Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/np9ZNSagTcANsjrg9l1ogrPssSA.roa
File: np9ZNSagTcANsjrg9l1ogrPssSA.roa (raw, json)
Hash identifier: 7HVisroSnQh+fHImlQ7v1SXmvi/utI9RCBCKMkjqfsY=
Subject key identifier: 9E:9F:59:35:26:A0:4D:C0:0D:B2:3A:E0:F6:5D:68:82:B3:EC:B1:20
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0189CF7E254EE9DE17F71611DFB01FD23E1D
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/np9ZNSagTcANsjrg9l1ogrPssSA.roa
Signing time: Mon 07 Aug 2023 10:14:58 +0000
ROA not before: Mon 07 Aug 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:7e:25:4e:e9:de:17:f7:16:11:df:b0:1f:d2:3e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 7 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e9f593526a04dc00db23ae0f65d6882b3ecb120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e2:dc:f2:8a:13:5b:a0:39:6b:46:78:65:92:
52:2d:ac:12:37:28:46:27:cf:ca:80:07:a4:9b:b6:
14:b7:63:63:4f:14:41:fa:1a:ea:ee:8c:b2:2a:aa:
6c:ce:d6:48:3f:8e:02:cc:1a:bd:62:cd:09:55:31:
bd:46:50:4e:a2:45:be:1a:f0:54:90:04:de:3d:60:
8b:cd:c5:2a:18:20:9e:bc:9f:69:df:6f:80:f0:75:
ee:c0:79:c9:9c:85:6d:9b:42:a1:f5:f3:7f:59:60:
ef:8c:d0:28:76:3c:26:6c:b3:38:c5:fb:58:f2:4d:
c6:ac:ba:bb:14:63:e9:07:42:66:81:b3:6a:a8:ed:
fb:a7:3e:91:a7:61:f0:44:df:b8:33:6f:01:2d:78:
21:80:a0:ef:35:59:98:ef:9d:91:7c:15:e0:56:cd:
f1:25:56:6e:99:84:ae:9b:62:17:b5:eb:81:a7:e4:
d0:d7:47:7a:f3:b1:46:e4:3d:22:12:18:17:41:1e:
40:5b:92:b2:b4:15:6e:85:d3:2f:43:f6:ad:6c:1c:
9c:5f:a4:77:f8:1f:16:0d:eb:64:e4:44:a1:be:27:
8f:fc:46:ea:1d:fc:8c:59:c7:73:1f:fd:22:2f:1f:
cf:55:81:54:86:60:9f:98:3f:ae:b9:82:40:51:1a:
79:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9F:59:35:26:A0:4D:C0:0D:B2:3A:E0:F6:5D:68:82:B3:EC:B1:20
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/np9ZNSagTcANsjrg9l1ogrPssSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
8d:55:08:f0:0e:94:a4:26:4b:f1:0a:51:fa:7b:94:fb:84:0d:
d7:e2:fb:7b:5f:3a:e2:4a:84:d7:51:c1:bb:1e:a4:5d:1e:53:
0e:b5:d1:e8:d4:db:b4:47:9e:60:aa:cc:35:6e:fb:28:2a:8c:
45:ee:b1:c8:79:34:81:e0:76:b5:5a:a5:97:e9:85:77:3f:91:
3f:9c:eb:86:e8:0c:67:17:28:33:e2:86:13:5f:2c:42:9b:a5:
8c:6b:75:36:d0:6c:16:20:2b:c3:ab:16:df:90:6f:fb:d5:52:
09:71:eb:6c:9d:bc:0d:9c:cc:ec:7b:0c:ed:c7:b4:29:e8:47:
6d:5a:0b:10:a2:2e:71:63:91:05:90:6a:8e:5f:79:ed:9a:6a:
95:e1:d1:18:49:0e:c1:56:63:d7:e2:46:31:db:88:3e:a5:1d:
88:2c:c8:f8:c6:41:7f:31:54:4f:95:5a:11:f4:19:24:7b:42:
1f:1e:34:fa:75:7b:7d:ab:1c:d4:5e:c1:0e:d8:72:e1:c3:34:
00:da:04:cf:4a:08:5a:db:41:2a:e4:a7:d1:52:fa:0e:93:0a:
48:76:28:14:d6:b7:d5:c4:f2:01:9d:f8:b7:82:b3:e1:fb:2f:
d1:78:ad:a6:fc:b1:d7:ba:5b:7c:51:6c:12:44:0e:bb:5f:ae:
92:08:0a:57
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYnPfiVO6d4X9xYR37Af0j4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwODA3MTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTlmNTkzNTI2YTA0ZGMwMGRiMjNhZTBmNjVkNjg4MmIzZWNiMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOLc8ooTW6A5a0Z4ZZJSLawSNyhG
J8/KgAekm7YUt2NjTxRB+hrq7oyyKqpsztZIP44CzBq9Ys0JVTG9RlBOokW+GvBU
kATePWCLzcUqGCCevJ9p32+A8HXuwHnJnIVtm0Kh9fN/WWDvjNAodjwmbLM4xftY
8k3GrLq7FGPpB0JmgbNqqO37pz6Rp2HwRN+4M28BLXghgKDvNVmY752RfBXgVs3x
JVZumYSum2IXteuBp+TQ10d687FG5D0iEhgXQR5AW5KytBVuhdMvQ/atbBycX6R3
+B8WDetk5EShvieP/EbqHfyMWcdzH/0iLx/PVYFUhmCfmD+uuYJAURp5zwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ6fWTUmoE3ADbI64PZdaIKz7LEgMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbnA5Wk5TYWdUY0FOc2pyZzlsMW9nclBzc1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgfjRQEw
DQYJKoZIhvcNAQELBQADggEBAI1VCPAOlKQmS/EKUfp7lPuEDdfi+3tfOuJKhNdR
wbsepF0eUw610ejU27RHnmCqzDVu+ygqjEXusch5NIHgdrVapZfphXc/kT+c64bo
DGcXKDPihhNfLEKbpYxrdTbQbBYgK8OrFt+Qb/vVUglx62ydvA2czOx7DO3HtCno
R21aCxCiLnFjkQWQao5fee2aapXh0RhJDsFWY9fiRjHbiD6lHYgsyPjGQX8xVE+V
WhH0GSR7Qh8eNPp1e32rHNRewQ7YcuHDNADaBM9KCFrbQSrkp9FS+g6TCkh2KBTW
t9XE8gGd+LeCs+H7L9F4rab8sde6W3xRbBJEDrtfrpIIClc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:55 2025 by rpki-client