Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/NiVkwGm-ZtnWRWjAhM_8qX2esMA.roa
File: NiVkwGm-ZtnWRWjAhM_8qX2esMA.roa (raw, json)
Hash identifier: sSQAEld2MxjEZItke8aJrruhcjysmn4wM7sKPe6PytE=
Subject key identifier: 36:25:64:C0:69:BE:66:D9:D6:45:68:C0:84:CF:FC:A9:7D:9E:B0:C0
Certificate issuer: /CN=d0799179e6398b8abf99c2d451d1f7ce5fca8672
Certificate serial: 0744DAA4
Authority key identifier: D0:79:91:79:E6:39:8B:8A:BF:99:C2:D4:51:D1:F7:CE:5F:CA:86:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0HmReeY5i4q_mcLUUdH3zl_KhnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/NiVkwGm-ZtnWRWjAhM_8qX2esMA.roa
Signing time: Sat 01 Jan 2022 05:53:56 +0000
ROA not before: Sat 01 Jan 2022 05:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398481
IP address blocks: 2a0f:542::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121952932 (0x744daa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0799179e6398b8abf99c2d451d1f7ce5fca8672
Validity
Not Before: Jan 1 05:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=362564c069be66d9d64568c084cffca97d9eb0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ef:5f:46:d9:16:d1:a9:e1:59:f0:b2:55:0d:
54:2f:66:cf:4c:e7:ef:d8:47:e5:d7:ae:7b:c2:17:
5a:ae:67:07:2b:d4:b8:a0:9f:8a:a0:14:51:dc:28:
f6:28:f8:07:f1:40:35:11:df:6e:2e:4d:00:16:39:
b4:b0:5f:a1:a4:57:41:82:df:a0:e8:c1:bc:0f:db:
a5:4e:5b:72:35:16:e8:1e:ee:90:bd:8e:2b:d2:b9:
bb:94:a9:33:cb:91:05:69:e6:8f:bd:bc:f6:c5:9d:
50:b7:30:ee:49:0b:ae:ac:7a:13:66:c6:79:ad:bb:
54:3d:9e:0c:d2:ed:39:bd:60:0f:08:b1:78:f4:9c:
c8:ad:99:96:1c:91:8f:48:77:c9:36:fe:b1:16:27:
24:66:bb:f8:75:3f:28:64:40:64:fc:dd:e0:43:0b:
ba:1a:a0:79:53:b0:8f:dc:f5:e4:74:0b:77:92:c3:
96:e3:f4:a9:42:86:59:f2:a6:f7:ca:be:9d:dc:05:
52:da:32:16:d9:23:99:74:f5:5e:96:e4:0f:1b:a2:
61:94:68:8a:2c:02:76:6d:21:15:ef:ef:1c:79:ae:
0f:12:53:1c:f8:61:b6:31:3d:53:cd:cf:22:80:a3:
95:28:f4:23:de:5b:6c:33:e2:85:47:d9:96:f7:fe:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:25:64:C0:69:BE:66:D9:D6:45:68:C0:84:CF:FC:A9:7D:9E:B0:C0
X509v3 Authority Key Identifier:
keyid:D0:79:91:79:E6:39:8B:8A:BF:99:C2:D4:51:D1:F7:CE:5F:CA:86:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0HmReeY5i4q_mcLUUdH3zl_KhnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/NiVkwGm-ZtnWRWjAhM_8qX2esMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7c21c2-8a28-4243-b65d-a05725f9d780/1/0HmReeY5i4q_mcLUUdH3zl_KhnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:542::/32
Signature Algorithm: sha256WithRSAEncryption
