Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Nk5qVIjGpcQqz6aLXaAl3pm5dFk.roa
File: Nk5qVIjGpcQqz6aLXaAl3pm5dFk.roa (raw, json)
Hash identifier: omYIBn65PjkbK0NvBguPBSG9AcGBhvkA7JdtVU1Nhyw=
Subject key identifier: 36:4E:6A:54:88:C6:A5:C4:2A:CF:A6:8B:5D:A0:25:DE:99:B9:74:59
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0186C2567C676610FA0F8C4B22CBEC166FCF
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Nk5qVIjGpcQqz6aLXaAl3pm5dFk.roa
Signing time: Wed 08 Mar 2023 17:48:13 +0000
ROA not before: Wed 08 Mar 2023 17:48:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a11:a780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c2:56:7c:67:66:10:fa:0f:8c:4b:22:cb:ec:16:6f:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Mar 8 17:48:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=364e6a5488c6a5c42acfa68b5da025de99b97459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a4:1f:d1:e3:ff:e3:ed:6c:ab:9c:82:e4:4c:
3e:fd:bb:6c:41:a2:19:14:28:36:01:00:ea:8d:4a:
4b:0a:44:04:4f:7e:15:1e:2b:1d:76:60:f1:20:34:
b4:f9:6f:12:5d:90:b1:89:b0:b6:30:fb:54:43:fc:
65:66:4c:ed:b7:3f:45:98:dd:98:be:41:33:60:d4:
77:db:88:0e:d0:a1:22:9f:a8:08:ff:e1:c5:4f:c5:
75:ab:59:d6:d4:f1:d4:a6:71:b7:3c:51:47:05:f9:
7d:2f:10:f8:60:2b:1a:9e:89:f7:2b:15:8a:8d:bc:
aa:6d:6b:09:07:80:ec:8c:12:9c:6c:51:2e:a4:fb:
2d:57:c2:c6:ea:b1:f0:e6:9e:52:91:5a:56:3f:d4:
9f:fa:9e:be:4c:4d:fe:66:20:79:5c:1e:f5:e9:2c:
f7:99:8e:d1:5a:1b:7b:35:c4:f4:49:b3:db:da:f9:
17:a5:1c:d9:65:ef:c2:fd:cf:21:ce:fc:dc:21:ce:
55:66:c3:41:e1:f4:48:46:15:01:34:e0:86:46:13:
15:b1:45:df:0b:a0:78:a2:b6:6b:95:5f:d7:b1:5f:
e9:be:15:a4:f6:28:b0:37:8b:22:c3:e5:62:a9:9e:
1f:6e:ac:a2:04:e0:06:f2:46:c1:02:ce:3a:ee:0f:
a7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4E:6A:54:88:C6:A5:C4:2A:CF:A6:8B:5D:A0:25:DE:99:B9:74:59
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Nk5qVIjGpcQqz6aLXaAl3pm5dFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a780::/29
Signature Algorithm: sha256WithRSAEncryption
0d:6e:5a:00:53:c8:ef:8e:9a:23:49:42:64:ce:3d:23:1d:58:
c2:d5:d4:24:70:1d:4c:47:d4:5a:62:a9:65:d2:c3:5b:79:87:
5e:87:48:0c:9a:a6:cf:6a:64:3e:50:0d:f5:f2:3c:01:b9:f3:
5b:8f:b4:4e:20:ef:99:15:33:72:dc:62:69:2f:0d:af:ee:25:
35:56:b3:80:a3:1b:55:44:bc:f4:ad:31:f5:c6:6c:4f:e0:32:
3c:7b:be:e7:9e:90:8c:f8:c4:ea:e6:e2:f0:4a:67:c8:3c:1d:
3f:20:4a:84:2a:2d:c8:46:7c:97:8b:2e:5f:95:a2:89:57:df:
ad:f8:ff:ae:a8:2d:77:c9:2f:7d:28:15:bd:97:c4:43:23:97:
c9:c7:91:e5:4b:66:86:8b:09:cf:94:b6:d2:4c:4b:72:d6:4f:
82:ec:3c:01:57:f4:69:bd:67:53:e7:ac:46:5c:c5:b0:c1:5d:
17:9c:16:c0:4b:d3:d1:6b:19:58:5e:26:2e:2e:1e:06:50:7d:
93:8c:8c:dd:8e:0e:84:30:75:6f:56:87:9b:2d:5b:97:7a:f1:
e6:52:80:88:76:f7:92:c0:28:92:ea:bc:24:be:84:93:6e:c0:
9c:49:8e:23:60:a0:c4:ab:72:d0:a7:16:cb:ea:24:09:d6:46:
86:17:ca:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbCVnxnZhD6D4xLIsvsFm/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMzA4MTc0ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRlNmE1NDg4YzZhNWM0MmFjZmE2OGI1ZGEwMjVkZTk5Yjk3NDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aQf0eP/4+1sq5yC5Ew+/btsQaIZ
FCg2AQDqjUpLCkQET34VHisddmDxIDS0+W8SXZCxibC2MPtUQ/xlZkzttz9FmN2Y
vkEzYNR324gO0KEin6gI/+HFT8V1q1nW1PHUpnG3PFFHBfl9LxD4YCsanon3KxWK
jbyqbWsJB4DsjBKcbFEupPstV8LG6rHw5p5SkVpWP9Sf+p6+TE3+ZiB5XB716Sz3
mY7RWht7NcT0SbPb2vkXpRzZZe/C/c8hzvzcIc5VZsNB4fRIRhUBNOCGRhMVsUXf
C6B4orZrlV/XsV/pvhWk9iiwN4siw+ViqZ4fbqyiBOAG8kbBAs467g+neQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDZOalSIxqXEKs+mi12gJd6ZuXRZMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTms1cVZJakdwY1FxejZhTFhhQWwzcG01ZEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGngDAN
BgkqhkiG9w0BAQsFAAOCAQEADW5aAFPI746aI0lCZM49Ix1YwtXUJHAdTEfUWmKp
ZdLDW3mHXodIDJqmz2pkPlAN9fI8AbnzW4+0TiDvmRUzctxiaS8Nr+4lNVazgKMb
VUS89K0x9cZsT+AyPHu+556QjPjE6ubi8EpnyDwdPyBKhCotyEZ8l4suX5WiiVff
rfj/rqgtd8kvfSgVvZfEQyOXyceR5UtmhosJz5S20kxLctZPguw8AVf0ab1nU+es
RlzFsMFdF5wWwEvT0WsZWF4mLi4eBlB9k4yM3Y4OhDB1b1aHmy1bl3rx5lKAiHb3
ksAokuq8JL6Ek27AnEmOI2CgxKty0KcWy+okCdZGhhfKNw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:59 2025 by rpki-client