Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/NRWNaL-bUVDBFITzCjyifqyM8CM.roa
File: NRWNaL-bUVDBFITzCjyifqyM8CM.roa (raw, json)
Hash identifier: vCdJmrDxVERkYSYU+bvqjZ+CXE/Z6NrQVv1mEUa1WY8=
Subject key identifier: 35:15:8D:68:BF:9B:51:50:C1:14:84:F3:0A:3C:A2:7E:AC:8C:F0:23
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 09629D6E
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/NRWNaL-bUVDBFITzCjyifqyM8CM.roa
Signing time: Sat 01 Jan 2022 09:03:52 +0000
ROA not before: Sat 01 Jan 2022 09:03:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139216
IP address blocks: 2a0e:aa07:f0d0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157457774 (0x9629d6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:03:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35158d68bf9b5150c11484f30a3ca27eac8cf023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1b:1f:af:35:50:06:bd:17:34:e3:5b:f3:f5:
79:ec:aa:62:e5:8d:38:87:a0:24:9b:9e:e0:65:39:
9f:13:ad:67:ba:b8:f6:d1:aa:82:b8:1e:65:11:3c:
b7:81:ae:7c:59:79:ad:cf:3e:55:11:70:3f:99:8c:
db:ce:16:fe:a8:8d:d3:df:fc:30:e7:9e:aa:bf:43:
62:30:df:bd:c1:73:c0:71:f9:85:db:a7:f9:e2:c7:
ef:fd:8c:1c:43:2f:89:44:bd:9a:46:c2:d2:1c:93:
b2:a0:82:ad:b8:86:fd:cf:07:7f:13:bb:74:a2:ee:
15:b5:5f:0e:ae:14:e3:dd:22:61:fb:43:d4:6b:e6:
ac:e3:60:11:b0:cd:c4:6a:50:0a:83:fa:a7:8d:df:
00:30:66:df:2f:6c:64:d8:ee:c6:11:09:9f:07:83:
14:88:68:ae:fc:b6:63:41:be:ed:9a:c8:fa:d7:e5:
13:57:14:30:87:28:fa:bc:eb:5a:81:ee:6c:3a:cc:
c3:47:a5:9a:92:f4:4a:0a:ba:9c:19:18:c4:21:ed:
6c:03:8e:a7:f1:fd:b9:16:a1:a2:6c:da:6a:b6:5c:
be:97:9f:8a:c3:af:cd:df:e7:d2:38:b6:7d:4e:bd:
7f:88:d0:97:68:44:fe:71:0e:4a:b3:e8:2c:9e:17:
58:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:15:8D:68:BF:9B:51:50:C1:14:84:F3:0A:3C:A2:7E:AC:8C:F0:23
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/NRWNaL-bUVDBFITzCjyifqyM8CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:f0d0::/44
Signature Algorithm: sha256WithRSAEncryption
6a:12:00:fa:19:5f:c8:15:1a:a4:c3:8b:cb:8a:f9:86:42:e3:
b6:f2:40:47:87:af:9b:35:13:fc:6f:b1:43:cf:59:52:3f:a0:
50:ea:24:ca:4f:ba:23:b0:01:f4:a5:b9:59:b9:98:33:81:6c:
48:d8:6f:c8:7a:43:46:df:90:72:f8:a6:f2:3a:d4:3b:1f:04:
3d:c2:e3:6d:56:8a:71:85:ce:28:31:20:ae:84:e0:f9:81:4e:
8e:e6:e7:77:fe:17:09:42:be:6a:2f:7e:73:bc:5b:68:c4:64:
5e:7b:8d:38:d2:41:7f:bb:a6:0a:22:28:2d:27:a9:20:8a:74:
f6:6d:f6:05:10:bd:2c:8f:ab:9a:22:96:e7:f6:8e:b8:62:92:
fb:0f:3c:8e:67:ea:a7:e4:6d:d9:ec:68:63:9b:d1:27:13:0f:
db:aa:4f:03:53:5d:e7:9a:7b:b8:4d:82:a8:1e:1b:54:3e:e0:
77:24:8b:2d:be:36:4b:97:d4:3b:d2:63:86:22:5f:27:b4:db:
5d:b2:c4:2c:bb:21:1f:9d:95:2f:62:8b:81:d0:ce:b0:d5:22:
49:c8:7a:1e:1e:12:2b:ee:18:c7:32:96:1c:94:cc:d0:a0:a4:
24:a2:4f:68:4c:9a:50:54:d1:ba:c5:ac:b4:da:d0:bc:4b:a2:
09:5f:85:90
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECWKdbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUxNThkNjhiZjli
NTE1MGMxMTQ4NGYzMGEzY2EyN2VhYzhjZjAyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQbH681UAa9FzTjW/P1eeyqYuWNOIegJJue4GU5nxOtZ7q4
9tGqgrgeZRE8t4GufFl5rc8+VRFwP5mM284W/qiN09/8MOeeqr9DYjDfvcFzwHH5
hdun+eLH7/2MHEMviUS9mkbC0hyTsqCCrbiG/c8HfxO7dKLuFbVfDq4U490iYftD
1GvmrONgEbDNxGpQCoP6p43fADBm3y9sZNjuxhEJnweDFIhorvy2Y0G+7ZrI+tfl
E1cUMIco+rzrWoHubDrMw0elmpL0Sgq6nBkYxCHtbAOOp/H9uRahomzaarZcvpef
isOvzd/n0ji2fU69f4jQl2hE/nEOSrPoLJ4XWIUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ1FY1ov5tRUMEUhPMKPKJ+rIzwIzAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L05SV05hTC1iVVZEQkZJVHpDanlpZnF5TThDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOqgfw0DANBgkqhkiG9w0BAQsF
AAOCAQEAahIA+hlfyBUapMOLy4r5hkLjtvJAR4evmzUT/G+xQ89ZUj+gUOokyk+6
I7AB9KW5WbmYM4FsSNhvyHpDRt+Qcvim8jrUOx8EPcLjbVaKcYXOKDEgroTg+YFO
jubnd/4XCUK+ai9+c7xbaMRkXnuNONJBf7umCiIoLSepIIp09m32BRC9LI+rmiKW
5/aOuGKS+w88jmfqp+Rt2exoY5vRJxMP26pPA1Nd55p7uE2CqB4bVD7gdySLLb42
S5fUO9JjhiJfJ7TbXbLELLshH52VL2KLgdDOsNUiSch6Hh4SK+4YxzKWHJTM0KCk
JKJPaEyaUFTRusWstNrQvEuiCV+FkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org