Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/psiTmcu_-a1tk7-jV_vLm36BVdI.roa
File: psiTmcu_-a1tk7-jV_vLm36BVdI.roa (raw, json)
Hash identifier: Ml2CpsQGiqknPEE2S/kVf63db+aBr5+/zxH+LNuo70s=
Subject key identifier: A6:C8:93:99:CB:BF:F9:AD:6D:93:BF:A3:57:FB:CB:9B:7E:81:55:D2
Certificate issuer: /CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Certificate serial: 01856D4197A1788E036B12ECA2C2C6C6D05E
Authority key identifier: 34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/psiTmcu_-a1tk7-jV_vLm36BVdI.roa
Signing time: Sun 01 Jan 2023 12:14:53 +0000
ROA not before: Sun 01 Jan 2023 12:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213220
IP address blocks: 2a03:e140:3a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:97:a1:78:8e:03:6b:12:ec:a2:c2:c6:c6:d0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Validity
Not Before: Jan 1 12:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6c89399cbbff9ad6d93bfa357fbcb9b7e8155d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5c:da:df:38:3c:10:46:92:66:83:a1:ea:db:
1b:68:d5:9f:21:97:c5:72:a0:eb:93:08:75:39:18:
82:1a:2d:c6:14:fb:76:d9:68:d8:22:01:d6:0a:0a:
62:d9:27:33:68:bb:ee:d3:50:0d:b1:15:07:62:6d:
9e:5b:84:da:1c:dd:95:c5:cb:da:f7:2c:76:21:c5:
b4:8e:5c:47:8d:90:84:a5:42:de:33:54:6f:a6:88:
eb:df:a9:fb:c4:61:9c:e7:cf:51:ef:fe:ac:14:eb:
71:4f:3a:18:9a:c7:8a:33:4e:f1:8b:ee:49:56:45:
02:0e:e8:40:8d:5f:d5:3b:54:69:88:8c:ed:73:c6:
e7:b1:43:40:18:24:8e:91:41:e4:bd:31:9a:4c:5d:
62:5d:0f:42:7a:8f:30:00:48:f4:ed:7a:52:45:08:
8b:80:00:af:18:d1:c6:ba:13:38:7d:43:75:42:4c:
c9:c4:c0:21:ff:e7:9c:18:91:c9:5c:bc:0e:3c:27:
5b:6f:99:b0:f5:e1:2b:df:9a:80:10:62:aa:59:e3:
13:28:ff:b9:29:92:cb:57:f8:67:9c:88:44:7f:06:
46:5d:be:02:bc:0c:dc:42:f6:97:0d:6e:d1:ab:e4:
60:7e:90:d8:59:9f:e6:b4:22:77:b0:7d:fc:f5:ef:
87:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C8:93:99:CB:BF:F9:AD:6D:93:BF:A3:57:FB:CB:9B:7E:81:55:D2
X509v3 Authority Key Identifier:
keyid:34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/psiTmcu_-a1tk7-jV_vLm36BVdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/NHK1U_DLCxOQDUwuDmx3msoD47E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e140:3a::/48
Signature Algorithm: sha256WithRSAEncryption
0c:14:c7:8c:be:ae:3a:24:75:54:29:28:c8:07:2f:7c:ae:b2:
3f:29:4b:b5:a0:51:ba:f8:80:1a:6a:c4:4e:d9:51:cb:a6:01:
ff:ed:41:17:26:23:d1:51:2b:1c:fa:9b:a3:9e:56:58:94:0f:
22:95:e5:ca:07:e3:61:a4:4a:6c:c6:a9:b3:e8:03:4c:f4:e1:
eb:b8:a0:96:f2:05:b1:15:2e:b6:cf:7d:83:f8:87:b4:e9:be:
8f:74:45:ee:51:2c:de:5e:5e:44:cd:a9:ae:30:6c:1e:5b:7d:
f6:b3:95:42:5d:d0:d9:02:d1:48:21:ec:a3:67:36:fe:86:0b:
bd:82:c6:af:c5:13:2c:96:2b:31:c7:81:6e:8c:2f:38:64:81:
0e:76:b9:ad:51:03:87:a1:2c:f3:55:52:fb:83:ca:48:40:ad:
be:d5:ad:9d:8e:49:3b:f4:67:d8:db:65:65:5c:97:09:ad:bb:
37:80:79:43:b1:e1:f4:3e:33:2f:9a:9e:7b:bc:00:bd:90:42:
01:13:ce:28:f4:97:88:18:37:fd:4d:d9:fa:df:6c:4a:2d:86:
69:b6:cb:04:b7:64:12:7d:bd:c5:06:46:b3:c1:be:98:f1:e7:
d9:7d:0a:a2:ed:1f:2e:04:9b:93:f2:c2:05:b3:af:1d:34:e2:
2a:44:51:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtQZeheI4DaxLsosLGxtBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzJiNTUzZjBjYjBiMTM5MDBkNGMyZTBlNmM3NzlhY2Ew
M2UzYjEwHhcNMjMwMTAxMTIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmM4OTM5OWNiYmZmOWFkNmQ5M2JmYTM1N2ZiY2I5YjdlODE1NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1za3zg8EEaSZoOh6tsbaNWfIZfF
cqDrkwh1ORiCGi3GFPt22WjYIgHWCgpi2SczaLvu01ANsRUHYm2eW4TaHN2Vxcva
9yx2IcW0jlxHjZCEpULeM1Rvpojr36n7xGGc589R7/6sFOtxTzoYmseKM07xi+5J
VkUCDuhAjV/VO1RpiIztc8bnsUNAGCSOkUHkvTGaTF1iXQ9Ceo8wAEj07XpSRQiL
gACvGNHGuhM4fUN1QkzJxMAh/+ecGJHJXLwOPCdbb5mw9eEr35qAEGKqWeMTKP+5
KZLLV/hnnIhEfwZGXb4CvAzcQvaXDW7Rq+RgfpDYWZ/mtCJ3sH389e+H7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKbIk5nLv/mtbZO/o1f7y5t+gVXSMB8GA1UdIwQY
MBaAFDRytVPwywsTkA1MLg5sd5rKA+OxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmIt
MGQyMDUyNWVkYzc0LzEvcHNpVG1jdV8tYTF0azctalZfdkxtMzZCVmRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmItMGQyMDUyNWVkYzc0
LzEvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgPhQAA6
MA0GCSqGSIb3DQEBCwUAA4IBAQAMFMeMvq46JHVUKSjIBy98rrI/KUu1oFG6+IAa
asRO2VHLpgH/7UEXJiPRUSsc+pujnlZYlA8ileXKB+NhpEpsxqmz6ANM9OHruKCW
8gWxFS62z32D+Ie06b6PdEXuUSzeXl5EzamuMGweW332s5VCXdDZAtFIIeyjZzb+
hgu9gsavxRMslisxx4FujC84ZIEOdrmtUQOHoSzzVVL7g8pIQK2+1a2djkk79GfY
22VlXJcJrbs3gHlDseH0PjMvmp57vAC9kEIBE84o9JeIGDf9Tdn632xKLYZptssE
t2QSfb3FBkazwb6Y8efZfQqi7R8uBJuT8sIFs68dNOIqRFGv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:34 2025 by rpki-client