Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/N6BkdYgeX1x6bChQl7yBTJiMh_E.roa
File: N6BkdYgeX1x6bChQl7yBTJiMh_E.roa (raw, json)
Hash identifier: 5ZBWOXDtu5dcd16rwBHmxEzJgO9B1LYQDnKAJu3v8w8=
Subject key identifier: 37:A0:64:75:88:1E:5F:5C:7A:6C:28:50:97:BC:81:4C:98:8C:87:F1
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 01861D9E2866C805D5599E4064508966F8EC
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/N6BkdYgeX1x6bChQl7yBTJiMh_E.roa
Signing time: Sat 04 Feb 2023 18:09:09 +0000
ROA not before: Sat 04 Feb 2023 18:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200027
IP address blocks: 2a00:cee7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1d:9e:28:66:c8:05:d5:59:9e:40:64:50:89:66:f8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Feb 4 18:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37a06475881e5f5c7a6c285097bc814c988c87f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cf:44:b9:d1:d7:f9:86:ec:63:c3:87:2a:64:
d6:c7:a4:d4:95:93:92:b1:11:b3:07:f2:73:8b:34:
34:d4:27:46:bb:62:b3:a2:a2:af:06:e7:30:46:ba:
27:04:c5:2b:55:31:18:3a:d6:e6:a9:9d:81:47:67:
d6:b3:84:e1:d1:f3:61:d3:08:d2:26:a5:d5:b5:0e:
c8:a7:45:57:05:3e:97:de:d9:11:b9:36:b1:0a:2f:
ca:90:2d:b2:af:82:05:1e:72:52:73:27:52:4c:d0:
a6:67:96:90:d8:0b:54:df:01:22:2b:36:ce:d2:76:
e2:d5:78:02:3d:13:5f:6d:b9:37:b6:f3:f9:2d:ce:
4e:8b:47:4d:df:d0:72:16:1f:5e:d6:6c:45:a8:48:
00:5e:32:04:b2:d0:a6:4c:19:f9:69:e5:7c:e1:fa:
50:20:5e:cc:e5:6e:23:73:f9:ef:a6:2e:13:cc:ba:
93:66:6e:f1:d6:c1:76:b0:88:5c:9d:96:2e:39:c2:
5d:cd:24:19:bf:ee:01:f2:35:ee:99:6c:d7:d8:bc:
08:89:0f:48:76:72:29:0d:2d:4e:18:17:55:c3:67:
13:d9:35:be:fe:d6:d7:fd:ed:e0:22:36:23:6a:4d:
00:e9:4a:4f:b4:ec:8e:9d:c6:c5:3f:ca:3f:6a:a0:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A0:64:75:88:1E:5F:5C:7A:6C:28:50:97:BC:81:4C:98:8C:87:F1
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/N6BkdYgeX1x6bChQl7yBTJiMh_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:cee7::/32
Signature Algorithm: sha256WithRSAEncryption
65:0a:e1:e8:e1:0d:35:ff:61:c2:aa:5e:e0:de:74:fe:79:96:
4d:1f:a1:c1:a6:bb:06:d6:09:5d:a5:2f:e3:2e:d8:fe:09:b2:
9e:70:88:ef:f1:18:e2:58:37:02:0f:00:ec:8a:85:6a:0b:dc:
86:1e:fa:71:25:4b:b1:13:05:50:4f:ec:e0:9d:eb:c7:ab:3d:
d2:18:37:79:05:cd:4a:4d:90:13:75:f0:18:ac:e6:10:f2:8c:
06:67:28:6b:2e:cb:e2:1e:d8:1b:5f:b5:a8:9a:6a:b4:30:ac:
8d:f9:6f:b3:45:18:cb:52:dd:28:a7:cd:83:5f:23:ea:b1:2e:
7c:96:47:cc:9d:32:8c:47:d9:a9:f2:61:05:7e:c9:9e:23:3d:
bf:08:1e:a0:6a:63:4a:4e:3c:79:5a:50:62:26:a8:48:9e:48:
17:5e:3a:53:8c:b6:81:d2:c9:d2:a7:0f:e3:2c:28:3b:c8:88:
1c:36:65:49:d9:70:7f:30:a0:4e:fd:bb:5c:ef:11:30:2c:ee:
8d:57:d8:42:83:a0:46:e4:c2:c5:08:0e:ce:16:4e:35:bb:42:
ff:65:5a:46:b9:13:a0:fb:b3:a6:01:17:cb:36:c6:38:1d:d2:
c4:f0:8e:9e:c4:3b:e6:fe:15:cc:2a:1b:d3:98:9e:fc:76:2e:
70:f4:3d:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYdnihmyAXVWZ5AZFCJZvjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjMwMjA0MTgwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2EwNjQ3NTg4MWU1ZjVjN2E2YzI4NTA5N2JjODE0Yzk4OGM4N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM9EudHX+YbsY8OHKmTWx6TUlZOS
sRGzB/JzizQ01CdGu2KzoqKvBucwRronBMUrVTEYOtbmqZ2BR2fWs4Th0fNh0wjS
JqXVtQ7Ip0VXBT6X3tkRuTaxCi/KkC2yr4IFHnJScydSTNCmZ5aQ2AtU3wEiKzbO
0nbi1XgCPRNfbbk3tvP5Lc5Oi0dN39ByFh9e1mxFqEgAXjIEstCmTBn5aeV84fpQ
IF7M5W4jc/nvpi4TzLqTZm7x1sF2sIhcnZYuOcJdzSQZv+4B8jXumWzX2LwIiQ9I
dnIpDS1OGBdVw2cT2TW+/tbX/e3gIjYjak0A6UpPtOyOncbFP8o/aqDCPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDegZHWIHl9cemwoUJe8gUyYjIfxMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvTjZCa2RZZ2VYMXg2YkNoUWw3eUJUSmlNaF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgDO5zAN
BgkqhkiG9w0BAQsFAAOCAQEAZQrh6OENNf9hwqpe4N50/nmWTR+hwaa7BtYJXaUv
4y7Y/gmynnCI7/EY4lg3Ag8A7IqFagvchh76cSVLsRMFUE/s4J3rx6s90hg3eQXN
Sk2QE3XwGKzmEPKMBmcoay7L4h7YG1+1qJpqtDCsjflvs0UYy1LdKKfNg18j6rEu
fJZHzJ0yjEfZqfJhBX7JniM9vwgeoGpjSk48eVpQYiaoSJ5IF146U4y2gdLJ0qcP
4ywoO8iIHDZlSdlwfzCgTv27XO8RMCzujVfYQoOgRuTCxQgOzhZONbtC/2VaRrkT
oPuzpgEXyzbGOB3SxPCOnsQ75v4VzCob05ie/HYucPQ9AA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:40 2025 by rpki-client