Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Nd0J81rUropkTfBxEmIRvFTd3EA.roa
File: Nd0J81rUropkTfBxEmIRvFTd3EA.roa (raw, json)
Hash identifier: QCuBptYKeVW4tfazCHcEnT7Dvd8N7bWMDYiad3jlDT8=
Subject key identifier: 35:DD:09:F3:5A:D4:AE:8A:64:4D:F0:71:12:62:11:BC:54:DD:DC:40
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183141B037485E5ED8F2A5114456E491FCE
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Nd0J81rUropkTfBxEmIRvFTd3EA.roa
Signing time: Tue 06 Sep 2022 18:40:58 +0000
ROA not before: Tue 06 Sep 2022 18:40:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46475
IP address blocks: 2a11:840:35::/48 maxlen: 48
2a11:840:38::/48 maxlen: 48
2a11:840:36::/48 maxlen: 48
2a11:840:39::/48 maxlen: 48
2a11:840:34::/48 maxlen: 48
2a11:840:37::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:14:1b:03:74:85:e5:ed:8f:2a:51:14:45:6e:49:1f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 6 18:40:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35dd09f35ad4ae8a644df071126211bc54dddc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bd:00:ec:7b:2d:cf:d6:91:8b:87:bd:f8:95:
33:e2:ea:1d:63:a2:07:cf:b0:24:ee:cb:b3:4c:67:
0d:46:68:0d:87:b4:7b:51:88:4f:f2:78:7d:45:dc:
95:37:aa:f7:f5:8c:f4:f4:9d:15:94:aa:70:16:a1:
d9:c3:1e:0d:d4:76:2a:2e:fe:36:f5:8a:83:e9:0c:
41:38:06:8d:85:8a:65:06:a9:ad:30:e2:58:5b:ae:
3f:b3:ba:25:19:2b:75:09:73:91:08:14:cc:7b:e6:
67:69:24:e3:ca:f5:58:78:df:9a:7a:3e:ce:0f:c4:
c8:2e:b2:73:2d:ca:75:f5:54:fc:31:eb:f9:95:63:
1e:51:9b:54:3c:ee:f3:50:d7:ce:06:11:48:b8:14:
19:ed:f3:f1:e4:f7:d7:50:7f:48:85:2f:cc:e0:55:
7e:ae:e1:24:84:12:00:ed:8b:32:c2:ce:37:5b:d3:
7c:85:df:6b:7d:03:13:8b:32:df:f9:0a:b6:64:e9:
3f:eb:9c:1e:cc:c6:27:66:37:70:60:4f:55:ea:76:
f6:c2:01:54:8d:3d:c3:24:5e:31:5d:96:91:83:39:
e2:3a:1c:26:90:93:a8:39:80:32:9a:fc:63:98:a7:
a5:76:05:34:d2:77:f6:d5:a9:96:35:67:e1:0a:3a:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DD:09:F3:5A:D4:AE:8A:64:4D:F0:71:12:62:11:BC:54:DD:DC:40
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Nd0J81rUropkTfBxEmIRvFTd3EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:34::-2a11:840:39:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:24:22:33:7d:08:4b:ce:b9:21:e3:ba:29:92:4d:5f:3d:5c:
26:13:25:36:6d:4f:3c:f7:e8:b3:53:e5:32:c5:30:32:40:7c:
fd:8f:71:f1:34:40:1b:01:c0:68:91:cd:9b:41:8b:d6:8f:b4:
8b:40:4a:ab:c6:a9:58:81:59:b2:4f:40:da:1c:ab:09:88:3a:
e8:11:99:dd:8e:e6:2c:04:2d:6a:fd:a6:cf:0a:a4:55:46:3b:
c4:70:ce:2b:f7:5b:4e:7f:77:40:2b:e1:71:da:1c:3a:fa:82:
58:14:be:79:e5:83:eb:a7:1d:00:61:6f:b2:bc:82:02:b4:e9:
26:6d:49:65:a0:a3:27:e4:3d:4f:6c:5b:64:fa:46:09:1c:2e:
5d:0c:99:83:4e:2b:3d:22:d0:af:3e:21:5d:ac:0f:68:55:f5:
9a:cb:aa:4e:30:2c:88:f9:3e:6d:f5:02:e8:3a:cf:b6:8e:bf:
76:09:1a:03:90:06:8a:68:32:97:e9:77:a7:9b:1f:4f:92:0e:
9b:d9:8d:a6:55:13:ac:7d:f9:0a:5d:30:02:96:d4:e6:12:e5:
a0:ec:8d:3a:6d:a2:e9:da:0e:89:c0:d1:fa:c3:0a:94:5c:ec:
81:d3:c5:0a:18:6b:26:b5:08:34:82:03:8e:ca:43:bb:51:d4:
49:22:92:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYMUGwN0heXtjypRFEVuSR/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA2MTg0MDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRkMDlmMzVhZDRhZThhNjQ0ZGYwNzExMjYyMTFiYzU0ZGRkYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL0A7Hstz9aRi4e9+JUz4uodY6IH
z7Ak7suzTGcNRmgNh7R7UYhP8nh9RdyVN6r39Yz09J0VlKpwFqHZwx4N1HYqLv42
9YqD6QxBOAaNhYplBqmtMOJYW64/s7olGSt1CXORCBTMe+ZnaSTjyvVYeN+aej7O
D8TILrJzLcp19VT8Mev5lWMeUZtUPO7zUNfOBhFIuBQZ7fPx5PfXUH9IhS/M4FV+
ruEkhBIA7Ysyws43W9N8hd9rfQMTizLf+Qq2ZOk/65wezMYnZjdwYE9V6nb2wgFU
jT3DJF4xXZaRgzniOhwmkJOoOYAymvxjmKeldgU00nf21amWNWfhCjof7QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDXdCfNa1K6KZE3wcRJiEbxU3dxAMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTmQwSjgxclVyb3BrVGZCeEVtSVJ2RlRkM0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwIqEQhA
ADQDBwEqEQhAADgwDQYJKoZIhvcNAQELBQADggEBAHYkIjN9CEvOuSHjuimSTV89
XCYTJTZtTzz36LNT5TLFMDJAfP2PcfE0QBsBwGiRzZtBi9aPtItASqvGqViBWbJP
QNocqwmIOugRmd2O5iwELWr9ps8KpFVGO8Rwziv3W05/d0Ar4XHaHDr6glgUvnnl
g+unHQBhb7K8ggK06SZtSWWgoyfkPU9sW2T6RgkcLl0MmYNOKz0i0K8+IV2sD2hV
9ZrLqk4wLIj5Pm31Aug6z7aOv3YJGgOQBopoMpfpd6ebH0+SDpvZjaZVE6x9+Qpd
MAKW1OYS5aDsjTptounaDonA0frDCpRc7IHTxQoYaya1CDSCA47KQ7tR1EkikrI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org