7b:07:38:57:07:4d:50:d0:2d:a8:a4:cd:b5:83:91:8b:b0:48:
87:e4:08:5f:66:97:91:0a:59:a3:d3:d4:f4:57:aa:9d:5b:d1:
ae:a1:95:3a:2d:76:57:26:5e:34:d8:19:8e:97:e2:0d:44:16:
ad:f8:74:3b:fb:6d:6f:39:f4:41:be:cf:d3:f4:a8:4e:64:86:
96:c4:fb:48:96:dd:c7:60:e9:f2:4f:85:7e:a9:90:e1:63:ba:
e3:7b:da:75:44:e9:24:24:84:ad:0b:8e:8b:57:8c:db:99:52:
45:dc:d1:a1:d2:fd:84:11:45:47:32:0c:69:e1:8c:c3:c3:11:
ba:ab:40:3f:b4:4f:1d:04:01:81:53:1f:53:ff:88:62:f8:36:
e7:d0:f2:37:9a:84:15:c8:44:1d:f3:b1:7f:8e:d3:c8:80:a8:
6f:d5:13:c6:f5:c6:d8:f1:e5:a3:9b:7a:7f:9a:3c:c1:35:9a:
8c:be:f6:c1:eb:56:ce:60:1a:04:45:76:5e:43:44:5c:b8:a2:
b7:03:3c:84:52:a5:95:6a:20:3c:e2:c3:81:e8:06:b5:86:b1:
67:83:3a:da:37:a2:27:9e:ad:0b:87:a1:31:2e:85:f0:e3:ae:
29:7f:de:66:57:05:f3:ca:00:b3:1f:6c:80:79:e2:3b:bf:20:
50:e5:7e:15
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEB0TapDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDc5OTE3OWU2Mzk4YjhhYmY5OWMyZDQ1MWQxZjdjZTVmY2E4NjcyMB4XDTIyMDEw
MTA1NTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzYyNTY0YzA2OWJl
NjZkOWQ2NDU2OGMwODRjZmZjYTk3ZDllYjBjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3vX0bZFtGp4VnwslUNVC9mz0zn79hH5deue8IXWq5nByvU
uKCfiqAUUdwo9ij4B/FANRHfbi5NABY5tLBfoaRXQYLfoOjBvA/bpU5bcjUW6B7u
kL2OK9K5u5SpM8uRBWnmj7289sWdULcw7kkLrqx6E2bGea27VD2eDNLtOb1gDwix
ePScyK2ZlhyRj0h3yTb+sRYnJGa7+HU/KGRAZPzd4EMLuhqgeVOwj9z15HQLd5LD
luP0qUKGWfKm98q+ndwFUtoyFtkjmXT1XpbkDxuiYZRoiiwCdm0hFe/vHHmuDxJT
HPhhtjE9U83PIoCjlSj0I95bbDPihUfZlvf+DSMCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQ2JWTAab5m2dZFaMCEz/ypfZ6wwDAfBgNVHSMEGDAWgBTQeZF55jmLir+Z
wtRR0ffOX8qGcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBIbVJlZVk1aTRxX21jTFVVZEgzemxfS2huSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvN2MyMWMyLThhMjgtNDI0My1iNjVkLWEwNTcyNWY5ZDc4MC8x
L05pVmt3R20tWnRuV1JXakFoTV84cVgyZXNNQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
N2MyMWMyLThhMjgtNDI0My1iNjVkLWEwNTcyNWY5ZDc4MC8xLzBIbVJlZVk1aTRx
X21jTFVVZEgzemxfS2huSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoPBUIwDQYJKoZIhvcNAQELBQAD
ggEBAHsHOFcHTVDQLaikzbWDkYuwSIfkCF9ml5EKWaPT1PRXqp1b0a6hlTotdlcm
XjTYGY6X4g1EFq34dDv7bW859EG+z9P0qE5khpbE+0iW3cdg6fJPhX6pkOFjuuN7
2nVE6SQkhK0LjotXjNuZUkXc0aHS/YQRRUcyDGnhjMPDEbqrQD+0Tx0EAYFTH1P/
iGL4NufQ8jeahBXIRB3zsX+O08iAqG/VE8b1xtjx5aOben+aPME1moy+9sHrVs5g
GgRFdl5DRFy4orcDPIRSpZVqIDziw4HoBrWGsWeDOto3oieerQuHoTEuhfDjril/
3mZXBfPKALMfbIB54ju/IFDlfhU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:53 2023 by rpki-client on console-fra.rpki-client.org