Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/NkqDa6nbQztWYmhzfG-CePpIves.roa
File: NkqDa6nbQztWYmhzfG-CePpIves.roa (raw, json)
Hash identifier: H2+vqhCXgzhkNjSx1tePeo1KJMcn5sborsMXgnEA2l4=
Subject key identifier: 36:4A:83:6B:A9:DB:43:3B:56:62:68:73:7C:6F:82:78:FA:48:BD:EB
Certificate issuer: /CN=3c859ed693ce3de059caa0a0c1e4245c5e9e37e4
Certificate serial: 01899CCCFBBF83E3F361F5F07492A85045C8
Authority key identifier: 3C:85:9E:D6:93:CE:3D:E0:59:CA:A0:A0:C1:E4:24:5C:5E:9E:37:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIWe1pPOPeBZyqCgweQkXF6eN-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/NkqDa6nbQztWYmhzfG-CePpIves.roa
Signing time: Fri 28 Jul 2023 14:00:26 +0000
ROA not before: Fri 28 Jul 2023 14:00:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198150
IP address blocks: 2a13:9cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:cc:fb:bf:83:e3:f3:61:f5:f0:74:92:a8:50:45:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c859ed693ce3de059caa0a0c1e4245c5e9e37e4
Validity
Not Before: Jul 28 14:00:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=364a836ba9db433b566268737c6f8278fa48bdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:16:e8:82:b5:94:cf:45:1e:08:f3:a0:83:90:
a2:7d:d8:70:ab:e3:48:82:1e:a1:06:30:18:37:95:
14:5f:16:d4:dc:79:48:4f:dc:b6:2a:74:2e:03:32:
75:0e:e3:ee:bf:33:8c:4c:63:ec:ff:a1:39:0e:d5:
41:16:69:4c:bf:e8:cf:64:0c:db:53:7f:4c:b4:6a:
47:8b:7f:31:14:c7:89:ae:2b:7f:5c:6b:2b:26:a5:
c1:4c:84:08:a8:11:f0:89:dd:be:52:55:83:2b:6c:
ac:bc:a1:84:8e:7a:8c:bd:0f:be:93:aa:9c:ae:60:
34:cd:14:ca:3d:da:97:e4:bb:4d:c1:bb:7a:e7:cb:
a1:a4:bf:12:1f:80:da:c4:f2:aa:4f:73:23:03:da:
72:07:c7:c4:45:e9:8f:cf:5a:19:2c:3b:15:77:bb:
fd:37:86:99:94:cc:d3:68:17:bb:38:41:e1:08:08:
fb:28:60:c9:1d:47:c4:b8:9f:12:e1:60:5e:b8:11:
47:45:03:af:48:14:71:b9:21:62:23:31:62:fd:e5:
ac:78:1f:84:21:3c:3a:7a:95:7e:96:fd:4e:25:1a:
ae:93:1b:5c:fd:9d:36:7c:a2:b8:46:cc:62:f2:de:
21:7a:df:1f:47:af:9e:2f:2b:bb:c9:40:e4:87:d8:
34:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4A:83:6B:A9:DB:43:3B:56:62:68:73:7C:6F:82:78:FA:48:BD:EB
X509v3 Authority Key Identifier:
keyid:3C:85:9E:D6:93:CE:3D:E0:59:CA:A0:A0:C1:E4:24:5C:5E:9E:37:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIWe1pPOPeBZyqCgweQkXF6eN-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/NkqDa6nbQztWYmhzfG-CePpIves.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/PIWe1pPOPeBZyqCgweQkXF6eN-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:03:9d:eb:d9:6c:e5:12:97:19:9d:28:db:12:87:5b:39:b8:
