Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/BNl66AAQrytZlg0JYomhi2UZmJ0.roa
File: BNl66AAQrytZlg0JYomhi2UZmJ0.roa (raw, json)
Hash identifier: Mv3MDpfyFNEcvotJR+SVbo3AqV7Zjs/qrDCH3nGn7C4=
Subject key identifier: 04:D9:7A:E8:00:10:AF:2B:59:96:0D:09:62:89:A1:8B:65:19:98:9D
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 01856E2FD4C40A55392B386088FCC9519777
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/BNl66AAQrytZlg0JYomhi2UZmJ0.roa
Signing time: Sun 01 Jan 2023 16:35:06 +0000
ROA not before: Sun 01 Jan 2023 16:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207134
IP address blocks: 2a01:b960:2305::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:d4:c4:0a:55:39:2b:38:60:88:fc:c9:51:97:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 16:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04d97ae80010af2b59960d096289a18b6519989d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:82:54:46:2e:0a:e7:20:58:1f:06:7a:be:
2d:21:a2:7e:52:31:cd:b5:5f:25:db:69:b1:5c:76:
64:c4:b6:ca:5f:7d:1a:c2:65:d4:df:59:71:f7:64:
8b:55:85:21:56:b0:5b:5d:57:ec:5d:6a:ee:b5:2a:
4c:37:26:6d:94:5f:56:39:7d:2c:13:b9:62:45:a4:
0e:de:55:7f:1b:36:89:95:8d:2f:7b:b0:1f:6c:19:
7c:8c:87:d9:96:a4:c5:31:52:65:eb:ee:17:7b:e4:
c0:c4:73:df:b1:f6:82:9e:bc:c4:b7:0c:45:af:5a:
03:11:7f:a8:36:e0:dc:17:03:5c:2a:06:30:25:9c:
7f:19:28:1d:ff:04:d7:a5:34:5e:f6:c5:fa:76:03:
1d:ab:3b:80:6f:a6:92:8b:9f:33:73:71:4a:33:c6:
7c:49:67:9d:bd:ec:30:a7:a3:3d:78:ab:3a:8c:42:
a1:52:92:62:5d:e5:83:0c:54:33:b7:d8:4b:4a:7a:
f2:4c:e8:36:40:50:69:ce:9f:da:66:00:5f:11:bd:
0d:74:60:88:2f:ca:aa:c0:df:02:a0:4f:2c:ce:9e:
d6:ca:89:e9:65:e9:61:e1:2c:70:c9:41:ec:05:19:
d0:8e:6f:91:09:5b:e6:e7:79:5e:05:df:e1:7a:02:
49:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D9:7A:E8:00:10:AF:2B:59:96:0D:09:62:89:A1:8B:65:19:98:9D
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/BNl66AAQrytZlg0JYomhi2UZmJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2305::/48
Signature Algorithm: sha256WithRSAEncryption
18:27:57:14:4d:a2:64:56:0a:e0:ca:78:b4:5d:3b:29:d9:f1:
aa:cd:22:d6:69:1c:b2:bb:ef:8c:bc:16:9d:c8:15:be:58:e8:
29:9f:77:a9:cc:83:a4:5b:e2:f9:bb:a4:db:07:fa:f7:56:2a:
cd:ba:76:7e:af:76:31:f2:c3:96:af:71:a0:b5:5a:a8:dd:ad:
40:60:d1:57:c5:43:5b:aa:d1:b7:54:17:f7:f4:a8:99:41:40:
c3:d3:a1:84:12:6a:14:bf:6a:86:1a:60:90:1e:3f:f6:4c:8f:
f4:b6:c8:d8:38:1a:63:e5:b0:1d:b6:98:9b:a4:dd:07:63:96:
90:c3:bb:1c:5c:32:5e:94:be:cc:b8:e4:b7:ce:f8:6d:4a:c3:
0d:f8:c3:f8:6e:65:3f:d7:c7:69:b8:ac:61:2f:c9:6f:92:f9:
0e:2a:22:64:38:f4:58:5b:0e:41:3f:c3:f3:d2:41:03:21:78:
3f:a2:15:2d:32:d1:cf:ec:79:d2:34:14:8f:19:a8:cf:4b:a6:
64:5e:de:c0:36:59:c4:17:b9:70:1e:b8:a0:e5:b4:71:74:b3:
a6:cd:07:c0:50:5d:43:99:07:2a:f7:20:4a:91:25:57:86:30:
42:95:21:b2:6b:a3:8b:03:a6:8c:cf:18:62:56:81:0f:1a:f7:
d7:d9:bf:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuL9TEClU5KzhgiPzJUZd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjMwMTAxMTYzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQ5N2FlODAwMTBhZjJiNTk5NjBkMDk2Mjg5YTE4YjY1MTk5ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiWCVEYuCucgWB8Ger4tIaJ+UjHN
tV8l22mxXHZkxLbKX30awmXU31lx92SLVYUhVrBbXVfsXWrutSpMNyZtlF9WOX0s
E7liRaQO3lV/GzaJlY0ve7AfbBl8jIfZlqTFMVJl6+4Xe+TAxHPfsfaCnrzEtwxF
r1oDEX+oNuDcFwNcKgYwJZx/GSgd/wTXpTRe9sX6dgMdqzuAb6aSi58zc3FKM8Z8
SWedvewwp6M9eKs6jEKhUpJiXeWDDFQzt9hLSnryTOg2QFBpzp/aZgBfEb0NdGCI
L8qqwN8CoE8szp7WyonpZelh4SxwyUHsBRnQjm+RCVvm53leBd/hegJJQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFATZeugAEK8rWZYNCWKJoYtlGZidMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvQk5sNjZBQVFyeXRabGcwSllvbWhpMlVabUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMF
MA0GCSqGSIb3DQEBCwUAA4IBAQAYJ1cUTaJkVgrgyni0XTsp2fGqzSLWaRyyu++M
vBadyBW+WOgpn3epzIOkW+L5u6TbB/r3VirNunZ+r3Yx8sOWr3GgtVqo3a1AYNFX
xUNbqtG3VBf39KiZQUDD06GEEmoUv2qGGmCQHj/2TI/0tsjYOBpj5bAdtpibpN0H
Y5aQw7scXDJelL7MuOS3zvhtSsMN+MP4bmU/18dpuKxhL8lvkvkOKiJkOPRYWw5B
P8Pz0kEDIXg/ohUtMtHP7HnSNBSPGajPS6ZkXt7ANlnEF7lwHrig5bRxdLOmzQfA
UF1DmQcq9yBKkSVXhjBClSGya6OLA6aMzxhiVoEPGvfX2b/Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:44 2025 by rpki-client