Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/uZdwYG7NTA9scSPjpJA7adSymGI.roa
File: uZdwYG7NTA9scSPjpJA7adSymGI.roa (raw, json)
Hash identifier: ozvnVPtI+nC6S2C+6z0T+bajr6fEKMwOlK1riUVMZQw=
Subject key identifier: B9:97:70:60:6E:CD:4C:0F:6C:71:23:E3:A4:90:3B:69:D4:B2:98:62
Certificate issuer: /CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Certificate serial: 0182C4C607B701DCE7443669AA7923EA65B7
Authority key identifier: 34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/uZdwYG7NTA9scSPjpJA7adSymGI.roa
Signing time: Mon 22 Aug 2022 08:58:08 +0000
ROA not before: Mon 22 Aug 2022 08:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 2a03:e140:3a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:c6:07:b7:01:dc:e7:44:36:69:aa:79:23:ea:65:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Validity
Not Before: Aug 22 08:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b99770606ecd4c0f6c7123e3a4903b69d4b29862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5c:cf:75:26:3d:4c:b2:47:c8:ac:a1:77:4a:
70:b0:f7:97:cc:74:35:18:c0:e4:38:cf:50:f2:f0:
62:f4:c6:77:f5:bc:7e:a1:09:77:88:d5:37:56:4c:
04:7d:25:91:e4:99:9d:40:ce:c3:88:3c:4f:1e:ea:
1a:66:ac:3c:6e:f2:dd:52:6c:b0:75:ce:2e:3d:e8:
61:87:da:c5:47:80:d9:e5:71:ae:eb:63:ac:63:49:
e9:29:7b:e7:87:16:ed:b6:f0:d5:37:c5:6b:d5:f6:
6f:d8:1e:86:73:54:1e:e2:8f:3f:05:65:f7:8e:e8:
64:68:77:85:4b:1e:7e:7f:45:45:1c:46:ce:04:4a:
05:4e:c2:3d:8a:f7:30:75:1a:f0:14:63:51:8b:bd:
08:ce:c5:7f:28:bf:70:02:2a:31:52:8c:fd:fc:34:
4a:bf:74:ef:08:69:be:06:76:2e:78:be:49:2b:fc:
2d:53:3f:c1:82:d5:6b:91:fd:ca:f2:86:73:09:15:
2d:a8:bc:68:39:d8:49:51:cb:0a:ff:9e:fa:95:ee:
9a:ae:22:88:bb:9f:85:d7:64:30:a5:16:36:8f:88:
67:7e:16:b9:c3:51:55:fc:13:23:4c:ee:12:d7:a6:
e0:0e:35:e8:cb:1b:f7:cd:ab:72:a7:b1:41:e4:f5:
cb:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:97:70:60:6E:CD:4C:0F:6C:71:23:E3:A4:90:3B:69:D4:B2:98:62
X509v3 Authority Key Identifier:
keyid:34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/uZdwYG7NTA9scSPjpJA7adSymGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/NHK1U_DLCxOQDUwuDmx3msoD47E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e140:3a::/48
Signature Algorithm: sha256WithRSAEncryption
12:75:f2:38:5e:97:64:97:c4:21:d7:0e:4b:19:da:17:4b:d5:
42:95:36:2b:7b:38:0c:f3:f8:17:ae:3f:34:a3:ba:a5:a7:29:
ad:93:9a:ba:da:e3:cb:d6:25:1b:bb:48:81:c2:ba:7c:10:b6:
b0:24:46:4e:02:f4:2c:85:e6:d0:85:49:fc:71:7a:0d:92:f9:
06:e9:c0:09:19:a6:0e:8d:87:25:a0:24:23:5d:f8:9a:43:2e:
45:0e:d5:5c:fe:ea:37:c0:72:c4:f4:2d:e9:1c:d4:b9:c7:39:
59:19:19:86:06:ac:d1:23:29:db:20:db:3f:68:14:42:bf:5d:
84:77:5b:9d:39:53:1d:11:65:dd:d6:e5:fe:a1:a0:bb:8b:51:
54:0f:a7:35:69:ee:98:fa:b9:48:79:ec:52:d3:c1:49:bb:88:
0b:0e:69:18:97:49:13:d1:9a:38:2d:12:7e:d0:79:e4:45:ee:
fb:3e:db:2e:cd:00:0d:c0:8b:21:77:8e:50:b8:84:d6:79:6f:
e5:49:b1:67:14:3e:6b:d7:c7:71:2c:9e:bb:22:0d:3d:a4:98:
67:a0:3f:c6:d8:73:88:7d:95:eb:e6:ee:a7:ca:9c:8f:0d:84:
d5:c0:57:b5:84:68:53:39:d5:8d:79:ff:ca:1a:f9:43:82:f2:
95:ab:4d:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYLExge3AdznRDZpqnkj6mW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzJiNTUzZjBjYjBiMTM5MDBkNGMyZTBlNmM3NzlhY2Ew
M2UzYjEwHhcNMjIwODIyMDg1ODA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk3NzA2MDZlY2Q0YzBmNmM3MTIzZTNhNDkwM2I2OWQ0YjI5ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlzPdSY9TLJHyKyhd0pwsPeXzHQ1
GMDkOM9Q8vBi9MZ39bx+oQl3iNU3VkwEfSWR5JmdQM7DiDxPHuoaZqw8bvLdUmyw
dc4uPehhh9rFR4DZ5XGu62OsY0npKXvnhxbttvDVN8Vr1fZv2B6Gc1Qe4o8/BWX3
juhkaHeFSx5+f0VFHEbOBEoFTsI9ivcwdRrwFGNRi70IzsV/KL9wAioxUoz9/DRK
v3TvCGm+BnYueL5JK/wtUz/BgtVrkf3K8oZzCRUtqLxoOdhJUcsK/576le6ariKI
u5+F12QwpRY2j4hnfha5w1FV/BMjTO4S16bgDjXoyxv3zatyp7FB5PXLWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLmXcGBuzUwPbHEj46SQO2nUsphiMB8GA1UdIwQY
MBaAFDRytVPwywsTkA1MLg5sd5rKA+OxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmIt
MGQyMDUyNWVkYzc0LzEvdVpkd1lHN05UQTlzY1NQanBKQTdhZFN5bUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmItMGQyMDUyNWVkYzc0
LzEvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgPhQAA6
MA0GCSqGSIb3DQEBCwUAA4IBAQASdfI4Xpdkl8Qh1w5LGdoXS9VClTYrezgM8/gX
rj80o7qlpymtk5q62uPL1iUbu0iBwrp8ELawJEZOAvQshebQhUn8cXoNkvkG6cAJ
GaYOjYcloCQjXfiaQy5FDtVc/uo3wHLE9C3pHNS5xzlZGRmGBqzRIynbINs/aBRC
v12Ed1udOVMdEWXd1uX+oaC7i1FUD6c1ae6Y+rlIeexS08FJu4gLDmkYl0kT0Zo4
LRJ+0HnkRe77PtsuzQANwIshd45QuITWeW/lSbFnFD5r18dxLJ67Ig09pJhnoD/G
2HOIfZXr5u6nypyPDYTVwFe1hGhTOdWNef/KGvlDgvKVq00O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:21 2024 by rpki-client on console-ams.rpki-client.org