Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/NaDb64ypGrvrLxmdk68mESNf3W4.roa
File: NaDb64ypGrvrLxmdk68mESNf3W4.roa (raw, json)
Hash identifier: MRU/Yp7Ty/Osg3bJfH2cUqun8mAEIy5cg8MuopeZrgo=
Subject key identifier: 35:A0:DB:EB:8C:A9:1A:BB:EB:2F:19:9D:93:AF:26:11:23:5F:DD:6E
Certificate issuer: /CN=baa63d3ba6dae4a4493bc14a675b94ad2aa45b69
Certificate serial: 0182FD9824AAA60DBAA7C15B98A1199A4E9E
Authority key identifier: BA:A6:3D:3B:A6:DA:E4:A4:49:3B:C1:4A:67:5B:94:AD:2A:A4:5B:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/NaDb64ypGrvrLxmdk68mESNf3W4.roa
Signing time: Fri 02 Sep 2022 09:46:22 +0000
ROA not before: Fri 02 Sep 2022 09:46:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210661
IP address blocks: 2a11:5500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:98:24:aa:a6:0d:ba:a7:c1:5b:98:a1:19:9a:4e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa63d3ba6dae4a4493bc14a675b94ad2aa45b69
Validity
Not Before: Sep 2 09:46:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35a0dbeb8ca91abbeb2f199d93af2611235fdd6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e1:45:29:3f:e7:63:36:e1:f2:a7:d9:49:be:
80:a2:72:57:9e:da:e1:59:4c:84:2d:f6:aa:e3:fc:
07:7e:dc:d5:d3:33:72:81:f6:1c:66:5d:dc:10:c5:
12:56:3f:9f:8d:80:33:bb:7f:e0:cf:41:94:aa:03:
19:bd:b0:37:b1:7f:90:58:90:49:68:65:66:27:fb:
20:1e:73:e5:85:41:b3:20:7c:29:5b:cb:77:14:4c:
1d:fd:f8:0d:86:d6:a7:32:9a:69:03:c7:41:cd:9f:
a0:55:ac:bc:d7:cc:6a:c5:e8:ae:e0:f1:c1:e4:6d:
c3:f2:c7:16:ef:14:83:b3:92:91:f2:d4:21:41:71:
d3:95:b5:fd:31:ae:bb:98:76:03:b4:ee:f9:61:85:
15:e0:3a:dc:25:9c:ba:03:f0:d5:97:d9:c8:11:df:
8a:3a:4c:35:b7:03:8a:9d:b4:51:b6:5f:20:d1:73:
d1:ef:79:f7:bd:d3:ff:d1:87:2e:a8:e7:53:b7:cb:
00:c2:a1:79:77:13:9c:dd:5e:84:a6:28:a7:ca:29:
11:7f:d2:57:8f:d9:ba:77:b7:69:fd:17:c5:92:a3:
08:08:c2:8d:f9:de:e6:b4:be:3e:71:ae:0e:26:df:
75:c3:3c:eb:df:9d:78:05:d0:15:af:07:0a:c9:55:
89:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A0:DB:EB:8C:A9:1A:BB:EB:2F:19:9D:93:AF:26:11:23:5F:DD:6E
X509v3 Authority Key Identifier:
keyid:BA:A6:3D:3B:A6:DA:E4:A4:49:3B:C1:4A:67:5B:94:AD:2A:A4:5B:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/NaDb64ypGrvrLxmdk68mESNf3W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/185e80-7339-4cc0-8b7c-4edf4244a9f9/1/uqY9O6ba5KRJO8FKZ1uUrSqkW2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5500::/29
Signature Algorithm: sha256WithRSAEncryption
9d:58:07:68:b8:0a:5b:f0:e0:be:63:d0:9c:6e:f8:34:ee:7d:
