lGrT/Am4DesvJpb1590eILi1lm4j0hQYpYDJJ8dpG1gBJN8W5dSbc
6kKj1FmgeyiEGpygX/wGWo5vykBJO8LehquIWsTWhVsgc//96a8kfAR8QurPWy1p
QYE1l6UTHF4EWz4juebq49V2HBe5TU/LCvbhPRSz0ZUidbHFWcYf7YE3teRRfuzH
/OTsqcNbC5O/7Q7xkwEraqGxweM0+vth8ocgE4EQay/xKzYoV2m5USdj/AXSMNmK
AcKwUPYKM2koXhAU16p8fYGyzExNHRGaef/kWHUPYwSkEHXB
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:32:45 2025 by rpki-client