Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/NZXSpxI_AonafZNuQnGM3rx28TA.roa
File: NZXSpxI_AonafZNuQnGM3rx28TA.roa (raw, json)
Hash identifier: dwhy1JynOjLC3lqjSfop/IabU1e1iwgsnLqI5Og9cZU=
Subject key identifier: 35:95:D2:A7:12:3F:02:89:DA:7D:93:6E:42:71:8C:DE:BC:76:F1:30
Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31
Certificate serial: 0183C604573929E73AD32D87EB5D25E53EEF
Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/NZXSpxI_AonafZNuQnGM3rx28TA.roa
Signing time: Tue 11 Oct 2022 07:48:36 +0000
ROA not before: Tue 11 Oct 2022 07:48:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48732
IP address blocks: 2a11:601::/32 maxlen: 32
2a11:600:150::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:04:57:39:29:e7:3a:d3:2d:87:eb:5d:25:e5:3e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31
Validity
Not Before: Oct 11 07:48:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3595d2a7123f0289da7d936e42718cdebc76f130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:31:04:68:9b:6e:11:53:bd:f1:1e:96:2e:32:
5b:28:21:d5:a2:2a:ac:89:c1:69:39:a0:cc:5c:36:
90:ff:e7:d2:20:12:3a:e6:50:b8:b1:4c:ff:79:4b:
c1:1f:37:13:f4:0a:7f:f7:43:c9:1f:a1:95:b0:ed:
b2:c9:94:7e:73:4f:3c:fa:ac:8b:fa:de:2d:43:c8:
84:5b:fb:b7:cf:b6:c1:8c:92:97:74:0e:d6:ac:2e:
b4:dd:c8:69:80:a1:f0:66:da:bc:20:8a:5c:cc:97:
c5:3d:52:54:30:2c:d0:1a:72:61:c1:69:74:c0:c1:
6e:56:f8:e7:9e:dd:88:7a:10:0c:8d:49:55:e9:e8:
73:47:16:e3:d1:8c:56:c0:f9:db:29:00:df:22:e8:
56:9d:59:bb:04:0e:3d:af:fc:08:f4:19:ae:51:2a:
83:c2:f5:b1:eb:dd:f9:fd:9a:b6:27:ef:63:b2:94:
94:7a:1d:2d:b6:86:24:e1:46:8a:8e:f1:ca:37:ec:
7c:1c:a7:5a:f8:a5:5f:29:d6:3f:19:b1:87:43:52:
73:9a:8f:d3:5b:ba:2c:ab:55:75:7a:de:b2:7d:5a:
f2:35:e5:c2:5a:64:10:07:9e:fd:0f:03:69:6d:7a:
da:3d:bd:e1:41:60:4b:42:9b:2f:d3:f7:af:51:36:
c8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:95:D2:A7:12:3F:02:89:DA:7D:93:6E:42:71:8C:DE:BC:76:F1:30
X509v3 Authority Key Identifier:
keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/NZXSpxI_AonafZNuQnGM3rx28TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:600:150::/48
2a11:601::/32
Signature Algorithm: sha256WithRSAEncryption
52:4f:eb:36:16:92:77:c7:f4:6e:d4:e2:20:5c:e1:b0:da:62:
b0:9a:73:c1:a9:40:da:b8:ed:be:c4:8f:b1:83:1c:b8:d6:fc:
1b:c7:f1:e8:fa:56:62:ff:8b:eb:2c:c8:4c:3e:33:1c:e9:a9:
c7:79:e6:fe:73:ea:7a:e2:cb:ae:d0:63:a8:50:e7:5c:b5:1c:
ec:cb:63:1f:05:5f:94:92:cb:85:90:31:d7:c0:88:e5:2c:31:
3f:bf:fe:43:49:bf:73:01:2d:6d:4f:a0:f6:27:16:64:f2:69:
d0:44:1d:54:e0:f7:7a:f1:63:2f:e6:1a:e1:a4:4f:9c:c7:ee:
99:42:a1:e4:8a:fc:77:ed:e9:1b:da:e8:50:df:b7:e9:3d:d2:
e3:32:b3:8f:be:3b:f8:e0:55:b6:c9:d6:77:8f:1d:ff:4d:ba:
d8:93:d9:2d:d3:6e:7e:4f:49:11:68:81:37:9b:50:3d:fe:f8:
a4:3c:bf:9f:2c:da:ef:f6:3e:0b:27:1e:b6:92:94:24:ae:0d:
95:33:83:ec:e5:8c:9f:46:cd:d9:f1:87:93:7a:27:18:8b:6a:
fe:8c:68:9f:2d:d2:7d:d5:be:1b:09:57:57:0f:c6:f4:59:8d:
74:18:bb:5a:b6:f9:c7:ad:79:76:c7:a1:0e:39:0a:9a:6b:9f:
cb:44:20:65
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYPGBFc5Kec60y2H610l5T7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz
NDdiMzEwHhcNMjIxMDExMDc0ODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk1ZDJhNzEyM2YwMjg5ZGE3ZDkzNmU0MjcxOGNkZWJjNzZmMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TEEaJtuEVO98R6WLjJbKCHVoiqs
icFpOaDMXDaQ/+fSIBI65lC4sUz/eUvBHzcT9Ap/90PJH6GVsO2yyZR+c088+qyL
+t4tQ8iEW/u3z7bBjJKXdA7WrC603chpgKHwZtq8IIpczJfFPVJUMCzQGnJhwWl0
wMFuVvjnnt2IehAMjUlV6ehzRxbj0YxWwPnbKQDfIuhWnVm7BA49r/wI9BmuUSqD
wvWx6935/Zq2J+9jspSUeh0ttoYk4UaKjvHKN+x8HKda+KVfKdY/GbGHQ1Jzmo/T
W7osq1V1et6yfVryNeXCWmQQB579DwNpbXraPb3hQWBLQpsv0/evUTbIawIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDWV0qcSPwKJ2n2TbkJxjN68dvEwMB8GA1UdIwQY
MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt
YjY0ZWI4ZDgzNjU4LzEvTlpYU3B4SV9Bb25hZlpOdVFuR00zcngyOFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4
LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKhEGAAFQ
AwUAKhEGATANBgkqhkiG9w0BAQsFAAOCAQEAUk/rNhaSd8f0btTiIFzhsNpisJpz
walA2rjtvsSPsYMcuNb8G8fx6PpWYv+L6yzITD4zHOmpx3nm/nPqeuLLrtBjqFDn
XLUc7MtjHwVflJLLhZAx18CI5SwxP7/+Q0m/cwEtbU+g9icWZPJp0EQdVOD3evFj
L+Ya4aRPnMfumUKh5Ir8d+3pG9roUN+36T3S4zKzj747+OBVtsnWd48d/0262JPZ
LdNufk9JEWiBN5tQPf74pDy/nyza7/Y+CycetpKUJK4NlTOD7OWMn0bN2fGHk3on
GItq/oxony3SfdW+GwlXVw/G9FmNdBi7Wrb5x615dsehDjkKmmufy0QgZQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:53 2023 by rpki-client on console-fra.rpki-client.org