Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/y571gt9OOUXWd0qW8CZ38wOhm6A.roa
File: y571gt9OOUXWd0qW8CZ38wOhm6A.roa (raw, json)
Hash identifier: qIHlYdZHD49CqPG3IZtL4EXwwcjVosf7napX1QN3Le0=
Subject key identifier: CB:9E:F5:82:DF:4E:39:45:D6:77:4A:96:F0:26:77:F3:03:A1:9B:A0
Certificate issuer: /CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Certificate serial: 03D44212
Authority key identifier: 34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/y571gt9OOUXWd0qW8CZ38wOhm6A.roa
Signing time: Sat 01 Jan 2022 05:01:50 +0000
ROA not before: Sat 01 Jan 2022 05:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16262
IP address blocks: 2a03:e140:3a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64242194 (0x3d44212)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Validity
Not Before: Jan 1 05:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb9ef582df4e3945d6774a96f02677f303a19ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4b:27:62:80:dc:a4:97:7c:8c:f8:d0:75:b0:
09:94:57:c8:6b:4a:27:6f:b3:85:28:c0:2d:f3:13:
69:19:b3:78:6b:2f:c1:70:14:0f:2c:91:03:12:df:
ac:fb:a9:72:0d:42:29:c0:8a:e3:33:c2:6c:6d:44:
68:40:32:e9:67:46:b9:c5:6a:00:1b:62:91:b6:d8:
f5:c6:23:04:02:10:75:5b:ae:8e:31:23:cb:40:d7:
20:98:1a:d5:23:1c:ed:7e:b2:cb:e7:ca:5a:ac:60:
ce:22:d6:4d:97:9e:60:5e:61:7e:4e:0b:98:c3:88:
d9:66:59:d5:6c:a4:10:d7:c1:65:a6:d7:66:31:72:
f6:02:6b:ca:bd:13:38:ff:1d:64:5f:dc:ce:f5:80:
28:73:1b:82:d4:02:cc:48:b3:c3:53:67:de:49:ac:
14:4a:fa:af:5b:56:57:2b:99:8f:14:0e:e4:c7:d5:
5c:fd:4f:84:b8:33:9d:fb:81:2f:86:ea:84:c6:f8:
61:cf:f2:eb:51:74:3b:1f:9b:a5:9d:7b:40:f3:4b:
8b:39:e2:d0:2a:9b:14:7a:51:d3:02:67:31:a2:cf:
06:78:89:45:59:92:75:76:36:44:95:95:65:01:f5:
a5:26:c5:6f:8d:66:b8:8f:8e:bd:59:78:57:f6:0a:
de:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9E:F5:82:DF:4E:39:45:D6:77:4A:96:F0:26:77:F3:03:A1:9B:A0
X509v3 Authority Key Identifier:
keyid:34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/y571gt9OOUXWd0qW8CZ38wOhm6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/NHK1U_DLCxOQDUwuDmx3msoD47E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e140:3a::/48
Signature Algorithm: sha256WithRSAEncryption
5d:09:ec:3a:95:55:9f:2d:49:85:b3:82:46:39:1e:42:8c:b9:
ba:3e:53:82:ce:c3:5f:e1:82:17:b9:8b:7a:5b:78:1d:9d:d5:
d8:4a:b4:33:bc:84:9f:e6:61:8f:c2:22:bd:ac:a3:1e:11:ab:
e4:09:76:f1:3d:0b:a2:c5:6e:7f:7b:79:e4:06:18:ab:a6:5a:
5d:d1:f5:78:d7:cd:ba:18:c6:32:f5:ef:28:6c:b1:c8:6a:f8:
bf:44:bc:bd:45:13:91:1b:6c:41:ca:ec:0f:52:d7:1c:21:2f:
d7:3f:a7:a4:2f:e0:4d:ae:76:e3:cd:c5:cd:df:5d:af:af:90:
c8:78:3f:fb:23:bd:a6:82:cc:0c:52:92:76:20:88:fd:3d:29:
cb:b7:d8:48:52:8d:8e:74:70:c0:bc:25:f1:da:9a:23:be:e9:
f5:ea:a0:1c:d8:20:9c:eb:02:46:6a:4d:f2:de:d0:42:86:25:
2f:73:dc:7e:41:a0:ec:de:14:9e:92:62:b6:bc:45:12:33:a1:
ad:0a:7d:1e:88:61:11:f8:f4:92:eb:a9:20:a5:53:4c:05:1c:
87:86:c3:b5:a3:d9:8a:31:22:48:a3:32:51:82:f3:b9:5d:80:
4a:7d:c8:b7:7b:7b:ec:a0:ad:a0:89:3e:8d:5a:f8:4f:75:04:
94:44:cd:e3
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA9RCEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDcyYjU1M2YwY2IwYjEzOTAwZDRjMmUwZTZjNzc5YWNhMDNlM2IxMB4XDTIyMDEw
MTA1MDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I5ZWY1ODJkZjRl
Mzk0NWQ2Nzc0YTk2ZjAyNjc3ZjMwM2ExOWJhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdLJ2KA3KSXfIz40HWwCZRXyGtKJ2+zhSjALfMTaRmzeGsv
wXAUDyyRAxLfrPupcg1CKcCK4zPCbG1EaEAy6WdGucVqABtikbbY9cYjBAIQdVuu
jjEjy0DXIJga1SMc7X6yy+fKWqxgziLWTZeeYF5hfk4LmMOI2WZZ1WykENfBZabX
ZjFy9gJryr0TOP8dZF/czvWAKHMbgtQCzEizw1Nn3kmsFEr6r1tWVyuZjxQO5MfV
XP1PhLgznfuBL4bqhMb4Yc/y61F0Ox+bpZ17QPNLizni0CqbFHpR0wJnMaLPBniJ
RVmSdXY2RJWVZQH1pSbFb41muI+OvVl4V/YK3rkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTLnvWC3045RdZ3SpbwJnfzA6GboDAfBgNVHSMEGDAWgBQ0crVT8MsLE5AN
TC4ObHeaygPjsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05ISzFVX0RMQ3hPUURVd3VEbXgzbXNvRDQ3RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMDVlZDJmLWM0ZjctNDQxNy1hNGZiLTBkMjA1MjVlZGM3NC8x
L3k1NzFndDlPT1VYV2QwcVc4Q1ozOHdPaG02QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MDVlZDJmLWM0ZjctNDQxNy1hNGZiLTBkMjA1MjVlZGM3NC8xL05ISzFVX0RMQ3hP
UURVd3VEbXgzbXNvRDQ3RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoD4UAAOjANBgkqhkiG9w0BAQsF
AAOCAQEAXQnsOpVVny1JhbOCRjkeQoy5uj5Tgs7DX+GCF7mLelt4HZ3V2Eq0M7yE
n+Zhj8IivayjHhGr5Al28T0LosVuf3t55AYYq6ZaXdH1eNfNuhjGMvXvKGyxyGr4
v0S8vUUTkRtsQcrsD1LXHCEv1z+npC/gTa52483Fzd9dr6+QyHg/+yO9poLMDFKS
diCI/T0py7fYSFKNjnRwwLwl8dqaI77p9eqgHNggnOsCRmpN8t7QQoYlL3PcfkGg
7N4UnpJitrxFEjOhrQp9HohhEfj0kuupIKVTTAUch4bDtaPZijEiSKMyUYLzuV2A
Sn3It3t77KCtoIk+jVr4T3UElETN4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:59 2024 by rpki-client on console-fra.rpki-client.org