Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa
File: nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa (raw, json)
Hash identifier: 6JIuDFkc3TQEVF+JLO99EZK0bl76//oDXKXgVG3DZaU=
Subject key identifier: 9C:85:A7:D7:14:99:4E:BB:31:8B:47:37:07:B3:0F:E4:33:CD:91:DC
Certificate issuer: /CN=af09503fcac01769515a19f2dc2657d92fd350df
Certificate serial: 01857079AF6C9033C3DD47550A1EFBA81785
Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa
Signing time: Mon 02 Jan 2023 03:15:00 +0000
ROA not before: Mon 02 Jan 2023 03:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 553
IP address blocks: 141.10.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:af:6c:90:33:c3:dd:47:55:0a:1e:fb:a8:17:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df
Validity
Not Before: Jan 2 03:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c85a7d714994ebb318b473707b30fe433cd91dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:aa:4a:f2:48:11:19:0b:22:73:89:b5:de:4e:
3a:e8:ff:4f:23:60:21:54:78:00:5c:05:d3:2c:b0:
d5:88:d4:c0:e3:7c:19:e3:67:19:e2:a7:48:1f:8d:
8b:30:36:3a:49:35:05:19:7f:06:cd:cb:b3:f5:67:
57:e6:a0:b2:1a:b6:b5:a0:f8:e3:95:8b:ef:56:7a:
ab:3f:b1:c7:22:d8:58:41:c0:d4:cf:dc:c6:6a:fd:
a3:c9:8d:b5:2a:71:b8:24:ee:c3:44:8b:93:44:ad:
bd:a1:76:b6:8d:70:1c:21:a9:5f:fd:19:4a:47:08:
73:62:9f:09:2b:e7:54:88:5f:e2:8b:b9:7a:9f:ee:
8b:31:d4:71:93:75:83:72:27:50:80:7c:d1:0c:b4:
3e:13:85:30:37:ec:1f:07:3d:2c:63:a3:65:4e:c9:
7c:c5:08:15:ef:e5:a8:20:16:5f:14:8a:e9:0b:ee:
f4:6b:df:7f:02:0a:0c:48:3e:95:c6:fe:a5:c3:8e:
dd:c7:b6:83:f0:50:73:3a:eb:58:ae:82:6c:64:7c:
86:eb:3b:43:c9:79:df:c9:06:3a:b3:24:bc:28:62:
42:9d:16:e3:be:51:cb:cc:5b:54:17:30:17:96:8d:
91:4d:08:f9:d9:1f:ea:38:ed:f5:2f:cb:10:e2:c3:
1e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:85:A7:D7:14:99:4E:BB:31:8B:47:37:07:B3:0F:E4:33:CD:91:DC
X509v3 Authority Key Identifier:
keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/nIWn1xSZTrsxi0c3B7MP5DPNkdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.10.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:ea:ae:2e:36:cb:a9:ee:53:07:ea:51:ea:af:2a:36:45:4d:
c4:c2:40:77:25:ed:29:2c:4f:de:4f:a6:b6:98:3f:28:f0:7d:
89:cc:18:3c:ed:f9:59:86:72:9a:56:a9:be:cd:f8:d1:75:2d:
fb:d6:7f:91:e5:e8:39:d8:53:f0:c2:70:4f:dd:a1:5c:e5:0d:
8e:43:44:8c:65:e3:87:05:99:80:d6:26:da:2b:5a:1e:df:3c:
a7:88:24:ba:06:04:6d:6f:ab:9d:86:61:9e:a7:15:57:c0:a3:
aa:43:80:36:7c:88:59:46:be:ce:2b:33:66:84:b8:41:f6:94:
86:28:8e:4e:0d:6c:0e:01:bd:e1:e7:52:58:eb:2f:6c:3e:be:
a1:1e:84:9c:4b:fb:c1:d4:c9:7e:76:5b:cb:2a:33:ef:f1:61:
ca:3d:3d:5a:75:c2:7c:f1:9e:40:7f:86:96:6c:ad:f5:34:c5:
26:4c:55:18:c4:e4:ba:e5:f2:3f:5d:f1:66:95:26:7e:cb:20:
2a:71:6d:10:ba:d5:77:66:1c:45:d4:fc:e8:61:bc:9b:82:08:
95:5e:fc:7e:cf:71:c6:a7:ad:95:ac:da:5d:ed:66:47:3b:2a:
b6:6d:d1:06:c0:3f:4b:52:16:3c:73:96:4e:56:f6:db:a9:a5:
8b:1c:10:66
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVwea9skDPD3UdVCh77qBeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk
MzUwZGYwHhcNMjMwMTAyMDMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg1YTdkNzE0OTk0ZWJiMzE4YjQ3MzcwN2IzMGZlNDMzY2Q5MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxapK8kgRGQsic4m13k466P9PI2Ah
VHgAXAXTLLDViNTA43wZ42cZ4qdIH42LMDY6STUFGX8Gzcuz9WdX5qCyGra1oPjj
lYvvVnqrP7HHIthYQcDUz9zGav2jyY21KnG4JO7DRIuTRK29oXa2jXAcIalf/RlK
RwhzYp8JK+dUiF/ii7l6n+6LMdRxk3WDcidQgHzRDLQ+E4UwN+wfBz0sY6NlTsl8
xQgV7+WoIBZfFIrpC+70a99/AgoMSD6Vxv6lw47dx7aD8FBzOutYroJsZHyG6ztD
yXnfyQY6syS8KGJCnRbjvlHLzFtUFzAXlo2RTQj52R/qOO31L8sQ4sMeuwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJyFp9cUmU67MYtHNwezD+QzzZHcMB8GA1UdIwQY
MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt
MTc1MDJkM2RmOTVmLzEvbklXbjF4U1pUcnN4aTBjM0I3TVA1RFBOa2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm
LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjQowDQYJ
KoZIhvcNAQELBQADggEBAAzqri42y6nuUwfqUeqvKjZFTcTCQHcl7SksT95PpraY
PyjwfYnMGDzt+VmGcppWqb7N+NF1LfvWf5Hl6DnYU/DCcE/doVzlDY5DRIxl44cF
mYDWJtorWh7fPKeIJLoGBG1vq52GYZ6nFVfAo6pDgDZ8iFlGvs4rM2aEuEH2lIYo
jk4NbA4BveHnUljrL2w+vqEehJxL+8HUyX52W8sqM+/xYco9PVp1wnzxnkB/hpZs
rfU0xSZMVRjE5Lrl8j9d8WaVJn7LICpxbRC61XdmHEXU/OhhvJuCCJVe/H7Pccan
rZWs2l3tZkc7KrZt0QbAP0tSFjxzlk5W9tuppYscEGY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:28 2025 by rpki-client