Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/5ZmkNH4DH2NU28Mkn2WDyVP_4qM.roa
File: 5ZmkNH4DH2NU28Mkn2WDyVP_4qM.roa (raw, json)
Hash identifier: 3w4jfBN8WKWNL4oR83mdXzQdp4OhKOpWK8Qjhincsn8=
Subject key identifier: E5:99:A4:34:7E:03:1F:63:54:DB:C3:24:9F:65:83:C9:53:FF:E2:A3
Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Certificate serial: 01856F8B9F9BBE8C4606435D76AFFDC3C611
Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/5ZmkNH4DH2NU28Mkn2WDyVP_4qM.roa
Signing time: Sun 01 Jan 2023 22:54:59 +0000
ROA not before: Sun 01 Jan 2023 22:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 2a0b:32c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:9f:9b:be:8c:46:06:43:5d:76:af:fd:c3:c6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8
Validity
Not Before: Jan 1 22:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e599a4347e031f6354dbc3249f6583c953ffe2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:92:49:83:a9:ac:df:0d:d4:bc:8d:c0:c6:7c:
97:a8:c7:f9:73:7b:0d:8c:80:92:42:30:ae:a2:90:
9a:c7:58:4d:bc:da:11:ed:1c:c8:0d:b1:21:8a:a4:
51:61:e9:99:d4:73:bf:17:2c:bd:6b:6f:12:29:c0:
75:0e:99:de:e1:6b:24:a7:cc:19:1e:3d:7d:01:31:
83:3a:ee:5b:f0:35:e9:75:a2:e7:7e:4c:52:b7:33:
4a:90:45:ef:a8:61:89:96:75:87:5c:42:71:c3:e0:
e2:b6:05:03:61:03:a6:8b:07:fc:2e:27:7d:d8:56:
c4:f6:fb:a6:15:bd:c6:71:10:e1:0c:1a:a9:50:19:
73:d6:37:66:df:59:eb:d1:e2:ba:cb:e5:05:84:d2:
c7:dd:cd:f2:2f:b2:46:a4:39:ee:07:87:f7:0f:f7:
fd:c8:51:c5:f3:0b:12:6f:ee:30:8c:8a:1e:2f:00:
38:a0:31:b9:4a:98:e8:1c:3a:bb:11:e7:e8:00:1c:
17:78:8e:bf:8f:80:9a:96:d7:6e:68:49:3e:10:79:
90:63:8f:a0:e7:bc:f4:d3:7d:a9:3e:26:a0:af:64:
e5:ab:95:30:f1:2b:b7:18:ee:e4:a4:86:f0:4a:d6:
7c:c5:07:b9:1a:6c:14:8e:f1:99:03:3f:ec:e7:9b:
e3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:99:A4:34:7E:03:1F:63:54:DB:C3:24:9F:65:83:C9:53:FF:E2:A3
X509v3 Authority Key Identifier:
keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/5ZmkNH4DH2NU28Mkn2WDyVP_4qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:32c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:c7:30:f4:f1:ba:62:9e:32:fb:20:19:c7:dd:4e:97:fc:cd:
1e:41:8b:f3:96:ab:37:e4:67:ff:8d:40:16:3b:30:28:14:89:
3d:7c:c2:4b:99:ec:10:5b:30:6c:9f:36:df:48:8c:75:6a:14:
05:c6:11:05:d0:65:aa:da:a4:b7:ef:5a:e6:11:c9:83:f6:69:
7b:fc:39:23:2f:4e:f0:e4:fd:07:00:54:93:4d:78:d9:cf:9d:
02:ad:e4:f2:f6:c6:08:31:d3:40:53:cf:c3:bd:28:27:9f:8a:
5d:dc:d7:16:23:2e:d6:1c:68:35:23:ba:83:37:38:69:3d:c7:
e9:5e:bf:f2:36:79:a6:de:5d:9d:e6:7c:29:25:2d:4b:5b:c1:
31:9b:c5:03:02:c1:4d:c7:0d:c3:10:47:17:4f:af:2f:f4:ed:
eb:3b:23:72:0b:ec:b5:3b:06:61:b4:02:90:75:95:c7:9d:46:
d9:3f:b8:db:47:0b:6d:9c:ca:c9:cd:8c:c7:e4:04:83:3c:ca:
57:bc:7e:ec:b3:ec:e1:41:b0:35:09:2a:78:a4:67:71:39:29:
f9:13:81:02:07:07:87:03:5c:48:a2:ca:e4:5b:6e:91:17:cb:
0c:cc:b8:68:df:96:10:cf:a0:85:65:de:2c:58:71:e0:69:d9:
9e:6a:f1:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvi5+bvoxGBkNddq/9w8YRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjM0ZjE0NTg2ZTM5OWNkMzgwMmQ5Yzg4YjFlNjdkOGRk
YjAzYTgwHhcNMjMwMTAxMjI1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk5YTQzNDdlMDMxZjYzNTRkYmMzMjQ5ZjY1ODNjOTUzZmZlMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJJJg6ms3w3UvI3AxnyXqMf5c3sN
jICSQjCuopCax1hNvNoR7RzIDbEhiqRRYemZ1HO/Fyy9a28SKcB1Dpne4Wskp8wZ
Hj19ATGDOu5b8DXpdaLnfkxStzNKkEXvqGGJlnWHXEJxw+DitgUDYQOmiwf8Lid9
2FbE9vumFb3GcRDhDBqpUBlz1jdm31nr0eK6y+UFhNLH3c3yL7JGpDnuB4f3D/f9
yFHF8wsSb+4wjIoeLwA4oDG5SpjoHDq7EefoABwXeI6/j4CaltduaEk+EHmQY4+g
57z0032pPiagr2Tlq5Uw8Su3GO7kpIbwStZ8xQe5GmwUjvGZAz/s55vjmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOWZpDR+Ax9jVNvDJJ9lg8lT/+KjMB8GA1UdIwQY
MBaAFGZjTxRYbjmc04AtnIix5n2N2wOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDct
MTcxZGI0NjkwYzBhLzEvNVpta05INERIMk5VMjhNa24yV0R5VlBfNHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDctMTcxZGI0NjkwYzBh
LzEvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgsywDAN
BgkqhkiG9w0BAQsFAAOCAQEAGccw9PG6Yp4y+yAZx91Ol/zNHkGL85arN+Rn/41A
FjswKBSJPXzCS5nsEFswbJ8230iMdWoUBcYRBdBlqtqkt+9a5hHJg/Zpe/w5Iy9O
8OT9BwBUk0142c+dAq3k8vbGCDHTQFPPw70oJ5+KXdzXFiMu1hxoNSO6gzc4aT3H
6V6/8jZ5pt5dneZ8KSUtS1vBMZvFAwLBTccNwxBHF0+vL/Tt6zsjcgvstTsGYbQC
kHWVx51G2T+420cLbZzKyc2Mx+QEgzzKV7x+7LPs4UGwNQkqeKRncTkp+ROBAgcH
hwNcSKLK5FtukRfLDMy4aN+WEM+ghWXeLFhx4GnZnmrxrQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:56 2025 by rpki-client