Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/NlqfED-L_VffU8skke4aVFPJ6PQ.roa
File: NlqfED-L_VffU8skke4aVFPJ6PQ.roa (raw, json)
Hash identifier: 4IcOkKQW015F8OnfdVnVOc8RDBs15245QC/bdnakCb0=
Subject key identifier: 36:5A:9F:10:3F:8B:FD:57:DF:53:CB:24:91:EE:1A:54:53:C9:E8:F4
Certificate issuer: /CN=e5ed022a213d21a0cdf987f0ff1b88a9fafff588
Certificate serial: ED6A
Authority key identifier: E5:ED:02:2A:21:3D:21:A0:CD:F9:87:F0:FF:1B:88:A9:FA:FF:F5:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5e0CKiE9IaDN-Yfw_xuIqfr_9Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/NlqfED-L_VffU8skke4aVFPJ6PQ.roa
Signing time: Fri 14 Jan 2022 18:05:35 +0000
ROA not before: Fri 14 Jan 2022 18:05:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a11:7280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60778 (0xed6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5ed022a213d21a0cdf987f0ff1b88a9fafff588
Validity
Not Before: Jan 14 18:05:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=365a9f103f8bfd57df53cb2491ee1a5453c9e8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:35:44:3f:c4:66:c6:38:f8:42:d6:98:c3:af:
cc:03:0f:c4:b7:5d:2c:24:b4:e0:e4:1b:52:2a:b1:
dd:83:9a:c7:f2:09:40:eb:83:c5:39:61:a5:e2:8e:
cd:e3:7d:d2:b3:1e:e1:02:91:da:05:7f:70:cc:b8:
aa:b9:5d:92:c2:73:cd:a2:62:b8:ac:72:0f:6b:a5:
54:83:54:e4:02:e5:17:9c:9f:ca:66:31:e5:72:b7:
0d:c8:57:3f:f4:ef:f5:dc:11:39:d5:db:6e:f6:2e:
70:22:b9:ab:2f:40:aa:22:7d:a5:c6:a7:b2:9a:06:
84:c0:1b:f6:fd:6b:e5:ef:70:4a:7a:9a:a7:a1:0c:
90:77:41:9e:1c:65:f9:5e:04:81:67:f7:57:73:44:
95:b5:e5:e4:57:bf:a3:f8:59:a2:a3:f2:9d:7f:5a:
f2:fc:a6:09:77:aa:49:5d:4c:75:1d:1e:90:e9:eb:
25:ca:c3:b3:62:ba:db:16:5f:00:21:38:50:69:da:
5e:50:79:fd:7f:8b:01:95:d7:1b:67:5e:33:d3:b3:
64:c8:4d:74:69:49:49:eb:4f:9f:e5:c3:29:8c:05:
fb:fa:9c:22:ce:b7:a9:79:e2:30:02:df:3a:d0:9e:
b3:53:f5:3c:a8:29:8d:94:4c:ca:b6:aa:16:bf:ba:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:5A:9F:10:3F:8B:FD:57:DF:53:CB:24:91:EE:1A:54:53:C9:E8:F4
X509v3 Authority Key Identifier:
keyid:E5:ED:02:2A:21:3D:21:A0:CD:F9:87:F0:FF:1B:88:A9:FA:FF:F5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e0CKiE9IaDN-Yfw_xuIqfr_9Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/NlqfED-L_VffU8skke4aVFPJ6PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8b011e-41cf-4d06-ab24-7270af08aff1/1/5e0CKiE9IaDN-Yfw_xuIqfr_9Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7280::/29
Signature Algorithm: sha256WithRSAEncryption
