Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/NSFmFrlM6HIr8mKAhH1YniDXJ34.roa
File: NSFmFrlM6HIr8mKAhH1YniDXJ34.roa (raw, json)
Hash identifier: 0WUHCb8AzusqqK7IwoDAgvX4MLXAbRzQxnQWvHePHhA=
Subject key identifier: 35:21:66:16:B9:4C:E8:72:2B:F2:62:80:84:7D:58:9E:20:D7:27:7E
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 10C689CE
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/NSFmFrlM6HIr8mKAhH1YniDXJ34.roa
Signing time: Sat 01 Jan 2022 02:59:47 +0000
ROA not before: Sat 01 Jan 2022 02:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203905
IP address blocks: 2a00:6ba0:dddd::/48 maxlen: 48
2a00:6ba0:bbbb::/48 maxlen: 48
2a00:6ba0:eeee::/48 maxlen: 48
2a00:6ba0:cccc::/48 maxlen: 48
2a00:6ba0:ffff::/48 maxlen: 48
2a00:6ba0:aaaa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281446862 (0x10c689ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 02:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35216616b94ce8722bf26280847d589e20d7277e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d9:28:31:19:6d:df:4d:e3:0f:09:e7:0f:a5:
81:b3:75:5d:b7:ef:21:3c:63:be:76:4b:84:21:8a:
35:34:c0:58:72:7c:0d:1e:14:3a:31:63:12:91:01:
a9:eb:b3:7f:49:e2:9c:d5:33:58:ba:59:bc:04:8b:
fa:bc:5c:a5:89:cb:16:05:d5:b3:48:4e:06:c2:92:
3a:98:0f:16:fd:3d:cf:32:2e:e2:b0:f7:52:20:4f:
65:b0:1d:c2:d5:e6:c3:65:38:9f:28:79:1d:1b:c3:
0d:f1:a8:ff:56:68:80:75:a8:38:47:56:03:4e:36:
9a:54:ab:e4:a0:d6:3a:72:a9:1c:c9:7a:31:ef:69:
dd:38:71:9d:47:8c:57:8f:e3:5a:b9:98:c3:81:6c:
21:55:34:48:df:1f:42:1c:ad:76:b8:95:4b:62:a7:
16:e8:0f:d5:a1:46:41:a5:1f:de:5c:5d:f1:45:dc:
b8:2d:40:d3:1a:62:07:31:ff:08:19:fb:f7:84:63:
94:4f:9e:1b:3f:57:d4:42:7e:f2:d8:61:86:c5:52:
24:01:8b:f3:da:a7:0e:02:25:2f:40:07:64:c4:38:
e3:51:6c:c1:cb:a9:a6:49:b8:00:e0:6e:1d:dc:c7:
9a:76:98:c7:af:47:b1:52:df:13:69:a4:56:ca:51:
a5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:21:66:16:B9:4C:E8:72:2B:F2:62:80:84:7D:58:9E:20:D7:27:7E
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/NSFmFrlM6HIr8mKAhH1YniDXJ34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6ba0:aaaa::/48
2a00:6ba0:bbbb::/48
2a00:6ba0:cccc::/48
2a00:6ba0:dddd::/48
2a00:6ba0:eeee::/48
2a00:6ba0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
59:ce:02:85:11:fb:65:b6:0d:d2:a3:de:e4:4e:25:0e:f6:77:
9a:8b:07:50:60:b1:df:fd:0d:e0:79:a0:fe:5b:82:35:72:4e:
f0:5a:e5:7e:d6:5d:37:2e:34:5f:8a:67:77:95:fb:f6:5c:74:
