Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/ndfLpsBoABF4nE9yMiLgCtChDDU.roa
File: ndfLpsBoABF4nE9yMiLgCtChDDU.roa (raw, json)
Hash identifier: GbEblsb7eOBSy3jyn5vv42IsoytnC0hWfLHnhvw7k1w=
Subject key identifier: 9D:D7:CB:A6:C0:68:00:11:78:9C:4F:72:32:22:E0:0A:D0:A1:0C:35
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 01856B40D989E1581E32D7A9366C36AF76EC
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/ndfLpsBoABF4nE9yMiLgCtChDDU.roa
Signing time: Sun 01 Jan 2023 02:54:50 +0000
ROA not before: Sun 01 Jan 2023 02:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39592
IP address blocks: 195.244.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:d9:89:e1:58:1e:32:d7:a9:36:6c:36:af:76:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 02:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd7cba6c0680011789c4f723222e00ad0a10c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:53:6f:54:b2:b1:23:46:6d:fb:ec:46:ce:24:
45:14:96:6a:ac:a4:e7:47:1c:07:7a:01:ee:d4:78:
3e:cc:86:08:de:cc:2a:f0:f5:de:61:39:65:cf:48:
2c:ef:50:bf:c4:cb:c8:28:17:41:8d:01:ce:48:8e:
0d:50:d3:3f:1f:2a:9a:d7:e2:35:c7:66:cc:14:e3:
3a:22:d9:12:af:ab:b2:4c:c6:f3:42:b6:79:4a:a4:
4a:d3:3b:fb:a1:31:2b:2a:67:63:6e:e5:fc:b3:46:
8c:3a:dc:31:64:b7:31:25:5e:86:6d:2b:44:7e:21:
47:8d:dc:0a:6d:8c:da:5c:f0:23:33:10:b4:15:ca:
fc:0d:9e:47:93:9d:db:0a:53:36:18:71:71:0d:a4:
4c:49:ea:99:68:17:40:8d:03:c2:d4:8e:dc:20:b4:
20:92:ea:e6:e6:9f:87:46:a9:f9:12:cc:3e:e5:68:
b1:7a:53:b3:25:bd:45:08:b6:25:0d:b8:10:57:9b:
9e:e6:fa:b3:39:c4:22:32:b7:4c:0a:d0:54:42:3d:
ce:4d:42:3a:4e:85:56:13:ba:8d:b2:0e:33:93:64:
84:90:ae:27:32:0e:cc:7a:3a:37:d6:d0:20:7d:5c:
e5:44:6a:fc:a1:4b:2b:d6:f7:bc:db:4c:1b:85:03:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D7:CB:A6:C0:68:00:11:78:9C:4F:72:32:22:E0:0A:D0:A1:0C:35
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/ndfLpsBoABF4nE9yMiLgCtChDDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.29.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:1f:23:4b:bd:1e:96:6c:53:02:e7:9b:5d:10:8b:7d:39:48:
b9:63:59:b3:62:c8:20:c6:ed:cd:0e:45:3c:70:c1:9f:fa:24:
e9:01:ae:89:0b:60:fc:01:c8:06:5d:48:b7:98:72:17:e7:55:
89:d7:c2:94:37:2d:2c:bb:93:b6:b2:a5:2e:58:a6:fb:2c:23:
54:73:de:30:f2:41:a9:15:c7:08:b2:75:84:d3:cd:9f:a4:3d:
72:9a:b9:55:9a:b9:16:61:7a:e5:38:ef:e0:59:65:95:36:39:
b2:db:44:00:a1:cc:24:2b:28:9a:07:c6:5a:2f:e4:24:39:28:
f4:81:72:65:37:70:5e:91:96:44:b3:1d:ca:20:bc:93:26:0a:
2c:6c:5d:23:e6:a4:57:f4:79:96:1a:c9:8f:ea:cb:82:a9:29:
30:b6:e6:1b:3e:95:9c:7c:34:b4:81:73:7a:08:ad:10:e6:34:
42:56:31:22:a1:7c:10:f9:e9:44:c3:f3:1a:bc:c7:5e:ab:b5:
61:10:88:1a:1a:0c:8e:bd:b0:35:e9:ee:f7:d0:fc:62:d9:77:
96:bd:dc:e9:d7:d8:6e:03:68:6e:15:38:94:96:ea:a0:88:82:
d9:9b:a2:88:87:bb:59:66:9c:12:b2:96:fa:b1:a4:1c:83:41:
d7:f3:9e:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrQNmJ4VgeMtepNmw2r3bsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjMwMTAxMDI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ3Y2JhNmMwNjgwMDExNzg5YzRmNzIzMjIyZTAwYWQwYTEwYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVNvVLKxI0Zt++xGziRFFJZqrKTn
RxwHegHu1Hg+zIYI3swq8PXeYTllz0gs71C/xMvIKBdBjQHOSI4NUNM/Hyqa1+I1
x2bMFOM6ItkSr6uyTMbzQrZ5SqRK0zv7oTErKmdjbuX8s0aMOtwxZLcxJV6GbStE
fiFHjdwKbYzaXPAjMxC0Fcr8DZ5Hk53bClM2GHFxDaRMSeqZaBdAjQPC1I7cILQg
kurm5p+HRqn5Esw+5WixelOzJb1FCLYlDbgQV5ue5vqzOcQiMrdMCtBUQj3OTUI6
ToVWE7qNsg4zk2SEkK4nMg7Mejo31tAgfVzlRGr8oUsr1ve820wbhQOHUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3Xy6bAaAAReJxPcjIi4ArQoQw1MB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvbmRmTHBzQm9BQkY0bkU5eU1pTGdDdENoRERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/QdMA0G
CSqGSIb3DQEBCwUAA4IBAQAPHyNLvR6WbFMC55tdEIt9OUi5Y1mzYsggxu3NDkU8
cMGf+iTpAa6JC2D8AcgGXUi3mHIX51WJ18KUNy0su5O2sqUuWKb7LCNUc94w8kGp
FccIsnWE082fpD1ymrlVmrkWYXrlOO/gWWWVNjmy20QAocwkKyiaB8ZaL+QkOSj0
gXJlN3BekZZEsx3KILyTJgosbF0j5qRX9HmWGsmP6suCqSkwtuYbPpWcfDS0gXN6
CK0Q5jRCVjEioXwQ+elEw/MavMdeq7VhEIgaGgyOvbA16e730Pxi2XeWvdzp19hu
A2huFTiUluqgiILZm6KIh7tZZpwSspb6saQcg0HX857S
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:14 2025 by rpki-client