Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/NdQSHvSOyWKtq6ZGLpx6SD8qOqM.roa
File: NdQSHvSOyWKtq6ZGLpx6SD8qOqM.roa (raw, json)
Hash identifier: 8NuB6h1ihA1mVFVWWb5xWJD6ENsT8IcUeK7FUBfwHv4=
Subject key identifier: 35:D4:12:1E:F4:8E:C9:62:AD:AB:A6:46:2E:9C:7A:48:3F:2A:3A:A3
Certificate issuer: /CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Certificate serial: 018694C41B332AF006423EC84A716A4DF395
Authority key identifier: 52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/NdQSHvSOyWKtq6ZGLpx6SD8qOqM.roa
Signing time: Mon 27 Feb 2023 21:25:25 +0000
ROA not before: Mon 27 Feb 2023 21:25:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48886
IP address blocks: 45.91.69.0/24 maxlen: 24
45.91.68.0/24 maxlen: 24
45.91.68.0/22 maxlen: 22
194.69.16.0/24 maxlen: 24
194.69.16.0/20 maxlen: 20
194.69.20.0/22 maxlen: 22
194.69.18.0/24 maxlen: 24
194.69.30.0/24 maxlen: 24
194.69.31.0/24 maxlen: 24
194.69.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:c4:1b:33:2a:f0:06:42:3e:c8:4a:71:6a:4d:f3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Validity
Not Before: Feb 27 21:25:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35d4121ef48ec962adaba6462e9c7a483f2a3aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:91:3b:a2:9d:b6:24:31:cf:f0:67:68:09:cb:
ca:78:e2:89:2a:53:d4:8d:23:e6:5b:29:e8:3d:8c:
78:e3:c1:5a:a1:a3:44:fc:83:45:46:09:24:0b:3d:
ca:3d:70:e9:f6:03:e7:df:0f:d3:db:73:7e:04:ee:
f6:d7:38:f3:f9:b8:d3:dd:40:fb:73:f7:34:96:37:
20:ad:71:8b:70:ce:d7:65:b2:f6:bb:65:ae:58:e3:
d1:d4:18:e5:41:db:8f:a7:59:c8:6a:0c:d7:55:88:
6d:31:57:69:e0:c5:2f:03:04:ab:ad:c7:67:32:b7:
93:94:fa:2c:0e:e3:5c:3b:2f:5e:a7:3e:07:ba:0b:
08:23:ed:43:36:b6:88:2b:55:8f:6f:c3:ca:0b:7c:
f4:39:15:97:e9:f7:c8:26:91:62:cf:f7:fd:3e:c6:
2f:af:87:dc:ec:b1:3b:3d:f5:a3:7e:e6:ae:0d:17:
41:f3:ab:dd:ec:42:81:53:f2:51:16:58:39:2c:ae:
4a:e3:44:bf:b0:88:be:8e:fd:7e:8e:6d:f4:c4:25:
31:6b:52:cb:7d:00:ae:17:73:a2:fd:91:00:34:ad:
91:c2:1e:2c:3b:c7:5a:df:8d:e5:f0:d2:19:02:d8:
4e:27:62:09:58:aa:8c:a6:e3:03:e9:1f:c2:eb:7f:
81:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D4:12:1E:F4:8E:C9:62:AD:AB:A6:46:2E:9C:7A:48:3F:2A:3A:A3
X509v3 Authority Key Identifier:
keyid:52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/NdQSHvSOyWKtq6ZGLpx6SD8qOqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UqqgphiMl6p0LMeG47cLyQnKxEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.68.0/22
