Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/nxHQUxEXM3acZ_MRjbH-W_8gJ_8.roa
File: nxHQUxEXM3acZ_MRjbH-W_8gJ_8.roa (raw, json)
Hash identifier: MrWwOCGVVqTyqi7KxqYwAULS9ZWq8XWuAZc/bxGalfs=
Subject key identifier: 9F:11:D0:53:11:17:33:76:9C:67:F3:11:8D:B1:FE:5B:FF:20:27:FF
Certificate issuer: /CN=667d377dd4c830c246cb48a934699699e4b37741
Certificate serial: 018A6D437E5EE3A6F97A558AD0FEDE98DDDA
Authority key identifier: 66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/nxHQUxEXM3acZ_MRjbH-W_8gJ_8.roa
Signing time: Thu 07 Sep 2023 01:30:54 +0000
ROA not before: Thu 07 Sep 2023 01:30:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199116
IP address blocks: 2a09:6847::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6d:43:7e:5e:e3:a6:f9:7a:55:8a:d0:fe:de:98:dd:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667d377dd4c830c246cb48a934699699e4b37741
Validity
Not Before: Sep 7 01:30:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f11d053111733769c67f3118db1fe5bff2027ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5b:31:cd:57:14:84:0e:27:d1:01:dc:36:2f:
f7:fd:fe:9b:a9:85:05:17:b9:d3:5a:33:a1:ae:b4:
97:be:06:0b:eb:f3:8b:6c:d7:e4:95:db:43:12:db:
53:83:08:76:b4:3f:4e:06:24:a6:55:d8:e7:c5:15:
3a:f3:8c:0a:a5:55:c2:20:4e:6e:98:25:c3:f7:e1:
50:1e:a4:7d:c1:86:d5:20:a3:53:d6:2b:c7:cb:25:
2a:94:16:83:bb:c6:26:71:73:d2:01:ac:72:56:a0:
7a:39:b2:dc:1c:da:8c:9d:54:89:d6:74:98:13:69:
fe:37:92:d6:83:e0:80:5c:59:f8:e0:91:17:d2:be:
09:f3:6b:56:c0:e9:81:b5:ab:ed:6e:03:09:4f:c6:
3d:84:ad:81:1d:68:2b:3c:d4:99:17:7c:cc:da:51:
e1:e5:e2:f1:16:69:3b:d9:64:af:dc:39:66:a8:03:
dc:34:13:18:29:2a:c9:7f:ba:46:7e:c4:da:5d:51:
4c:98:d0:18:0a:6c:60:94:b6:45:a9:9e:13:f5:3b:
0d:73:d8:30:bf:95:da:3d:14:93:a5:b3:94:29:ff:
b0:ea:bd:a2:b9:a9:93:65:99:c5:63:09:d2:98:a9:
fe:12:c9:a4:62:80:26:b5:22:ce:a0:30:58:ef:48:
39:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:11:D0:53:11:17:33:76:9C:67:F3:11:8D:B1:FE:5B:FF:20:27:FF
X509v3 Authority Key Identifier:
keyid:66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/nxHQUxEXM3acZ_MRjbH-W_8gJ_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/Zn03fdTIMMJGy0ipNGmWmeSzd0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6847::/32
Signature Algorithm: sha256WithRSAEncryption
4d:0a:1c:e1:4d:42:1d:a2:98:fe:0d:fe:fa:57:73:ae:f7:0c:
06:02:4f:32:ba:43:28:99:04:b6:a4:53:33:b5:ad:90:1f:57:
df:72:23:2a:36:92:92:c1:99:4d:c0:0a:0b:75:71:32:cd:63:
f8:3a:01:b7:63:20:3f:33:eb:01:74:ea:ff:ac:c6:f2:48:45:
2f:03:e0:b4:99:49:6a:90:1c:20:77:aa:fc:5d:52:b1:f5:26:
0d:f9:93:8e:e0:61:89:74:11:ae:05:30:a1:79:93:d9:da:c9:
a7:a0:db:cf:96:a7:c6:34:ac:0b:00:f4:ac:85:a2:58:8f:0c:
fe:b8:f7:63:91:f4:53:c1:87:f3:a6:ab:c0:3b:10:4e:3d:c5:
64:9b:25:03:07:c6:0f:b2:df:bb:0d:26:3b:61:5a:54:2b:55:
6e:62:75:c9:4c:e5:9a:4a:ca:c3:ad:25:37:5b:f0:a7:83:45:
a0:21:1d:ad:89:b9:98:17:99:75:be:f3:8c:ff:4a:3f:81:bb:
c3:cc:91:0a:f6:52:01:6b:d2:06:b8:df:ab:c4:6c:ff:9f:55:
ff:82:45:6b:60:ec:24:f0:b2:71:fe:6e:90:4c:bd:08:ea:ce:
71:31:1e:ab:22:7e:b8:b7:87:4b:3e:38:f0:ea:eb:50:fe:29:
1c:7e:f6:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYptQ35e46b5elWK0P7emN3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2QzNzdkZDRjODMwYzI0NmNiNDhhOTM0Njk5Njk5ZTRi
Mzc3NDEwHhcNMjMwOTA3MDEzMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjExZDA1MzExMTczMzc2OWM2N2YzMTE4ZGIxZmU1YmZmMjAyN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVsxzVcUhA4n0QHcNi/3/f6bqYUF
F7nTWjOhrrSXvgYL6/OLbNfkldtDEttTgwh2tD9OBiSmVdjnxRU684wKpVXCIE5u
mCXD9+FQHqR9wYbVIKNT1ivHyyUqlBaDu8YmcXPSAaxyVqB6ObLcHNqMnVSJ1nSY
E2n+N5LWg+CAXFn44JEX0r4J82tWwOmBtavtbgMJT8Y9hK2BHWgrPNSZF3zM2lHh
5eLxFmk72WSv3DlmqAPcNBMYKSrJf7pGfsTaXVFMmNAYCmxglLZFqZ4T9TsNc9gw
v5XaPRSTpbOUKf+w6r2iuamTZZnFYwnSmKn+EsmkYoAmtSLOoDBY70g5BQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ8R0FMRFzN2nGfzEY2x/lv/ICf/MB8GA1UdIwQY
MBaAFGZ9N33UyDDCRstIqTRplpnks3dBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEt
MTIxZmY0NjAxOGYzLzEvbnhIUVV4RVhNM2FjWl9NUmpiSC1XXzhnSl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEtMTIxZmY0NjAxOGYz
LzEvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgloRzAN
BgkqhkiG9w0BAQsFAAOCAQEATQoc4U1CHaKY/g3++ldzrvcMBgJPMrpDKJkEtqRT
M7WtkB9X33IjKjaSksGZTcAKC3VxMs1j+DoBt2MgPzPrAXTq/6zG8khFLwPgtJlJ
apAcIHeq/F1SsfUmDfmTjuBhiXQRrgUwoXmT2drJp6Dbz5anxjSsCwD0rIWiWI8M
/rj3Y5H0U8GH86arwDsQTj3FZJslAwfGD7Lfuw0mO2FaVCtVbmJ1yUzlmkrKw60l
N1vwp4NFoCEdrYm5mBeZdb7zjP9KP4G7w8yRCvZSAWvSBrjfq8Rs/59V/4JFa2Ds
JPCycf5ukEy9COrOcTEeqyJ+uLeHSz448OrrUP4pHH72ww==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:33 2025 by rpki-client