46:ab:e3:f5:37:76:be:0a:fb:d1:56:33:ff:31:44:e3:f6:ff:
95:0e:42:b2:0b:f9:4a:a6:7a:3d:78:57:d6:5c:ce:9d:bf:15:
60:95:a7:6b:b7:75:e3:b1:6c:09:ad:76:5a:85:0a:35:32:19:
40:b4:d7:da:87:ea:be:08:51:be:b0:8a:db:78:43:87:59:e5:
5e:17:73:b1:71:d2:69:0e:ca:0b:c7:89:a2:5f:d3:1f:b3:9a:
5e:92:ac:af:69:8f:89:13:98:c4:0b:42:8c:93:0e:f3:84:db:
10:0a:bc:97:02:bc:8a:63:dc:ca:fb:7d:1f:ad:c4:ba:4d:75:
4d:65:44:15:7f:a6:a9:2b:68:d2:42:dc:90:09:2a:60:60:0c:
01:a1:cf:48:53:16:7c:c3:28:4f:f5:7c:44:69:18:e5:8e:88:
4e:1e:8c:c2:f7:ec:b8:17:3e:1c:71:75:0d:f5:77:eb:46:8b:
a2:4b:e0:88:83:56:53:47:fa:e4:99:f5:fa:bc:2a:ed:44:9b:
6d:56:b3:c0:af:73:41:26:d1:e1:3b:7b:aa:97:d2:b1:f1:16:
e2:cf:4a:1e:cd:f3:36:44:19:a9:d7:b4:46:7c:fd:95:e8:7d:
bd:e3:5a:ff
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYmczPu/g+PzYfXwdJKoUEXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODU5ZWQ2OTNjZTNkZTA1OWNhYTBhMGMxZTQyNDVjNWU5
ZTM3ZTQwHhcNMjMwNzI4MTQwMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRhODM2YmE5ZGI0MzNiNTY2MjY4NzM3YzZmODI3OGZhNDhiZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBbogrWUz0UeCPOgg5Cifdhwq+NI
gh6hBjAYN5UUXxbU3HlIT9y2KnQuAzJ1DuPuvzOMTGPs/6E5DtVBFmlMv+jPZAzb
U39MtGpHi38xFMeJrit/XGsrJqXBTIQIqBHwid2+UlWDK2ysvKGEjnqMvQ++k6qc
rmA0zRTKPdqX5LtNwbt658uhpL8SH4DaxPKqT3MjA9pyB8fERemPz1oZLDsVd7v9
N4aZlMzTaBe7OEHhCAj7KGDJHUfEuJ8S4WBeuBFHRQOvSBRxuSFiIzFi/eWseB+E
ITw6epV+lv1OJRqukxtc/Z02fKK4Rsxi8t4het8fR6+eLyu7yUDkh9g0ZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDZKg2up20M7VmJoc3xvgnj6SL3rMB8GA1UdIwQY
MBaAFDyFntaTzj3gWcqgoMHkJFxenjfkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElXZTFwUE9QZUJaeXFDZ3dlUWtYRjZlTi1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9mZDkwNTQtNzc4ZC00MTNkLTllOTUt
NTUxMWRhYTcyNzc4LzEvTmtxRGE2bmJRenRXWW1oemZHLUNlUHBJdmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9mZDkwNTQtNzc4ZC00MTNkLTllOTUtNTUxMWRhYTcyNzc4
LzEvUElXZTFwUE9QZUJaeXFDZ3dlUWtYRjZlTi1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOcwDAN
BgkqhkiG9w0BAQsFAAOCAQEAjgOd69ls5RKXGZ0o2xKHWzm4Rqvj9Td2vgr70VYz
/zFE4/b/lQ5Csgv5SqZ6PXhX1lzOnb8VYJWna7d147FsCa12WoUKNTIZQLTX2ofq
vghRvrCK23hDh1nlXhdzsXHSaQ7KC8eJol/TH7OaXpKsr2mPiROYxAtCjJMO84Tb
EAq8lwK8imPcyvt9H63Euk11TWVEFX+mqSto0kLckAkqYGAMAaHPSFMWfMMoT/V8
RGkY5Y6ITh6MwvfsuBc+HHF1DfV360aLokvgiINWU0f65Jn1+rwq7USbbVazwK9z
QSbR4Tt7qpfSsfEW4s9KHs3zNkQZqde0Rnz9leh9veNa/w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:55 2025 by rpki-client