ac:4e:c3:de:b0:ef:cc:5d:70:42:09:a2:bd:a6:0c:dc:68:70:
c8:21:dc:a4:34:cf:c2:57:48:f7:4d:d8:a0:a3:a8:2c:52:4e:
50:c6:f7:21:24:32:72:d8:bc:c2:82:41:01:be:26:89:21:92:
bb:45:ec:c4:20:a0:97:bc:2c:0b:46:b9:49:e1:ae:71:e9:d6:
1f:78:89:f6:04:47:5b:3e:de:e3:14:eb:15:24:42:b1:24:33:
13:8b:a5:ca:d3:5b:7c:0e:76:bc:e9:c8:f5:f4:64:6f:ca:0a:
05:0e:9e:f4:41:92:8d:d0:b2:1a:e9:11:a4:f3:8c:af:40:7e:
80:09:02:c6:02:11:1c:27:19:9d:24:1b:c2:f9:5b:fd:9b:e8:
6d:aa:d3:20:d6:ba:ad:ba:9a:b5:30:9e:ac:d6:4e:e7:fa:e2:
61:88:89:ba:2e:02:7a:d7:17:c8:80:cb:98:c7:15:0c:06:6f:
bb:c5:df:60:36:ae:0b:b5:41:60:06:55:0a:2f:7c:8c:87:80:
be:ba:fd:54:5f:cd:22:b2:81:15:64:6f:96:0d:c7:2a:7f:23:
7e:92:4c:75:47:61:9e:3a:92:2b:54:51:36:1c:5c:41:1a:97:
2e:23:d1:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYL9mCSqpg26p8FbmKEZmk6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTYzZDNiYTZkYWU0YTQ0OTNiYzE0YTY3NWI5NGFkMmFh
NDViNjkwHhcNMjIwOTAyMDk0NjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWEwZGJlYjhjYTkxYWJiZWIyZjE5OWQ5M2FmMjYxMTIzNWZkZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOFFKT/nYzbh8qfZSb6AonJXntrh
WUyELfaq4/wHftzV0zNygfYcZl3cEMUSVj+fjYAzu3/gz0GUqgMZvbA3sX+QWJBJ
aGVmJ/sgHnPlhUGzIHwpW8t3FEwd/fgNhtanMpppA8dBzZ+gVay818xqxeiu4PHB
5G3D8scW7xSDs5KR8tQhQXHTlbX9Ma67mHYDtO75YYUV4DrcJZy6A/DVl9nIEd+K
Okw1twOKnbRRtl8g0XPR73n3vdP/0YcuqOdTt8sAwqF5dxOc3V6EpiinyikRf9JX
j9m6d7dp/RfFkqMICMKN+d7mtL4+ca4OJt91wzzr3514BdAVrwcKyVWJkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDWg2+uMqRq76y8ZnZOvJhEjX91uMB8GA1UdIwQY
MBaAFLqmPTum2uSkSTvBSmdblK0qpFtpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFZOU82YmE1S1JKTzhGS1oxdVVyU3FrVzJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8xODVlODAtNzMzOS00Y2MwLThiN2Mt
NGVkZjQyNDRhOWY5LzEvTmFEYjY0eXBHcnZyTHhtZGs2OG1FU05mM1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8xODVlODAtNzMzOS00Y2MwLThiN2MtNGVkZjQyNDRhOWY5
LzEvdXFZOU82YmE1S1JKTzhGS1oxdVVyU3FrVzJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFVADAN
BgkqhkiG9w0BAQsFAAOCAQEAnVgHaLgKW/DgvmPQnG74NO59rE7D3rDvzF1wQgmi
vaYM3GhwyCHcpDTPwldI903YoKOoLFJOUMb3ISQycti8woJBAb4miSGSu0XsxCCg
l7wsC0a5SeGucenWH3iJ9gRHWz7e4xTrFSRCsSQzE4ulytNbfA52vOnI9fRkb8oK
BQ6e9EGSjdCyGukRpPOMr0B+gAkCxgIRHCcZnSQbwvlb/ZvobarTINa6rbqatTCe
rNZO5/riYYiJui4CetcXyIDLmMcVDAZvu8XfYDauC7VBYAZVCi98jIeAvrr9VF/N
IrKBFWRvlg3HKn8jfpJMdUdhnjqSK1RRNhxcQRqXLiPRDg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:41 2023 by rpki-client on console-fra.rpki-client.org