68:c1:14:76:51:53:8b:3d:ba:eb:8e:d3:8e:48:17:e9:3c:e3:
ea:41:07:63:ce:6a:3b:c1:50:84:31:9f:a9:48:66:2b:d2:9e:
e8:2c:f5:1e:a0:a0:14:a8:9f:91:a9:5d:00:91:11:44:9e:36:
d1:b3:c2:7a:b9:c9:d7:e6:10:ea:c4:ce:a6:5f:11:31:ea:7e:
c4:f5:fc:9c:c8:8f:56:d7:50:a1:f4:a0:de:49:f8:21:21:2b:
1f:81:95:f6:93:26:bc:16:78:bd:23:ff:5e:48:1c:a8:c1:ef:
86:89:c2:3f:7c:03:ca:f0:da:25:aa:4d:0f:e6:82:40:b3:79:
ec:bd:e3:ba:ec:c9:3a:aa:3d:08:85:f4:00:43:fd:0b:18:3c:
fb:01:84:32:79:aa:66:5a:72:b8:5f:2e:97:e3:60:0c:51:dd:
82:25:3a:81:2a:7c:85:db:de:da:15:1b:c3:f5:88:ca:31:77:
3f:cc:72:00:ed:f3:24:3e:b4:ee:26:fb:ce:c9:e2:6b:b4:10:
c3:04:da:f4:92:6c:bf:0b:20:a8:c0:79:c9:cb:40:0e:7c:34:
7e:bd:78:21:73:aa:6d:37:34:35:55:5c:5b:16:37:2d:8b:7e:
75:bc:a9:04:09:94:fa:9e:95:2f:c1:8e:6c:9d:5a:42:a7:1c:
09:a2:26:25
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDAO1qMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU1
ZWQwMjJhMjEzZDIxYTBjZGY5ODdmMGZmMWI4OGE5ZmFmZmY1ODgwHhcNMjIwMTE0
MTgwNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNjVhOWYxMDNmOGJm
ZDU3ZGY1M2NiMjQ5MWVlMWE1NDUzYzllOGY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxTVEP8Rmxjj4QtaYw6/MAw/Et10sJLTg5BtSKrHdg5rH8glA
64PFOWGl4o7N433Ssx7hApHaBX9wzLiquV2SwnPNomK4rHIPa6VUg1TkAuUXnJ/K
ZjHlcrcNyFc/9O/13BE51dtu9i5wIrmrL0CqIn2lxqeymgaEwBv2/Wvl73BKepqn
oQyQd0GeHGX5XgSBZ/dXc0SVteXkV7+j+Fmio/Kdf1ry/KYJd6pJXUx1HR6Q6esl
ysOzYrrbFl8AIThQadpeUHn9f4sBldcbZ14z07NkyE10aUlJ60+f5cMpjAX7+pwi
zrepeeIwAt860J6zU/U8qCmNlEzKtqoWv7rb8wIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFDZanxA/i/1X31PLJJHuGlRTyej0MB8GA1UdIwQYMBaAFOXtAiohPSGgzfmH
8P8biKn6//WIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NWUwQ0tpRTlJYUROLVlmd194dUlxZnJfOVlnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMC84YjAxMWUtNDFjZi00ZDA2LWFiMjQtNzI3MGFmMDhhZmYxLzEv
TmxxZkVELUxfVmZmVThza2tlNGFWRlBKNlBRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84
YjAxMWUtNDFjZi00ZDA2LWFiMjQtNzI3MGFmMDhhZmYxLzEvNWUwQ0tpRTlJYURO
LVlmd194dUlxZnJfOVlnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFygDANBgkqhkiG9w0BAQsFAAOC
AQEAaMEUdlFTiz26647TjkgX6Tzj6kEHY85qO8FQhDGfqUhmK9Ke6Cz1HqCgFKif
kaldAJERRJ420bPCernJ1+YQ6sTOpl8RMep+xPX8nMiPVtdQofSg3kn4ISErH4GV
9pMmvBZ4vSP/XkgcqMHvhonCP3wDyvDaJapND+aCQLN57L3juuzJOqo9CIX0AEP9
Cxg8+wGEMnmqZlpyuF8ul+NgDFHdgiU6gSp8hdve2hUbw/WIyjF3P8xyAO3zJD60
7ib7zsnia7QQwwTa9JJsvwsgqMB5yctADnw0fr14IXOqbTc0NVVcWxY3LYt+dbyp
BAmU+p6VL8GObJ1aQqccCaImJQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:21 2023 by rpki-client on console-fra.rpki-client.org