Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nSZLAAhNKTQBZ4mKpAYKmTHg5uA.roa
File: nSZLAAhNKTQBZ4mKpAYKmTHg5uA.roa (raw, json)
Hash identifier: NEhcwgCJP8Rn7wsOhZvJsjfNNQjf6hBuEG5rO3MlEwg=
Subject key identifier: 9D:26:4B:00:08:4D:29:34:01:67:89:8A:A4:06:0A:99:31:E0:E6:E0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018AEECDCFD540800C2787CE9B69ADA0694D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nSZLAAhNKTQBZ4mKpAYKmTHg5uA.roa
Signing time: Mon 02 Oct 2023 05:12:59 +0000
ROA not before: Mon 02 Oct 2023 05:12:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 2a0a:2d00:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ee:cd:cf:d5:40:80:0c:27:87:ce:9b:69:ad:a0:69:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 2 05:12:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d264b00084d29340167898aa4060a9931e0e6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bc:33:f6:04:51:16:a7:93:09:5b:4b:55:1e:
12:50:c0:cf:ee:7a:d7:48:38:35:6a:fe:1d:92:0b:
0c:1e:91:33:70:1c:4c:4a:c7:37:24:a4:c2:8b:f3:
b9:d4:4b:bd:cb:3a:b2:7d:a6:c1:0e:08:fc:56:b1:
e0:df:a8:6e:2b:7f:6a:2e:e7:02:36:10:e8:a7:87:
5f:b9:7f:fd:ea:68:03:ed:b0:47:d2:ff:22:63:f7:
d2:35:86:0e:76:fc:ad:5c:6c:28:2a:57:c7:df:c2:
7a:1f:c4:7f:47:24:97:12:e2:9b:64:55:c8:38:d4:
95:9c:21:77:e7:79:f1:60:c4:0b:0e:01:58:0f:27:
f2:76:69:b1:90:b8:58:50:89:38:4f:81:cf:08:c1:
1b:ae:52:a9:e6:a7:85:c9:8e:0c:1f:4d:89:97:76:
6c:27:7f:d3:68:74:da:e5:cf:cb:d2:ab:77:3d:75:
57:84:1b:24:83:3d:1a:3c:12:59:38:29:d4:b8:75:
6e:e3:b2:29:72:4a:21:de:65:e2:c4:4c:93:d4:68:
85:c9:da:ff:ec:c0:2d:3b:ab:2f:3f:70:e0:03:5d:
e2:26:42:4d:a3:52:d8:af:c7:60:20:c2:e9:ba:cd:
0d:01:fc:f9:54:fd:b2:61:45:4c:39:ef:ad:24:ce:
81:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:26:4B:00:08:4D:29:34:01:67:89:8A:A4:06:0A:99:31:E0:E6:E0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nSZLAAhNKTQBZ4mKpAYKmTHg5uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:3::/48
Signature Algorithm: sha256WithRSAEncryption
bc:5f:22:ac:c9:a8:f5:98:23:b7:5d:df:5a:2f:69:ea:f9:af:
9e:30:46:98:15:26:51:60:e4:e3:be:2f:04:4e:44:21:09:fd:
0b:16:50:5a:54:19:b2:0a:d5:36:f7:07:c8:45:a1:dc:a9:c0:
08:27:29:d8:ae:27:b8:a0:3a:64:63:0d:31:68:25:53:71:ad:
91:03:4d:d4:92:9c:ab:33:81:ca:36:bb:de:1a:da:c9:08:b1:
1f:25:e2:82:dd:53:cf:a5:55:f1:1b:09:d3:be:7f:0a:6c:8b:
57:fb:2b:da:89:27:45:d1:bb:46:65:c0:f4:aa:ca:22:b1:a3:
8f:a4:d8:37:6e:5e:db:d5:08:46:1d:98:68:76:ab:21:5d:2b:
39:26:b4:d7:8e:5c:d9:64:6b:77:09:f4:82:09:90:c8:3b:7c:
9e:84:4e:9a:96:83:b7:ff:78:25:26:55:a5:49:6c:91:10:bf:
3c:47:1b:e8:05:de:3e:ad:b1:5e:b3:8e:5a:cf:67:51:82:f5:
25:61:2d:d8:79:97:a1:ea:8c:55:57:05:56:d4:c5:a7:57:b6:
02:d5:e4:8c:9c:cc:58:9e:17:de:e4:82:ba:70:ce:ce:ba:ff:
b5:0e:d3:93:32:0c:2b:a6:ab:3d:0c:02:44:5c:3c:ce:6f:33:
3a:66:69:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYruzc/VQIAMJ4fOm2mtoGlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMDAyMDUxMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI2NGIwMDA4NGQyOTM0MDE2Nzg5OGFhNDA2MGE5OTMxZTBlNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7wz9gRRFqeTCVtLVR4SUMDP7nrX
SDg1av4dkgsMHpEzcBxMSsc3JKTCi/O51Eu9yzqyfabBDgj8VrHg36huK39qLucC
NhDop4dfuX/96mgD7bBH0v8iY/fSNYYOdvytXGwoKlfH38J6H8R/RySXEuKbZFXI
ONSVnCF353nxYMQLDgFYDyfydmmxkLhYUIk4T4HPCMEbrlKp5qeFyY4MH02Jl3Zs
J3/TaHTa5c/L0qt3PXVXhBskgz0aPBJZOCnUuHVu47Ipckoh3mXixEyT1GiFydr/
7MAtO6svP3DgA13iJkJNo1LYr8dgIMLpus0NAfz5VP2yYUVMOe+tJM6BMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ0mSwAITSk0AWeJiqQGCpkx4ObgMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvblNaTEFBaE5LVFFCWjRtS3BBWUttVEhnNXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgotAAAD
MA0GCSqGSIb3DQEBCwUAA4IBAQC8XyKsyaj1mCO3Xd9aL2nq+a+eMEaYFSZRYOTj
vi8ETkQhCf0LFlBaVBmyCtU29wfIRaHcqcAIJynYrie4oDpkYw0xaCVTca2RA03U
kpyrM4HKNrveGtrJCLEfJeKC3VPPpVXxGwnTvn8KbItX+yvaiSdF0btGZcD0qsoi
saOPpNg3bl7b1QhGHZhodqshXSs5JrTXjlzZZGt3CfSCCZDIO3yehE6aloO3/3gl
JlWlSWyREL88RxvoBd4+rbFes45az2dRgvUlYS3YeZeh6oxVVwVW1MWnV7YC1eSM
nMxYnhfe5IK6cM7Ouv+1DtOTMgwrpqs9DAJEXDzObzM6ZmmN
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:00:32 2025 by rpki-client