Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/nRLH-QaTEFPYf9Ai_RcC82nfeVo.roa
File: nRLH-QaTEFPYf9Ai_RcC82nfeVo.roa (raw, json)
Hash identifier: Z927ixtsuiTEl3r4+8UIJMgGmy5BNCExqpl5ofwvRhk=
Subject key identifier: 9D:12:C7:F9:06:93:10:53:D8:7F:D0:22:FD:17:02:F3:69:DF:79:5A
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 060390FF
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/nRLH-QaTEFPYf9Ai_RcC82nfeVo.roa
Signing time: Sat 01 Jan 2022 16:01:21 +0000
ROA not before: Sat 01 Jan 2022 16:01:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209334
IP address blocks: 2a0d:f407:1001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100897023 (0x60390ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 16:01:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d12c7f906931053d87fd022fd1702f369df795a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:96:fe:74:45:3d:e3:0f:93:23:b6:e3:f9:
34:d5:b5:11:73:69:9b:5c:35:e5:98:41:09:20:9d:
17:ad:79:c0:57:a0:a2:fb:1a:b3:f9:2e:08:e3:a2:
6e:2f:96:f2:45:97:5b:99:64:e0:94:35:df:3e:33:
f2:d5:1a:13:2d:2c:3a:02:e1:5b:7a:0d:40:86:aa:
7f:21:1a:8d:af:4f:d1:b4:e7:8a:03:44:95:f9:85:
3a:d2:01:10:93:6a:fa:89:38:75:da:7e:f2:b7:52:
99:03:a2:04:f6:da:9b:f4:bc:7c:0e:7a:32:44:4e:
96:4c:b7:d4:d8:82:de:e0:4b:4e:09:ea:77:3a:4e:
b2:d4:88:43:10:4a:2a:af:f3:a6:3c:b7:e6:58:4a:
0b:1f:91:48:15:14:4a:85:bc:2a:13:d7:17:cc:cd:
a4:d6:6e:6c:05:5b:ca:ea:a5:c2:a1:4b:7e:ac:8d:
e3:4b:a7:c5:ed:78:7a:9c:ff:96:72:49:e3:fc:d1:
4e:06:07:bd:2e:0e:75:10:b0:2f:54:34:b9:d9:b4:
b6:7b:b8:c9:db:20:ec:68:e8:30:5e:b8:96:5b:6b:
b3:7e:f1:ec:3b:46:57:82:d9:f2:ab:a8:cd:bb:60:
3c:22:54:84:48:d0:c3:19:ec:dd:79:c3:0a:cd:cb:
00:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:12:C7:F9:06:93:10:53:D8:7F:D0:22:FD:17:02:F3:69:DF:79:5A
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/nRLH-QaTEFPYf9Ai_RcC82nfeVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f407:1001::/48
Signature Algorithm: sha256WithRSAEncryption
4a:db:31:d7:3b:48:1f:4a:d8:be:5f:69:72:3c:49:c1:43:54:
fc:41:fd:b0:39:39:6f:8e:45:f8:3c:47:18:e9:6a:d8:59:54:
54:9e:a0:bc:cb:69:d7:ba:92:ac:8f:51:b2:9e:58:18:34:b8:
af:27:e7:a3:de:aa:8d:ed:97:d2:23:a2:cb:07:b3:52:2e:2b:
99:36:b2:40:d9:a3:52:af:b3:00:0e:dc:42:23:8d:63:48:bd:
69:72:08:03:78:dc:7e:36:a8:11:9d:65:75:a3:d1:99:22:f6:
03:15:3c:e5:65:bb:01:f4:2a:93:98:89:87:ba:d2:f4:7f:0c:
2c:aa:aa:6c:ae:3d:85:61:9b:2c:dc:77:93:16:5d:c5:ec:2a:
37:97:d7:fa:9b:bf:99:5b:ea:0d:a1:f9:69:df:bb:86:a2:87:
0d:1e:15:fb:51:f0:85:84:71:c0:b1:c2:2a:72:76:db:4a:f9:
42:45:ed:64:46:82:2c:04:87:50:62:6d:39:0c:d0:4e:a1:fe:
d4:c5:e3:a3:a1:a1:31:9d:09:73:24:c9:5a:23:1d:f3:53:13:
44:2d:79:fa:24:90:7d:c5:e9:f6:77:cf:f5:e2:21:5a:e7:11:
0c:ae:50:df:a6:0c:1b:5e:5a:bf:bf:34:d5:bc:3f:ba:43:60:
3e:d0:04:12
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBgOQ/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjZkOWQ1MGIzYjg5ZDUxYzhhYTI0OTNlN2VmNDcwMWQ2MjUxZGFkMB4XDTIyMDEw
MTE2MDEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQxMmM3ZjkwNjkz
MTA1M2Q4N2ZkMDIyZmQxNzAyZjM2OWRmNzk1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqKlv50RT3jD5MjtuP5NNW1EXNpm1w15ZhBCSCdF615wFeg
ovsas/kuCOOibi+W8kWXW5lk4JQ13z4z8tUaEy0sOgLhW3oNQIaqfyEaja9P0bTn
igNElfmFOtIBEJNq+ok4ddp+8rdSmQOiBPbam/S8fA56MkROlky31NiC3uBLTgnq
dzpOstSIQxBKKq/zpjy35lhKCx+RSBUUSoW8KhPXF8zNpNZubAVbyuqlwqFLfqyN
40unxe14epz/lnJJ4/zRTgYHvS4OdRCwL1Q0udm0tnu4ydsg7GjoMF64lltrs37x
7DtGV4LZ8quozbtgPCJUhEjQwxns3XnDCs3LADkCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSdEsf5BpMQU9h/0CL9FwLzad95WjAfBgNVHSMEGDAWgBTGbZ1Qs7idUciq
JJPn70cB1iUdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3htMmRVTE80blZISXFpU1Q1LTlIQWRZbEhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvNGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8x
L25STEgtUWFURUZQWWY5QWlfUmNDODJuZmVWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
NGJiNzRiLThkNmQtNDUxNC1hMzljLWI3YzU3OGI3NGUzNS8xL3htMmRVTE80blZI
SXFpU1Q1LTlIQWRZbEhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoN9AcQATANBgkqhkiG9w0BAQsF
AAOCAQEAStsx1ztIH0rYvl9pcjxJwUNU/EH9sDk5b45F+DxHGOlq2FlUVJ6gvMtp
17qSrI9Rsp5YGDS4ryfno96qje2X0iOiywezUi4rmTayQNmjUq+zAA7cQiONY0i9
aXIIA3jcfjaoEZ1ldaPRmSL2AxU85WW7AfQqk5iJh7rS9H8MLKqqbK49hWGbLNx3
kxZdxewqN5fX+pu/mVvqDaH5ad+7hqKHDR4V+1HwhYRxwLHCKnJ220r5QkXtZEaC
LASHUGJtOQzQTqH+1MXjo6GhMZ0JcyTJWiMd81MTRC15+iSQfcXp9nfP9eIhWucR
DK5Q36YMG15av7801bw/ukNgPtAEEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org