Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/NDf6C-n9hj5XkEQRuEy9L1uke3M.roa
File: NDf6C-n9hj5XkEQRuEy9L1uke3M.roa (raw, json)
Hash identifier: p+5pKVzb3KvAmzHYf1yHSawA74dfG4MaajQj3nTmHRo=
Subject key identifier: 34:37:FA:0B:E9:FD:86:3E:57:90:44:11:B8:4C:BD:2F:5B:A4:7B:73
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF21F3363F50B33BF4484D8F91841
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/NDf6C-n9hj5XkEQRuEy9L1uke3M.roa
Signing time: Sun 01 Jan 2023 18:55:02 +0000
ROA not before: Sun 01 Jan 2023 18:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 2a12:a340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f2:1f:33:63:f5:0b:33:bf:44:84:d8:f9:18:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3437fa0be9fd863e57904411b84cbd2f5ba47b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7b:07:41:85:a8:25:95:17:3c:47:13:dc:1c:
97:f5:bc:33:15:38:7d:27:c0:eb:f0:5f:a7:56:dd:
9a:02:35:5e:04:fb:0c:b6:51:11:17:b1:6d:de:82:
7c:eb:b8:e5:52:90:9f:cc:94:2e:19:47:12:7b:80:
12:f2:ae:ac:1f:89:9d:bd:7b:a2:de:0d:d9:8c:96:
49:7b:d5:e6:78:4d:ea:82:6c:bf:4f:bb:93:7e:f8:
9b:b9:f7:66:05:6f:48:34:11:3d:35:1e:8e:9c:b6:
ec:05:89:c1:b0:8e:ce:31:08:d7:ac:9e:74:69:64:
cb:62:01:1e:6b:fa:52:9f:b2:d2:67:47:a1:80:10:
b2:64:3e:60:71:ee:03:01:59:06:60:0a:ff:2b:e1:
77:57:cd:07:48:96:c8:80:e7:28:0b:df:2e:c6:56:
24:3a:f5:f4:9d:8c:a0:bc:d1:a2:97:c4:ce:02:e8:
8a:d3:98:2c:7f:37:08:e2:c1:be:b8:b4:1b:fe:6b:
18:cc:d4:d5:7d:5f:bd:8c:1b:fd:0f:a7:e9:e3:9f:
5a:2b:e3:8d:7c:d9:98:2b:75:06:d6:d2:23:18:03:
a0:2a:89:18:dd:08:17:b7:76:cf:e0:e0:0e:7d:f5:
72:a4:d2:e8:f5:5d:59:62:a4:99:3b:7a:ac:d5:80:
34:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:37:FA:0B:E9:FD:86:3E:57:90:44:11:B8:4C:BD:2F:5B:A4:7B:73
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/NDf6C-n9hj5XkEQRuEy9L1uke3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a340::/32
Signature Algorithm: sha256WithRSAEncryption
0f:a6:60:49:67:3a:35:49:36:95:5b:49:8d:3f:69:51:a3:c8:
6f:c3:1c:d7:56:d5:71:a2:d0:e8:c4:5f:66:76:92:c2:18:5b:
35:9f:b8:51:09:87:47:ed:a7:8e:10:68:86:53:04:4e:5c:3b:
b1:fd:a5:3d:1a:2f:bb:67:2f:e2:21:23:77:22:31:68:9a:03:
b7:b3:6a:85:4b:ac:80:69:0d:06:e3:3c:d3:36:2d:0d:b9:5d:
dd:4c:13:70:67:75:02:56:58:84:e3:6c:26:bf:86:9b:ba:a7:
7e:e2:8c:6b:d5:a6:e4:56:31:da:90:92:cc:6f:36:f8:17:d4:
bc:d3:b7:80:f6:5e:c6:6b:c4:60:32:7a:21:82:d8:b8:1a:77:
6a:0b:67:a0:a2:81:d7:89:19:df:7b:9e:dc:0f:06:0a:c0:33:
fc:d0:aa:ab:f8:69:b4:14:cb:35:dd:fa:91:70:43:27:1b:4f:
1b:c7:ad:42:1d:c8:f3:57:ba:7a:ff:e5:03:ee:30:9b:01:53:
82:df:37:74:09:8b:e0:7f:b7:13:8b:18:c4:7e:35:82:98:ed:
28:ee:5f:af:c3:7f:13:43:b6:59:04:55:5f:86:6e:94:1b:f0:
21:d8:d2:51:13:dc:b7:99:6e:c8:07:a8:48:23:d7:e9:1b:4d:
9e:13:89:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVur/IfM2P1CzO/RITY+RhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDM3ZmEwYmU5ZmQ4NjNlNTc5MDQ0MTFiODRjYmQyZjViYTQ3YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3sHQYWoJZUXPEcT3ByX9bwzFTh9
J8Dr8F+nVt2aAjVeBPsMtlERF7Ft3oJ867jlUpCfzJQuGUcSe4AS8q6sH4mdvXui
3g3ZjJZJe9XmeE3qgmy/T7uTfvibufdmBW9INBE9NR6OnLbsBYnBsI7OMQjXrJ50
aWTLYgEea/pSn7LSZ0ehgBCyZD5gce4DAVkGYAr/K+F3V80HSJbIgOcoC98uxlYk
OvX0nYygvNGil8TOAuiK05gsfzcI4sG+uLQb/msYzNTVfV+9jBv9D6fp459aK+ON
fNmYK3UG1tIjGAOgKokY3QgXt3bP4OAOffVypNLo9V1ZYqSZO3qs1YA01wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDQ3+gvp/YY+V5BEEbhMvS9bpHtzMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTkRmNkMtbjloajVYa0VRUnVFeTlMMXVrZTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAD6ZgSWc6NUk2lVtJjT9pUaPIb8Mc11bVcaLQ6MRf
ZnaSwhhbNZ+4UQmHR+2njhBohlMETlw7sf2lPRovu2cv4iEjdyIxaJoDt7NqhUus
gGkNBuM80zYtDbld3UwTcGd1AlZYhONsJr+Gm7qnfuKMa9Wm5FYx2pCSzG82+BfU
vNO3gPZexmvEYDJ6IYLYuBp3agtnoKKB14kZ33ue3A8GCsAz/NCqq/hptBTLNd36
kXBDJxtPG8etQh3I81e6ev/lA+4wmwFTgt83dAmL4H+3E4sYxH41gpjtKO5fr8N/
E0O2WQRVX4ZulBvwIdjSURPct5luyAeoSCPX6RtNnhOJdQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:27 2025 by rpki-client