Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/n3NHuKP-OvgcQh29-7_uLIRI-1M.roa
File: n3NHuKP-OvgcQh29-7_uLIRI-1M.roa (raw, json)
Hash identifier: 80AxDWvve47jRc+D9nfyqUn2NO3Vgb3pOs0GiKI19gU=
Subject key identifier: 9F:73:47:B8:A3:FE:3A:F8:1C:42:1D:BD:FB:BF:EE:2C:84:48:FB:53
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 018A232373741D5BA6FA51BD65F5F2EA3CE9
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/n3NHuKP-OvgcQh29-7_uLIRI-1M.roa
Signing time: Wed 23 Aug 2023 16:04:00 +0000
ROA not before: Wed 23 Aug 2023 16:04:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61992
IP address blocks: 2a0e:eac0:2030::/44 maxlen: 44
2a0e:eac0:1003::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:23:73:74:1d:5b:a6:fa:51:bd:65:f5:f2:ea:3c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Aug 23 16:04:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f7347b8a3fe3af81c421dbdfbbfee2c8448fb53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ea:51:a9:bd:94:c1:9e:e2:fd:ca:fa:42:2b:
ab:3c:92:9d:5d:12:9a:18:d5:f6:d4:45:33:fb:0f:
50:9e:44:ab:5c:f5:6c:f3:9b:c6:37:ae:d2:bd:d6:
3a:bd:a7:3a:9f:8a:27:e9:30:60:c9:d9:87:72:fa:
ed:3d:b9:30:55:f8:8d:7a:7e:fb:9e:79:41:db:8c:
a4:4c:92:cc:d4:2a:a9:c3:e5:d9:d8:2d:c2:5e:14:
9f:91:66:11:2b:e5:e3:d9:eb:f6:18:71:6d:bd:66:
2c:28:31:46:e3:e9:0a:3e:c6:7b:13:91:f9:2b:a3:
0a:0d:01:5b:b6:95:5a:f1:c4:40:e9:18:0a:73:15:
06:7f:a9:5e:97:24:5e:9e:49:a3:9c:bd:28:43:e0:
f7:c7:9d:24:f8:87:96:07:b6:d1:de:12:50:0c:29:
16:49:5a:fb:db:5b:53:a8:2f:e9:b9:b6:fc:8e:38:
0e:20:3f:46:92:0b:af:8a:db:cb:10:28:fa:5c:6f:
33:8a:97:70:f7:b2:3c:96:27:43:b8:14:38:69:e9:
73:fe:fc:df:3d:3f:56:e1:45:b5:0f:14:d3:d1:e2:
7e:f1:f9:03:1e:54:58:0f:e3:2c:66:17:eb:f1:ba:
a4:a2:93:66:e7:76:d9:be:44:b0:8b:a9:38:0b:2b:
28:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:73:47:B8:A3:FE:3A:F8:1C:42:1D:BD:FB:BF:EE:2C:84:48:FB:53
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/n3NHuKP-OvgcQh29-7_uLIRI-1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:eac0:1003::/48
2a0e:eac0:2030::/44
Signature Algorithm: sha256WithRSAEncryption
a7:8a:9c:71:fe:09:3c:24:fd:98:c5:42:6a:83:e1:8a:f7:ee:
b6:91:d7:2c:cd:1b:fc:50:a6:2a:03:8f:57:9b:22:22:2a:3a:
3c:57:89:c9:c5:1a:44:76:5c:44:92:e3:12:09:46:81:6b:ef:
97:5a:a4:f0:4d:bf:85:5d:65:18:35:c2:50:f5:04:d7:6b:f0:
96:3f:13:0a:17:cb:d5:3d:c6:a9:de:7d:ad:3b:a1:92:5d:84:
87:65:58:d0:3f:46:b0:8d:07:49:69:92:97:71:1a:93:56:87:
c3:89:31:a0:bc:e5:43:48:8c:95:55:08:f8:bb:f2:23:d8:7c:
39:77:6b:bc:bd:24:05:49:5f:bb:e4:50:00:da:39:8c:1c:6c:
54:5e:d5:60:1e:6b:50:46:20:2f:f4:e0:dc:07:08:42:40:d4:
e2:e0:be:f8:8a:ea:20:3a:ab:33:be:a2:69:79:d3:5a:bd:df:
a8:49:ad:a0:d5:0e:4c:ff:d4:86:2e:90:21:3f:97:56:85:57:
ec:bc:9e:a8:d2:bd:3b:11:45:76:ed:85:48:4b:a8:22:76:d5:
c3:07:86:55:2c:f8:59:ff:4e:5f:19:d6:f9:95:a9:4e:1b:b5:
38:db:55:c1:af:e9:f6:fb:66:98:8e:eb:d9:2d:92:ba:1d:4f:
82:83:30:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYojI3N0HVum+lG9ZfXy6jzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjMwODIzMTYwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjczNDdiOGEzZmUzYWY4MWM0MjFkYmRmYmJmZWUyYzg0NDhmYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjepRqb2UwZ7i/cr6QiurPJKdXRKa
GNX21EUz+w9QnkSrXPVs85vGN67SvdY6vac6n4on6TBgydmHcvrtPbkwVfiNen77
nnlB24ykTJLM1Cqpw+XZ2C3CXhSfkWYRK+Xj2ev2GHFtvWYsKDFG4+kKPsZ7E5H5
K6MKDQFbtpVa8cRA6RgKcxUGf6lelyRenkmjnL0oQ+D3x50k+IeWB7bR3hJQDCkW
SVr721tTqC/pubb8jjgOID9GkguvitvLECj6XG8zipdw97I8lidDuBQ4aelz/vzf
PT9W4UW1DxTT0eJ+8fkDHlRYD+MsZhfr8bqkopNm53bZvkSwi6k4CysoVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ9zR7ij/jr4HEIdvfu/7iyESPtTMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvbjNOSHVLUC1PdmdjUWgyOS03X3VMSVJJLTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg7qwBAD
AwcEKg7qwCAwMA0GCSqGSIb3DQEBCwUAA4IBAQCnipxx/gk8JP2YxUJqg+GK9+62
kdcszRv8UKYqA49XmyIiKjo8V4nJxRpEdlxEkuMSCUaBa++XWqTwTb+FXWUYNcJQ
9QTXa/CWPxMKF8vVPcap3n2tO6GSXYSHZVjQP0awjQdJaZKXcRqTVofDiTGgvOVD
SIyVVQj4u/Ij2Hw5d2u8vSQFSV+75FAA2jmMHGxUXtVgHmtQRiAv9ODcBwhCQNTi
4L74iuogOqszvqJpedNavd+oSa2g1Q5M/9SGLpAhP5dWhVfsvJ6o0r07EUV27YVI
S6gidtXDB4ZVLPhZ/05fGdb5lalOG7U421XBr+n2+2aYjuvZLZK6HU+CgzCO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:28 2025 by rpki-client