Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/nAyZzBB_MnMLQSHrtSKRUn4Oq2k.roa
File: nAyZzBB_MnMLQSHrtSKRUn4Oq2k.roa (raw, json)
Hash identifier: EkMf8p6rsa1UP0zimXdAV8Qtrm4rTu98CyD4B4aPsU8=
Subject key identifier: 9C:0C:99:CC:10:7F:32:73:0B:41:21:EB:B5:22:91:52:7E:0E:AB:69
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0182817E7A76B8FF6D8F22D70F4E79C16446
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/nAyZzBB_MnMLQSHrtSKRUn4Oq2k.roa
Signing time: Tue 09 Aug 2022 07:25:25 +0000
ROA not before: Tue 09 Aug 2022 07:25:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a09:ff00:102::/48 maxlen: 48
2a0d:ecc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:7e:7a:76:b8:ff:6d:8f:22:d7:0f:4e:79:c1:64:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 9 07:25:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c0c99cc107f32730b4121ebb52291527e0eab69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ce:66:d0:b1:46:7b:5d:3a:6a:6f:c3:1d:50:
1d:9f:81:89:60:a4:92:85:01:61:c1:78:5e:65:e5:
a4:66:b6:80:8d:60:62:ca:1c:b0:ab:9f:dd:68:58:
02:ed:b2:3b:de:bf:f6:ec:0f:9c:89:9d:d1:b0:df:
1a:93:42:83:cd:6a:f4:68:1d:c1:0c:a4:15:62:96:
8c:0c:f2:a9:7b:c0:87:ba:5e:1e:84:3d:c6:ec:47:
8b:4b:df:af:9d:9c:f6:c1:fc:a3:55:30:4f:f6:31:
4e:f7:03:17:4e:f4:07:f1:08:5e:72:11:2b:51:f7:
54:a7:25:f5:5b:68:eb:d6:51:9b:4e:15:68:a3:ce:
d3:a9:8a:b8:03:b4:58:29:2d:49:c2:be:46:f4:90:
df:b7:07:6c:7c:dc:31:ac:44:15:46:06:9c:97:e2:
50:99:1e:7d:07:03:ac:de:bc:a9:3d:8e:5d:10:04:
f5:d0:4b:43:b4:bf:a1:3b:2a:c2:87:09:1e:82:3a:
3e:9b:01:d1:cc:f6:bc:25:11:87:e7:12:1f:38:ae:
4b:c7:7b:86:ab:cc:a4:8b:51:42:7a:48:f5:41:ed:
76:4d:43:26:7b:ba:e0:50:50:cd:ce:06:b4:69:45:
f4:5b:c4:58:e5:dc:9d:16:f3:60:db:5b:4d:56:75:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0C:99:CC:10:7F:32:73:0B:41:21:EB:B5:22:91:52:7E:0E:AB:69
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/nAyZzBB_MnMLQSHrtSKRUn4Oq2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:ff00:102::/48
2a0d:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:23:45:c3:2d:c6:99:82:f0:45:5d:b0:dc:4f:a5:43:fc:d8:
21:44:85:d1:25:47:4d:27:52:e2:b4:79:6b:cc:87:e5:f7:b5:
00:db:ab:e4:21:2b:67:89:63:0c:b1:41:5b:9b:05:be:08:98:
7d:5c:19:a1:cd:6b:9f:d0:b7:80:e5:58:e7:40:0c:c1:98:3f:
84:26:4d:05:1e:13:9c:ed:d5:e5:19:80:d2:4f:d3:a2:32:6d:
c3:16:89:a4:39:4f:74:c2:1b:61:b7:6a:81:30:94:ee:c9:b5:
db:11:45:da:26:ea:88:74:fe:4f:9f:a5:dc:46:23:e8:a2:58:
bd:79:96:34:f6:ef:fd:60:64:8a:66:b7:a6:f0:d3:e5:c3:00:
08:cc:e2:73:6e:2c:d4:6b:73:3b:41:9c:0f:40:ea:78:67:68:
3c:47:24:a4:0e:7a:ab:d8:98:6c:3f:39:28:ec:c0:c1:34:b7:
23:34:79:10:a8:04:0e:47:fa:37:d8:32:82:ce:01:c5:ca:60:
b0:d1:93:a2:83:91:a0:07:b3:75:92:99:34:ee:e9:a8:b3:2f:
e5:8a:4e:d6:62:70:b6:d7:43:2b:7b:93:9f:3c:5d:03:44:ae:
1b:d9:a1:11:e4:ae:87:86:11:83:54:96:89:3f:92:1a:56:4b:
6f:11:4f:85
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYKBfnp2uP9tjyLXD055wWRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIwODA5MDcyNTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzBjOTljYzEwN2YzMjczMGI0MTIxZWJiNTIyOTE1MjdlMGVhYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1c5m0LFGe106am/DHVAdn4GJYKSS
hQFhwXheZeWkZraAjWBiyhywq5/daFgC7bI73r/27A+ciZ3RsN8ak0KDzWr0aB3B
DKQVYpaMDPKpe8CHul4ehD3G7EeLS9+vnZz2wfyjVTBP9jFO9wMXTvQH8QhechEr
UfdUpyX1W2jr1lGbThVoo87TqYq4A7RYKS1Jwr5G9JDftwdsfNwxrEQVRgacl+JQ
mR59BwOs3rypPY5dEAT10EtDtL+hOyrChwkegjo+mwHRzPa8JRGH5xIfOK5Lx3uG
q8yki1FCekj1Qe12TUMme7rgUFDNzga0aUX0W8RY5dydFvNg21tNVnX5KQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJwMmcwQfzJzC0Eh67UikVJ+DqtpMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvbkF5WnpCQl9Nbk1MUVNIcnRTS1JVbjRPcTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKgn/AAEC
AwUDKg3swDANBgkqhkiG9w0BAQsFAAOCAQEAGiNFwy3GmYLwRV2w3E+lQ/zYIUSF
0SVHTSdS4rR5a8yH5fe1ANur5CErZ4ljDLFBW5sFvgiYfVwZoc1rn9C3gOVY50AM
wZg/hCZNBR4TnO3V5RmA0k/TojJtwxaJpDlPdMIbYbdqgTCU7sm12xFF2ibqiHT+
T5+l3EYj6KJYvXmWNPbv/WBkima3pvDT5cMACMzic24s1GtzO0GcD0DqeGdoPEck
pA56q9iYbD85KOzAwTS3IzR5EKgEDkf6N9gygs4BxcpgsNGTooORoAezdZKZNO7p
qLMv5YpO1mJwttdDK3uTnzxdA0SuG9mhEeSuh4YRg1SWiT+SGlZLbxFPhQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org