194.69.16.0/20
Signature Algorithm: sha256WithRSAEncryption
80:25:41:4c:e4:61:a9:15:db:9b:a8:c3:1d:82:35:4a:b6:4f:
09:17:68:0e:6c:53:7b:df:2a:31:1d:40:f6:64:fe:9f:86:fc:
14:06:cf:3e:25:4f:ff:08:3a:be:61:82:79:89:d0:86:ef:89:
d7:2d:4a:2d:92:a5:d6:69:90:68:a0:90:57:94:d7:aa:35:1c:
4b:bb:a0:6b:6f:ad:d4:f7:b5:f6:3a:4d:d1:be:b6:f2:9b:69:
64:50:a1:9d:01:a6:a3:a1:b2:3a:7d:c3:c5:49:58:55:93:f8:
c8:d6:5b:53:89:d6:31:7c:75:2b:cf:81:61:4c:5c:cb:86:56:
e4:36:02:50:db:43:df:57:4f:ca:35:88:9c:9b:54:2b:63:c1:
f4:83:2c:cb:13:c7:95:e4:93:fd:6a:b9:39:dd:8e:cc:e0:fa:
db:b3:3b:0d:8f:e7:e7:4c:ed:58:dd:53:f1:4a:11:b3:81:0f:
46:70:c8:5a:9f:85:a7:89:8f:77:ad:4b:d4:64:62:90:c2:e7:
39:01:a0:84:9e:65:70:d7:83:3a:c3:fd:18:cf:de:61:e8:e6:
47:b8:94:84:3b:df:f7:74:66:58:70:1b:96:a5:c5:86:b9:dc:
f0:7a:e0:a0:8f:91:f8:79:3b:d8:15:f4:51:d1:f4:f3:9f:b3:
ac:23:f5:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaUxBszKvAGQj7ISnFqTfOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYWFhMGE2MTg4Yzk3YWE3NDJjYzc4NmUzYjcwYmM5MDlj
YWM0NGMwHhcNMjMwMjI3MjEyNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ0MTIxZWY0OGVjOTYyYWRhYmE2NDYyZTljN2E0ODNmMmEzYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5E7op22JDHP8GdoCcvKeOKJKlPU
jSPmWynoPYx448FaoaNE/INFRgkkCz3KPXDp9gPn3w/T23N+BO721zjz+bjT3UD7
c/c0ljcgrXGLcM7XZbL2u2WuWOPR1BjlQduPp1nIagzXVYhtMVdp4MUvAwSrrcdn
MreTlPosDuNcOy9epz4HugsII+1DNraIK1WPb8PKC3z0ORWX6ffIJpFiz/f9PsYv
r4fc7LE7PfWjfuauDRdB86vd7EKBU/JRFlg5LK5K40S/sIi+jv1+jm30xCUxa1LL
fQCuF3Oi/ZEANK2Rwh4sO8da343l8NIZAthOJ2IJWKqMpuMD6R/C63+BPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDXUEh70jsliraumRi6cekg/KjqjMB8GA1UdIwQY
MBaAFFKqoKYYjJeqdCzHhuO3C8kJysRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMt
NDZhODgwNDI1Nzk5LzEvTmRRU0h2U095V0t0cTZaR0xweDZTRDhxT3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMtNDZhODgwNDI1Nzk5
LzEvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVtEAwQE
wkUQMA0GCSqGSIb3DQEBCwUAA4IBAQCAJUFM5GGpFdubqMMdgjVKtk8JF2gObFN7
3yoxHUD2ZP6fhvwUBs8+JU//CDq+YYJ5idCG74nXLUotkqXWaZBooJBXlNeqNRxL
u6Brb63U97X2Ok3Rvrbym2lkUKGdAaajobI6fcPFSVhVk/jI1ltTidYxfHUrz4Fh
TFzLhlbkNgJQ20PfV0/KNYicm1QrY8H0gyzLE8eV5JP9ark53Y7M4PrbszsNj+fn
TO1Y3VPxShGzgQ9GcMhan4WniY93rUvUZGKQwuc5AaCEnmVw14M6w/0Yz95h6OZH
uJSEO9/3dGZYcBuWpcWGudzweuCgj5H4eTvYFfRR0fTzn7OsI/UV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:17 2025 by rpki-client