Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/O-NzxOoofZYuX5bYN9hZJ4skJPQ.roa
File: O-NzxOoofZYuX5bYN9hZJ4skJPQ.roa (raw, json)
Hash identifier: U5rcpzF9N4b47gRwET8kYUKopzQov4RKy3pjyLlNS+Q=
Subject key identifier: 3B:E3:73:C4:EA:28:7D:96:2E:5F:96:D8:37:D8:59:27:8B:24:24:F4
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018B0D431BEDF088AD5505DE29547342BC7B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/O-NzxOoofZYuX5bYN9hZJ4skJPQ.roa
Signing time: Sun 08 Oct 2023 03:09:43 +0000
ROA not before: Sun 08 Oct 2023 03:09:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3175
IP address blocks: 2a11:4b41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0d:43:1b:ed:f0:88:ad:55:05:de:29:54:73:42:bc:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 8 03:09:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be373c4ea287d962e5f96d837d859278b2424f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:b2:c5:2c:d9:d3:ba:0d:97:79:a1:e8:91:
9b:a8:6b:bb:ca:6e:df:89:56:c8:64:4e:4e:0c:34:
9e:0d:d1:0a:46:52:52:89:05:12:74:ff:54:40:3b:
9c:4b:09:38:38:fc:f5:cc:e6:54:49:3b:cc:d6:ab:
a1:f8:9b:c0:83:46:a6:c8:d0:20:71:dc:b8:4e:23:
4d:68:4c:a2:7c:1f:34:d8:aa:c6:2c:51:71:fd:a5:
ff:22:b4:4c:97:af:99:34:87:18:f5:e6:4d:e8:96:
ad:a9:73:c6:99:22:32:78:59:3a:97:0d:29:d4:ce:
34:31:b5:66:49:39:10:34:b7:1f:02:61:8d:e9:cc:
7d:90:2d:ef:22:fb:76:68:84:b6:bb:a4:bf:1c:fe:
dc:78:87:56:13:a3:22:9c:59:a5:92:17:ff:63:fe:
59:98:72:8a:ef:e1:cb:96:5e:7b:58:e8:87:d8:2d:
d8:4a:f5:0d:72:92:37:8c:cc:b2:89:0e:52:24:14:
57:5c:7d:ae:2c:c7:00:dd:fd:9f:be:05:69:59:fe:
b2:bc:5b:73:4e:f3:6e:16:5b:31:c4:da:06:2f:ef:
77:b5:c5:36:4f:65:62:83:f3:19:0c:32:38:af:ce:
9f:64:06:23:bc:99:35:57:71:ce:10:9e:cb:7f:4d:
c4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E3:73:C4:EA:28:7D:96:2E:5F:96:D8:37:D8:59:27:8B:24:24:F4
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/O-NzxOoofZYuX5bYN9hZJ4skJPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b41::/32
Signature Algorithm: sha256WithRSAEncryption
98:38:c6:94:14:24:cb:13:35:90:be:27:a9:9a:dc:7e:f1:26:
ba:b4:f0:a2:1c:0a:1d:ab:81:18:de:76:c5:bb:1e:e7:4f:30:
1c:d8:6f:39:6a:42:04:cc:85:32:ea:c4:eb:c3:29:25:52:8c:
c3:0e:78:1a:da:09:d8:13:5f:ef:63:15:76:ce:ea:ce:4b:2d:
ee:1f:fe:bc:48:b2:1f:5a:c2:cb:11:e6:dd:9a:08:e5:51:b7:
08:7d:0d:0e:22:15:6e:0c:25:85:cd:ef:c1:41:71:8d:9e:98:
2f:a1:e7:c1:d3:87:b8:6f:88:82:56:b7:6e:bb:8b:55:9f:a6:
cf:d6:0b:21:12:4f:f7:f1:4f:6c:8c:0d:9c:8a:62:8e:8a:14:
d2:71:a6:bf:22:b8:49:a7:62:71:d4:0e:85:18:e4:22:05:37:
28:2b:16:0d:5b:4a:c2:38:90:9f:6b:f2:94:ff:54:e7:3f:1f:
25:f1:59:f9:99:ed:d7:4b:bf:97:a3:d9:bf:06:54:d4:3f:46:
0b:f0:44:66:f8:ed:72:c8:f8:f3:b0:14:18:e6:56:3d:c8:44:
b0:49:dc:fd:68:f6:74:91:43:d0:ed:e6:8f:71:4b:09:14:55:
b3:5e:ae:a2:f6:30:9d:ac:97:44:c2:19:69:67:cb:7e:85:ff:
54:1a:6f:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsNQxvt8IitVQXeKVRzQrx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMDA4MDMwOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmUzNzNjNGVhMjg3ZDk2MmU1Zjk2ZDgzN2Q4NTkyNzhiMjQyNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbKyxSzZ07oNl3mh6JGbqGu7ym7f
iVbIZE5ODDSeDdEKRlJSiQUSdP9UQDucSwk4OPz1zOZUSTvM1quh+JvAg0amyNAg
cdy4TiNNaEyifB802KrGLFFx/aX/IrRMl6+ZNIcY9eZN6JatqXPGmSIyeFk6lw0p
1M40MbVmSTkQNLcfAmGN6cx9kC3vIvt2aIS2u6S/HP7ceIdWE6MinFmlkhf/Y/5Z
mHKK7+HLll57WOiH2C3YSvUNcpI3jMyyiQ5SJBRXXH2uLMcA3f2fvgVpWf6yvFtz
TvNuFlsxxNoGL+93tcU2T2Vig/MZDDI4r86fZAYjvJk1V3HOEJ7Lf03EMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDvjc8TqKH2WLl+W2DfYWSeLJCT0MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTy1OenhPb29mWll1WDViWU45aFpKNHNrSlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFLQTAN
BgkqhkiG9w0BAQsFAAOCAQEAmDjGlBQkyxM1kL4nqZrcfvEmurTwohwKHauBGN52
xbse508wHNhvOWpCBMyFMurE68MpJVKMww54GtoJ2BNf72MVds7qzkst7h/+vEiy
H1rCyxHm3ZoI5VG3CH0NDiIVbgwlhc3vwUFxjZ6YL6HnwdOHuG+Igla3bruLVZ+m
z9YLIRJP9/FPbIwNnIpijooU0nGmvyK4SadicdQOhRjkIgU3KCsWDVtKwjiQn2vy
lP9U5z8fJfFZ+Znt10u/l6PZvwZU1D9GC/BEZvjtcsj487AUGOZWPchEsEnc/Wj2
dJFD0O3mj3FLCRRVs16uovYwnayXRMIZaWfLfoX/VBpv4g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:15 2025 by rpki-client