Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NdMxP2-HLlnosb2F0RzKGIoXLh4.roa
File: NdMxP2-HLlnosb2F0RzKGIoXLh4.roa (raw, json)
Hash identifier: bEVfavr0P0VLPSELXt+IOddJGAPbMBdNwuk+99ds6I0=
Subject key identifier: 35:D3:31:3F:6F:87:2E:59:E8:B1:BD:85:D1:1C:CA:18:8A:17:2E:1E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018405813768F32F22CE86BB5A4A91B7196B
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NdMxP2-HLlnosb2F0RzKGIoXLh4.roa
Signing time: Sun 23 Oct 2022 15:41:05 +0000
ROA not before: Sun 23 Oct 2022 15:41:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212335
IP address blocks: 45.11.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:05:81:37:68:f3:2f:22:ce:86:bb:5a:4a:91:b7:19:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Oct 23 15:41:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35d3313f6f872e59e8b1bd85d11cca188a172e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:29:6c:f3:67:41:a1:1d:38:64:1f:76:e1:03:
0f:1d:2b:35:10:ed:b7:29:8a:8e:84:3e:bb:ec:8d:
9f:fd:88:3e:dc:d5:08:4e:91:ec:b5:0a:b7:4a:ff:
51:df:fa:65:bf:14:a4:3b:50:ff:73:72:86:dc:b3:
a6:64:6f:e6:a7:38:c3:23:21:4e:23:18:a9:ea:0c:
3d:c1:d2:03:83:d0:bf:bf:4f:95:b6:98:39:03:4f:
de:fd:88:e7:b7:69:a8:f4:ab:d7:ed:6b:7d:8f:88:
1f:db:2e:dd:0d:b0:06:e4:f8:c8:40:e6:70:01:5e:
91:49:12:dd:dc:01:8a:e3:ed:e6:a3:ad:67:8e:a5:
20:ac:c5:ef:6c:32:5a:01:29:06:d4:2d:e5:28:bb:
37:8d:63:e8:7c:e3:37:e4:63:37:6f:c8:37:22:31:
9d:42:2f:a2:de:35:2a:d2:d3:88:bd:94:9a:b2:68:
d5:27:6a:30:c5:c7:bf:15:a0:5e:e7:45:71:44:18:
9f:c6:35:d8:4d:d7:66:ca:ad:9b:3b:9c:c1:01:17:
03:c2:ab:6e:e2:e5:aa:68:52:aa:16:44:38:24:5a:
a4:23:b9:25:cd:87:c2:70:2e:7f:ad:03:90:cd:9f:
3c:65:81:51:71:4d:e0:86:42:38:34:23:25:95:ae:
84:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D3:31:3F:6F:87:2E:59:E8:B1:BD:85:D1:1C:CA:18:8A:17:2E:1E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NdMxP2-HLlnosb2F0RzKGIoXLh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5e:d7:78:7b:ac:20:67:13:14:75:7d:45:62:1a:62:7a:ac:
fa:5f:89:ce:76:33:4b:5a:2d:be:50:01:27:87:2a:36:54:50:
30:3e:bb:d9:e7:e0:d7:08:2c:a9:68:ce:6f:1e:86:79:28:14:
88:9d:18:95:49:ad:12:36:17:74:6d:3d:47:10:92:f7:e0:84:
78:fc:8d:92:c1:3b:ee:9a:5c:eb:a4:17:ce:b3:58:52:53:0d:
5d:a0:ad:07:c6:07:3f:7f:6e:58:c5:33:26:c6:fc:09:f9:1d:
66:6b:f6:6f:85:db:7a:52:81:d9:05:26:1a:c8:2e:fb:a5:60:
71:f7:06:ee:03:3b:44:fb:a7:ea:88:12:82:59:dd:1b:b5:f3:
9c:aa:49:aa:d8:8b:8b:16:32:37:57:39:48:3a:cd:50:10:73:
0d:32:ef:1e:ac:79:b4:ab:0a:0c:79:b2:1b:4f:24:f2:e6:56:
58:0f:bc:be:33:a5:eb:c9:24:e5:fc:ab:1c:60:ea:27:4d:b2:
b7:38:77:21:43:7f:c7:66:73:c4:29:bf:60:81:c0:9b:59:5d:
da:b8:86:a0:a6:42:29:3b:c1:ed:92:0c:04:22:19:1f:f2:0a:
4f:83:33:8f:78:2a:b9:5b:e7:7a:6b:87:98:d9:71:5e:33:30:
d8:7a:d8:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQFgTdo8y8izoa7WkqRtxlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIxMDIzMTU0MTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQzMzEzZjZmODcyZTU5ZThiMWJkODVkMTFjY2ExODhhMTcyZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCls82dBoR04ZB924QMPHSs1EO23
KYqOhD677I2f/Yg+3NUITpHstQq3Sv9R3/plvxSkO1D/c3KG3LOmZG/mpzjDIyFO
Ixip6gw9wdIDg9C/v0+Vtpg5A0/e/Yjnt2mo9KvX7Wt9j4gf2y7dDbAG5PjIQOZw
AV6RSRLd3AGK4+3mo61njqUgrMXvbDJaASkG1C3lKLs3jWPofOM35GM3b8g3IjGd
Qi+i3jUq0tOIvZSasmjVJ2owxce/FaBe50VxRBifxjXYTddmyq2bO5zBARcDwqtu
4uWqaFKqFkQ4JFqkI7klzYfCcC5/rQOQzZ88ZYFRcU3ghkI4NCMlla6E3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXTMT9vhy5Z6LG9hdEcyhiKFy4eMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTmRNeFAyLUhMbG5vc2IyRjBSektHSW9YTGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu8MA0G
CSqGSIb3DQEBCwUAA4IBAQC2Xtd4e6wgZxMUdX1FYhpieqz6X4nOdjNLWi2+UAEn
hyo2VFAwPrvZ5+DXCCypaM5vHoZ5KBSInRiVSa0SNhd0bT1HEJL34IR4/I2SwTvu
mlzrpBfOs1hSUw1doK0Hxgc/f25YxTMmxvwJ+R1ma/Zvhdt6UoHZBSYayC77pWBx
9wbuAztE+6fqiBKCWd0btfOcqkmq2IuLFjI3VzlIOs1QEHMNMu8erHm0qwoMebIb
TyTy5lZYD7y+M6XrySTl/KscYOonTbK3OHchQ3/HZnPEKb9ggcCbWV3auIagpkIp
O8HtkgwEIhkf8gpPgzOPeCq5W+d6a4eY2XFeMzDYeth6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org