20:1b:31:3b:d9:8e:69:48:b6:80:d5:13:62:5e:0f:72:3c:5d:
ac:d3:ea:50:6d:f0:ec:c9:ea:22:eb:a2:f6:0b:aa:a0:ee:92:
b1:f2:93:0a:03:88:cb:fe:78:07:c5:ae:d6:9a:f8:75:85:62:
f2:5f:e8:51:69:e1:f4:e8:38:6a:b4:f9:ca:c4:22:15:94:94:
85:b3:15:03:4b:58:f2:72:78:ee:18:87:21:3f:6a:c4:90:cd:
29:1f:6f:5c:d9:1e:98:27:13:bd:30:2d:d0:b5:1b:b5:f0:b3:
d5:67:69:01:e7:78:53:42:de:13:0e:7d:37:14:d8:a8:0e:ca:
5d:73:1d:01:fe:a7:54:34:e5:37:b0:e1:6e:6f:0b:75:6f:84:
21:84:52:4d:cf:46:76:87:1b:10:29:fe:06:e2:1f:20:f7:f7:
d9:7b:ec:3a:b1:a0:d5:39:04:c4:67:b0:31:8d:db:fe:4f:1c:
8a:da:03:71:fe:1b:21:05:24:08:7b:c3:46:d9:17:58:41:7d:
29:3b:ec:61
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEEMaJzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGNhM2YzOGQ4ZTVhMzAxZWFmNjkyNGI5MjRmZThmNTdhYWM2OTBkMB4XDTIyMDEw
MTAyNTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUyMTY2MTZiOTRj
ZTg3MjJiZjI2MjgwODQ3ZDU4OWUyMGQ3Mjc3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnZKDEZbd9N4w8J5w+lgbN1XbfvITxjvnZLhCGKNTTAWHJ8
DR4UOjFjEpEBqeuzf0ninNUzWLpZvASL+rxcpYnLFgXVs0hOBsKSOpgPFv09zzIu
4rD3UiBPZbAdwtXmw2U4nyh5HRvDDfGo/1ZogHWoOEdWA042mlSr5KDWOnKpHMl6
Me9p3ThxnUeMV4/jWrmYw4FsIVU0SN8fQhytdriVS2KnFugP1aFGQaUf3lxd8UXc
uC1A0xpiBzH/CBn794RjlE+eGz9X1EJ+8thhhsVSJAGL89qnDgIlL0AHZMQ441Fs
wcuppkm4AOBuHdzHmnaYx69HsVLfE2mkVspRpYMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQ1IWYWuUzocivyYoCEfVieINcnfjAfBgNVHSMEGDAWgBQ4yj842OWjAer2
kkuST+j1eqxpDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09Nb19PTmpsb3dIcTlwSkxra19vOVhxc2FRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvYmE2NzU1LTQyNzMtNDhlMS04NTgyLTcxMmZhNjVhMjViYS8x
L05TRm1GcmxNNkhJcjhtS0FoSDFZbmlEWEozNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
YmE2NzU1LTQyNzMtNDhlMS04NTgyLTcxMmZhNjVhMjViYS8xL09Nb19PTmpsb3dI
cTlwSkxra19vOVhxc2FRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAIwNgMHACoAa6CqqgMHACoAa6C7uwMHACoA
a6DMzAMHACoAa6Dd3QMHACoAa6Du7gMHACoAa6D//zANBgkqhkiG9w0BAQsFAAOC
AQEAWc4ChRH7ZbYN0qPe5E4lDvZ3mosHUGCx3/0N4Hmg/luCNXJO8FrlftZdNy40
X4pnd5X79lx0IBsxO9mOaUi2gNUTYl4PcjxdrNPqUG3w7MnqIuui9guqoO6SsfKT
CgOIy/54B8Wu1pr4dYVi8l/oUWnh9Og4arT5ysQiFZSUhbMVA0tY8nJ47hiHIT9q
xJDNKR9vXNkemCcTvTAt0LUbtfCz1WdpAed4U0LeEw59NxTYqA7KXXMdAf6nVDTl
N7Dhbm8LdW+EIYRSTc9GdocbECn+BuIfIPf32XvsOrGg1TkExGewMY3b/k8citoD
cf4bIQUkCHvDRtkXWEF9KTvsYQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:48 2025 by rpki-client