Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/NdXKObtljDZ-C2EEcituAs0YZ4s.roa
File: NdXKObtljDZ-C2EEcituAs0YZ4s.roa (raw, json)
Hash identifier: gtKPqzjtcyDS3evZ2hdiA+FdV5eEcWdwTJp1wjvDUJE=
Subject key identifier: 35:D5:CA:39:BB:65:8C:36:7E:0B:61:04:72:2B:6E:02:CD:18:67:8B
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 018496240F1F3BDACA39E2B8C9EAA0A170C5
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/NdXKObtljDZ-C2EEcituAs0YZ4s.roa
Signing time: Sun 20 Nov 2022 17:44:16 +0000
ROA not before: Sun 20 Nov 2022 17:44:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52042
IP address blocks: 2a09:be44::/30 maxlen: 48
2a09:be41::/32 maxlen: 48
2a0e:ec05::/32 maxlen: 48
2a0e:ec00::/30 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a09:be42::/31 maxlen: 48
2a0e:ec04::/31 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:96:24:0f:1f:3b:da:ca:39:e2:b8:c9:ea:a0:a1:70:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Nov 20 17:44:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35d5ca39bb658c367e0b6104722b6e02cd18678b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:88:81:66:31:33:28:77:52:ec:2f:34:21:e5:
24:cd:fb:cd:09:44:7a:8b:7d:fa:83:e3:4c:26:7f:
bc:5e:89:09:e0:40:98:bc:b5:0e:c6:be:a4:7c:43:
cc:db:aa:81:be:f6:34:f1:bf:eb:85:2d:81:2a:e7:
21:1f:b5:1a:4f:bd:f5:da:26:19:1e:58:6c:e7:37:
17:8d:c1:7e:bd:1d:91:56:37:19:db:44:f8:88:1e:
6b:08:f5:c8:8b:bf:fe:78:f1:78:17:ed:6d:82:62:
69:ac:cc:d9:06:6a:af:28:e6:4d:37:ab:53:7a:f9:
82:db:c1:5a:36:c7:31:09:00:b0:d7:be:00:a6:56:
03:93:d3:db:7a:b1:44:88:af:b7:c2:37:1f:22:04:
8b:77:68:38:8b:79:7d:ab:ec:bf:c1:0c:34:25:f3:
44:df:57:d9:be:6c:91:ca:25:9d:4c:04:e1:94:67:
72:06:a5:a2:09:47:b0:6c:76:af:20:e2:41:21:a2:
af:f6:2d:70:20:0a:88:b9:60:91:b3:73:b5:58:93:
b6:3d:71:bb:b6:3a:5a:f1:ee:41:93:14:5e:c3:9f:
fd:0f:38:4d:5b:e7:fe:17:de:07:7b:0d:fe:ae:43:
48:21:de:6d:c9:77:5d:f4:0d:81:26:81:8d:d5:6c:
44:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D5:CA:39:BB:65:8C:36:7E:0B:61:04:72:2B:6E:02:CD:18:67:8B
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/NdXKObtljDZ-C2EEcituAs0YZ4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:fd:af:72:07:1b:c0:d9:9b:4f:00:dd:b1:fc:4c:6d:57:51:
1a:33:c0:cf:d4:66:4b:2d:8a:3f:82:83:47:e9:17:4f:45:39:
eb:9f:a9:7f:11:c8:d9:17:1e:39:3a:d0:2b:fd:c2:03:ac:10:
7b:3c:fe:38:5e:b6:83:18:15:bd:df:4c:99:88:1d:ab:ec:10:
3a:95:72:10:ff:20:39:56:0e:d2:20:12:e5:f7:07:53:02:43:
78:1d:bf:72:54:83:6e:f9:86:95:3c:8a:02:a1:be:fd:2e:36:
76:4c:ec:5f:6f:a2:a4:d1:1f:a7:0d:5f:89:cd:4b:07:71:07:
c9:3d:48:7f:9d:47:f8:3b:67:3c:50:72:d7:e3:e2:0b:9d:c1:
22:fb:97:f9:02:34:8c:db:3a:e7:cf:1a:e7:bc:53:ab:9b:b9:
82:88:7f:fa:97:1a:d8:67:dc:e9:ea:f6:09:93:82:47:24:04:
88:11:30:24:d3:b8:a5:c1:40:a1:be:35:bb:d1:3e:95:c1:5f:
f6:1e:d0:2b:8f:ad:ac:ed:c8:0f:e2:99:b3:73:1a:a5:f9:f9:
46:a9:ba:e7:72:35:cf:2b:ce:4a:51:89:2e:95:8a:d6:82:fb:
ce:ce:39:cf:56:9c:90:6e:d2:32:01:46:52:53:5f:50:c4:06:
ea:f1:9a:ba
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYSWJA8fO9rKOeK4yeqgoXDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjIxMTIwMTc0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ1Y2EzOWJiNjU4YzM2N2UwYjYxMDQ3MjJiNmUwMmNkMTg2NzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoiBZjEzKHdS7C80IeUkzfvNCUR6
i336g+NMJn+8XokJ4ECYvLUOxr6kfEPM26qBvvY08b/rhS2BKuchH7UaT7312iYZ
Hlhs5zcXjcF+vR2RVjcZ20T4iB5rCPXIi7/+ePF4F+1tgmJprMzZBmqvKOZNN6tT
evmC28FaNscxCQCw174AplYDk9PberFEiK+3wjcfIgSLd2g4i3l9q+y/wQw0JfNE
31fZvmyRyiWdTAThlGdyBqWiCUewbHavIOJBIaKv9i1wIAqIuWCRs3O1WJO2PXG7
tjpa8e5BkxRew5/9DzhNW+f+F94Hew3+rkNIId5tyXdd9A2BJoGN1WxEzQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDXVyjm7ZYw2fgthBHIrbgLNGGeLMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvTmRYS09idGxqRFotQzJFRWNpdHVBczBZWjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMA4DBQAqCb5B
AwUDKgm+QDANAwQCKg7sAwUBKg7sBAMFAyoSScAwDQYJKoZIhvcNAQELBQADggEB
AEf9r3IHG8DZm08A3bH8TG1XURozwM/UZkstij+Cg0fpF09FOeufqX8RyNkXHjk6
0Cv9wgOsEHs8/jhetoMYFb3fTJmIHavsEDqVchD/IDlWDtIgEuX3B1MCQ3gdv3JU
g275hpU8igKhvv0uNnZM7F9voqTRH6cNX4nNSwdxB8k9SH+dR/g7ZzxQctfj4gud
wSL7l/kCNIzbOufPGue8U6ubuYKIf/qXGthn3Onq9gmTgkckBIgRMCTTuKXBQKG+
NbvRPpXBX/Ye0CuPraztyA/imbNzGqX5+UapuudyNc8rzkpRiS6VitaC+87OOc9W
nJBu0jIBRlJTX1DEBurxmro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org